Phishing Scams

Phishing In Depth

Phishing Statistics 2021


90% of data breaches are caused by phishing
3.4 billion phishing emails are sent every day

1.4 million phishing websites are created every month

Source: Digital InTheRound, 2021

Sections on this page
  1. What Are Phishing Scams?
  2. The Goal of Phishing Scams
  3. Red Flags of Phishing Scams
  4. How Do You Beat and Avoid Phishing Scams
  5. Common Phishing Scams
  6. How to Recover From a Phishing Scam

From 2015-2020, the FBI’s Internet Crime Complaint Center (IC3) received more than 2.2 million fraud complaints and reported losses of $13.3 billion. The largest numbers of complaints and most significant monetary losses were attributed to phishing scams.

In 2019, the Anti-Phishing Working Group (APWG) (an international effort to reduce cybercrime made up of more than 2,200 government, industry, and law enforcement organizations) recorded a record level of phishing scams, which continued into 2021. The group detected more than 600,000 phishing websites, 325,500 unique phishing email scam campaigns, and more than 1,300 brands that scammers targeted in the first quarter of 2021.

What Are Phishing Scams?

Phishing scams are designed to steal your identity and ultimately take your money. In most cases, the scammers impersonate a legitimate business or associate to trick you into believing you are dealing with a trusted source.

For example, you might get an email claiming to be from Amazon asking you to verify a purchase or your bank asking you to confirm a charge. If you click on the link provided, you might be redirected to a fake website that looks similar to the real one and asks you to enter your login information.

You might also launch malicious software that can scan your computer to steal your account information by clicking on the link. This software might also encrypt everything on your computer and demand a payment to de-encrypt it (ransomware).

Phishing Scams Come In Various Forms

Phishing scams can happen via email, text, phone calls, and even mail. They may also use fake websites to trick you into entering your information. 

Phishing scams have become more sophisticated over time. Scammers use social engineering tactics to learn personal details about you to personalize their contact with you and make their requests more believable. For example, scammers might learn the CEO of a company is traveling through social media posts or check-ins. They then launch a phishing email attack impersonating the CEO and ask the CFO to wire money using details of the trip to convince them it's really them.

The Goal of Phishing Scams

The goal of most phishing scams fall is to trick you into taking one of these actions:

  • Send money to the scammers
  • Click on a link or download an attachment to launch malware or ransomware
  • Click on a link that sends you to a fake website to steal your passwords, credit card information, or bank account information

All phishing scams have one main goal in mind—to steal your money. Whether that is via first stealing your identity or simply getting your bank account information directly.

Red Flags of Phishing Scams

Scammers will use all sorts of tricks to get you to click on a link, provide personal information, or send the money. While there are hundreds of thousands of different phishing scams active at any time, they all have a few common elements.

  • A sense of urgency requiring immediate action or threats
  • Requests for money or personal information
  • Asking for payments in gift cards or wire transfers
  • Asking you to click on a link or download an attachment
  • Inconsistency in email addresses, domain names, and links
  • An overly familiar tone

Consumers and businesses need to remain vigilant to look for the red flags and avoid becoming a victim. With some 3 billion phishing emails being sent every day, scammers are working hard to fool you. Don’t let them.

How Do You Beat and Avoid Phishing Scams

Beating phishing scams requires being careful anytime you receive an email or text, especially if it asks for passwords, personal information, or money.

If you suspect suspicious activity, don’t click on any links or enter any information. If you have doubts, contact the company by finding their official website or contact information rather than responding to an email or clicking on a link.

To avoid falling for a phishing scam, remember:

  • Companies typically do not contact you and ask for your login credentials, such as your username and password.
  • Avoid clicking on anything in a text or email that is unsolicited.
  • If you do want to respond to the email, verify the company’s information is correct. Don’t use the link, email, or phone provided in the phishing scam.
  • Examine the email address and URL. Many phishing scams will include email addresses similar to a legitimate company’s name but slightly different to trick you.
  • Never open email attachments from someone you don’t know.
  • Be careful with the information you share on Facebook or other social media. For example, pet names, birthdays, and other information can be used by scammers to answer security questions or personalize a phishing email.

Change Your Passwords Regularly & Use Strong Ones

Make sure you’re using strong and unique passwords for all of your accounts. This way, if a scammer gets hold of one of your passwords, they won’t gain access to multiple accounts. You should also change your passwords regularly to keep the scammers at bay. You can use a password manager to help you keep track of them all.

