Phishing"Phishing" refers to fraudulent processes in which fraudsters attempt to obtain your personal information through electronic communications, such as emails, text messages, or instant messages. These messages appear to be from a trustworthy entity, such as a bank, insurance company, retailer, or regulatory agency. However, the messages are not legitimate. Fraudsters typically ask you to send your personal information to a website and then use that information to commit identity theft. (To learn more about identity theft, click here.)
Remember, Union Bank® does not request personal information by emails, text messaging, or instant messaging. Beware of any unsolicited emails that request personal information of any kind. Do not respond to any such emails, texts, instant messages, pop-ups, or links. Instead, report this to email@example.com.
The following tips will help you spot fraudulent messages:
- The sender's name is usually generic, such as "Customer Service Department," or is just the company's name, such as "XYZ Bank." The name of the company or content in the email may have misspellings or be written using poor grammar. The email address may contain additional letters.
- The email does not identify you specifically. Commonly, phishing emails are sent to millions of people, so they are typically addressed generically (e.g., “Account Holder”).
- The message title generally concerns an "urgent matter" that requires your immediate attention, such as "verifying" certain information to prevent the company from suspending or closing your account. Legitimate emails typically do not contain threats.
- The message may look professional and official, often displaying the look and feel of a website that you know. It may even contain graphics, logos, links or pop-up windows that have the appearance of legitimacy. Avoid clicking on links or attachments as they may install malicious software (malware) on your computer to obtain further information.
- The sender may ask for ATM or credit card numbers, personal identification numbers (PINs), sign-on IDs, and other personal information, such as your Social Security number, date of birth, or mother's maiden name—all of which thieves can use to take over an account or commit identity theft.
- The message may point you to a domain name that is spelled very closely to, or appears to be related to, the legitimate domain name.
- The email may contain incorrect content or information. For example, it may refer to a purchase that you have not made.