Security · November 19, 2020

Don't Be Fooled by a Phishing Email: 3 Tips to Avoid Identity Theft

You wouldn't give out your Social Security number if someone walked up to you on the street and asked for it. So when you open your inbox, think twice about responding to a potentially fraudulent email—one that could even contain a stolen company logo and appear to be legitimate but could ultimately lead to identity theft.

Phishing is an attempt by fraudsters to lure you into giving personal information that allows them to gain access to your financial information. Often times they create a sense of urgency to encourage you to respond immediately.


These scammers use fake emails, texts or even phone calls to get you to share valuable personal information, like account numbers, passwords, login IDs or Social Security numbers. They may tempt you to click on email attachments and web links that install viruses or other spyware on your computer. In some cases, the spyware allows them to watch your screen and record your keystrokes, including passwords. The scammer's goal is to steal your identity and your money.

Here are three tips to help you avoid falling victim to phishing scams.

1 Never give out your personal information

Avoid giving out Social Security numbers, financial account information and user passwords over the phone or email at all costs. Today's cyberthieves also target potential victims using text messages or through website pop-ups, so it's important to be on the lookout through these channels as well.

2 Avoid suspicious links or attachments

Some phishing emails or text messages will encourage you to take further action by clicking on a link or downloading an attachment. These links or attachments may contain viruses that will download to your computer and corrupt your data. Using a spam filter can help identify emails with suspicious links. Also, be wary of any email that doesn't generate from a company address matching the logo or text within the message. Generalized greetings such as "Dear Sir or Madame" are another sign of a potential phishing scheme.

When in doubt, it's better to be safe and avoid clicking any link in an email sent from an unfamiliar source.

3 Verify information requests

If you receive a suspicious phishing email, text or call, contact the company's customer service department directly. If you go to their website, be sure to type in their website address directly or do a search from your browser—don't click on the suspicious email or text. Companies that take data security seriously will typically have necessary procedures in place to avoid requesting personal information via email or text.

Stay vigilant and aware

Using the sensitive information obtained from a successful phishing scam, cybercriminals can take out loans or obtain credit cards and even drivers licenses in your name. The resulting damage to your financial history and personal reputation can take years to investigate and unravel. To protect yourself, learn how to identify phishing emails and make sure to use spam filters along with antivirus software on your home computers.

Links to third-party websites may have a privacy policy different from First Citizens Bank and may provide less security than this website. First Citizens Bank and its affiliates are not responsible for the products, services and content on any third-party website.

This material is for informational purposes only and is not intended to be an offer, specific investment strategy, recommendation or solicitation to purchase or sell any security or insurance product, and should not be construed as legal, tax or accounting advice. Please consult with your legal or tax advisor regarding the particular facts and circumstances of your situation prior to making any financial decision. While we believe that the information presented is from reliable sources, we do not represent, warrant or guarantee that it is accurate or complete.

Third parties mentioned are not affiliated with First-Citizens Bank & Trust Company.