Spoofing & Phishing: What to watch out for
Some scams are easy to spot, while others are designed to look exactly like someone you trust. That’s where spoofing and phishing come in and why a quick double-check can make all the difference.
What is spoofing?
Spoofing is when a scammer disguises an email, phone number, or website to look legitimate. It might appear to come from your boss, your credit union, or a company you recognize, but with a small change that’s easy to miss.
The goal is to earn your trust just long enough to get you to click a link, download something, or share sensitive information.
What is phishing?
Phishing is the follow-up. It’s the message that pushes you to act.
You might get an email or text asking you to “verify” your account or respond quickly to avoid a problem. The link often leads to a fake website that looks real, where scammers collect passwords, card numbers, or other sensitive details.
A few ways to stay safe
- Hang up and call the company directly using the number from their website
- Don’t click links or download attachments from unexpected messages
- Double-check email addresses, URLs, and spelling
- Contact companies directly using a number you trust
- Turn on multi-factor authentication whenever possible
We will never ask for
- Your online banking password
- A one-time code or PIN
- Your full debit or credit card number
If something feels off, trust that instinct. It’s worth the extra moment to check.
Learn more about this and other common scams by visiting our Fraud Center