Common Phishing Scams

To keep yourself safe from phishing scams, you should familiarize yourself with some of the most common versions so you can stay alert.

Business Email Compromise Scam

Scammers impersonate a company employee or customer and trick the business into sending money, such as asking them to wire money to pay a bill or sending a deposit for a fake invoice. In 2020, business email compromise (BEC) phishing email scams cost companies approximately $1.8 billion.

Microsoft 365 Phishing Scams

Scammers send a message saying you need to reset your Microsoft password or claim there is an issue with your account that needs immediate attention. When you click on the link, you are directed to a fake site where scammers can steal your passwords and then use your email to scam others.

Account Suspension Phishing Scams

A phishing email arrives saying your account has been suspended due to lack of activity or suspicious activity. Another version of this is when scammers say your account will auto-renew at a specified rate if you do not act. These scams are common with brands like PayPal and Amazon.

Fake Delivery Phishing Scams

Scammers impersonate FedEx or UPS, claiming they could not deliver a package, and ask you to provide additional details to reschedule the delivery. This message can come as either a text message or email.

Employer Phishing Scams

A phishing email may appear to come from your employer, alerting you to changes in personnel policies that you need to indicate you received. Always check with your employer directly if emails seem suspicious.

Fake Purchase Phishing Scams

Another common phishing scam is an email from a company such as Amazon, Walmart, or Target asking you to verify a large purchase. Scammers hope people will click on the links they provided to avoid being charged for a purchase they didn’t make.

COVID-19 Phishing Scams

Scammers offer free COVID-19 tests, government stimulus payments, or Medicare prescription cards in exchange for personal information used to steal your identity.

Government Service Phishing Scams

These phishing scams include offers about government services, such as unemployment benefits or student loan deferments.

How to Recover From a Phishing Scam

To recover from a phishing scam, you need to take the following specific actions.

1. Contact Financial Providers

If you have been scammed out of money, you will want to call the bank, credit card issuer, money wire service, or gift card provider to alert them you have been scammed. Ask them to reverse the charges.

2. Update and Scan Your System

Often phishing scams involve placing malicious code on your device. Update your antivirus software and run a full system scan to ensure your computer, laptop, or electronic device has not been infected.

3. Change Account Passwords

If you have any reason to believe your email, social media, or any other accounts have been compromised, change the passwords as soon as possible.

4. Contact the Credit Bureaus

If you are concerned about identity theft, bank account, or stolen credit card information, you can place a fraud alert or credit freeze. If you place a fraud alert with Equifax, Experian, or TransUnion, they will report it to the other agencies; therefore, you only need to create a fraud alert once. If you wish to freeze your credit, you must contact each consumer credit reporting agency separately.

5. Report Phishing Scams

Report phishing scams to the FBI Internet Crime Complaint Center (IC3). You will need to provide the following information:

  • Name, address, phone, and email contact.
  • Information about any financial transactions that occurred, such as amounts, transaction dates, where money was sent, and account information.
  • Any details you know about the scammer, such as email, website, or IP address.
  • Copies of related texts or emails (including headers).
  • A description of what occurred.

While the IC3 does not undertake investigations, it does forward your complaint to the appropriate federal, state, and local law enforcement agencies.

Has Your Identity Been Stolen?

If you’ve become a victim of identity theft and someone is now applying for things like credits cards and loans in your name, follow these steps to recover.

Scams Relating to Phishing

Sort by:
How to Identify a Fake Email from Your Bank & Protect Yourself

How to Identify a Fake Email from Your Bank & Protect Yourself

Scammers impersonate well-known banks, such as Citibank and Chase, to trick you into giving up your sensitive information—learn how to beat these scams.

The "Little Gift" is a Lie! Protect Yourself From Fake Verizon, AT&T, and T-Mobile Texts
15 October 2021 |

The "Little Gift" is a Lie! Protect Yourself From Fake Verizon, AT&T, and T-Mobile Texts

If you receive a text message from your cell phone provider containing a link to a "little gift," don't click on it—it's a scam!

Recognize Fake Bank Reps Calling to Steal Your Information
6 October 2021 |

Recognize Fake Bank Reps Calling to Steal Your Information

A call from your bank isn't always legitimate—imposters pretend to represent your bank to steal your information and money.

Vishing Scams: What They Are and How to Protect Yourself
4 October 2021 |

Vishing Scams: What They Are and How to Protect Yourself

In 2020, almost $20 billion was lost to phone scammers in the U.S. alone. With 165 million robocalls being made every day, it's hard not to be targeted.

