Phishing is a form of fraud designed to steal your identity. It works by using false pretenses to get you to disclose sensitive personal information, such as credit and debit card numbers, account passwords, or Social Security numbers.
One of the most common phishing scams involves sending a fraudulent email that claims to be from a well-known company. Phishing can also be carried out in person, over the phone, through fraudulent pop-up windows, and websites.
Phishing (pronounced “fishing”): Fraudulent emails that request or initiate a scam to get sensitive personal information.
Spoof Site: Fraudulent sites – usually linked from a phishing email – that look like well-known websites.
How phishing through email works.
1. Mass Email
2. Phishing Email
3. Fraudulent Website
A fraudster will start out sending thousands, even millions, of emails to different mail accounts disguised as messages from a well-known company. The typical phishing email will contain a concocted story designed to lure you into taking an action such as clicking a link or button in the email or calling a phone number. Learn how to spot a fraudulent email with Recognizing Phishing.
In the email, there will be links or buttons that take you to a fraudulent website.
The fraudulent website will also mimic the appearance of a popular website or company. The scam site will ask for personal information, such as your credit card number, Social Security number, or account password.
You think you’re giving information to a trusted company when, in fact, you’re supplying it to a criminal. Learn how to spot a fraudulent website with Recognizing Phishing.
Questions PayPal will never ask you in an email.
To help you better identify fake emails, we follow strict rules. We will never ask for the following personal information in email: