Learn and protect yourself from phishing

Phishing is a common internet scam that uses official-looking email messages and websites to trick you into sharing personal information that criminals use to commit identity theft and fraud.

Learn to identify a phishing attempt, how to report one, and what to do if you fall victim to phishing.

Red flags for phishing attempts

• Mistakes in grammar or spelling. Real organizations do mess up once in a while, but if the message is so full of errors your elementary school teacher wouldn't accept it, it's likely a scam.
  
  
• Fishy to/from address. "From" addresses can be easily forged, so pay attention to the "To" field. Is your email address listed? If not, the message is likely a phishing attempt.
  
  
• No personal information in the email. Most legitimate institutions have your information on file and will address you by name. A "Dear Valued Customer" salutation is suspect. However, phishers can mine public records and social networking sites for your personal details, so don't assume a message is safe just because it contains your name or other trivia.
  
  
• Requests for personal information. Sensitive information such as passwords, bank account numbers, and social security numbers should NEVER be sent via email. CenturyLink, PayPal, and your bank are examples of companies that would never ask for personal information in an email.
  

How to report phishing

If you receive a phishing email in your CenturyLink email inbox, mark it as spam.

You can also forward suspected phishing emails to:

• spam@uce.gov
• ReportPhishing@AntiPhishing.org
• The company, bank, or organization impersonated in the phishing email

What to do if you are a phishing victim

If you have fallen victim to phishing, file a report with the Federal Trade Commission or call 877-438-4338.

If you are a victim of identity theft, you can minimize the potential damage. For more information go to the Federal Trade Commission.