How the Nigerian Prince Scam Has Evolved & How to Protect Yourself

How the Nigerian Prince Scam Has Evolved & How to Protect Yourself

Arm yourself with information on how this scam works and the red flags to watch out for to protect your bank account from these thieves.

Extortion Schemes: How Scammers Impersonate Law Enforcement & What To Do

Extortion Schemes: How Scammers Impersonate Law Enforcement & What To Do

Scammers use fear tactics and impersonate law enforcement to trick you into sending them money but armed with the right knowledge, you can beat them.

Red Flags of Fake Credit Union Emails: Prevent Phishing
15 September 2021 |

Red Flags of Fake Credit Union Emails: Prevent Phishing

Scammers have turned their phishing attempts to members or credit unions by sending out fake emails hoping to get their hands on valuable personal data.

Honor Society Foundation Scam: Protect Yourself From Imposters
13 September 2021 |

Honor Society Foundation Scam: Protect Yourself From Imposters

You may think you're being invited to an honor society, but you could be the target of a nationwide scam aimed at students.

Personal Loan Scams: Beware of Fake Offers for Loans
7 September 2021 |

Personal Loan Scams: Beware of Fake Offers for Loans

When an offer for a personal loan with great rates seems too good to be true, it often is, especially if you weren't the one who contacted them first.

Red Flags of Fake PayPal Emails About Your eBay Transactions
21 August 2021 |

Red Flags of Fake PayPal Emails About Your eBay Transactions

Fake PayPal emails regarding your eBay transactions are sent by scammers to fake payments and steal your information.

Guides Relating to Phishing

Sort by:
How to Avoid Honor Society Scams & Why You Should Pick a Local Chapter
24 September 2021 |

How to Avoid Honor Society Scams & Why You Should Pick a Local Chapter

With so many honor societies across the country, it can be difficult to decide which one to join. Here's why you should join a local chapter.

5 Ways to Avoid Magazine Subscription Scams & How to Subscribe Safely
8 September 2021 |

5 Ways to Avoid Magazine Subscription Scams & How to Subscribe Safely

Magazine subscriptions should be easy. Scammers are everywhere, costing Americans over $300M. We have gathered data from experts to show you who to avoid and who to trust.

Is Your Bank Really Contacting You Or Is It a Scam?
2 September 2021 |

Is Your Bank Really Contacting You Or Is It a Scam?

The ultimate goal of scams is to steal your money, so it's common for thieves to impersonate your bank or credit union. So, how do you tell who's really contacting you?

How to Report a Scam Website and Why It's Important

How to Report a Scam Website and Why It's Important

With more than 2 million fake websites online, it's important to report any you come across to help the authorities shut them down and protect others from falling for scams.

How to Place a TransUnion Fraud Alert & Protect Your Credit
20 August 2021 |

How to Place a TransUnion Fraud Alert & Protect Your Credit

Placing a fraud alert can help protect your credit if you've fallen victim to a phishing scam or have had your identity stolen.

News Relating to Phishing

Sort by:
Zoom Phishing Scams On the Rise Thanks to the Pandemic
10 May 2021 |

Zoom Phishing Scams On the Rise Thanks to the Pandemic

The global pandemic has unleashed several changes upon the world, from the work-from-home revolution to the phrase “social distancing,” and now, Zoom phishing.

News in Other Categories...
N.J. Man Pleads Guilty to SIM Swapping Conspiracy Stealing Over $500k From Victims
5 October 2021 |

N.J. Man Pleads Guilty to SIM Swapping Conspiracy Stealing Over $500k From Victims

This case shows just why you need to be aware of SIM swapping and how to protect your cell phone number from criminals like this.

Student Loan Scammers Arrested After Stealing $6.1 Million
22 September 2021 |

Student Loan Scammers Arrested After Stealing $6.1 Million

After a 3-year long scam, Angela Mirabella and six others have been indicted on several charges, including grand theft.

FBI Warns Fake COVID Vaccine Cards Could Lead to Prison Time
14 September 2021 |

FBI Warns Fake COVID Vaccine Cards Could Lead to Prison Time

Taking a chance on a fake COVID-19 vaccination card seems like an easy way to get around requirements, but think again before you land yourself in prison.

Beware of this New Scam Involving A Fake Call from CBP
10 September 2021 |

Beware of this New Scam Involving A Fake Call from CBP

Sometimes it just safer not to pick up calls from unknown phone numbers.