Identity Theft

Gone Phishing

Phishing – the fraudulent practice of tricking people into revealing sensitive information or installing malware using seemingly reputable emails, texts, or phone calls – is a big business, with cybercriminals sending an estimated 3.4 billion phishing messages per day. It’s possible to protect yourself from these threats – it just takes a little detective work and due diligence. Let’s look at the most common red flags that can help determine whether a message you received is an attempt to steal your personal information.

RED FLAG NO. 1:
WHO IS IT FROM?

  • You don’t recognize the sender’s email address or phone number.
  • You recognize the sender, but the message is unusual or out of character for this person.
  • The sender’s email address is from a suspicious or unfamiliar domain. (An email address’s domain is everything after the @, like “rwbaird.com.”)

 

RED FLAG NO. 2:
WHO IS IT ADDRESSED TO?

  • You were included on a message yet don’t recognize the other recipients.
  • The message was sent to an unusual mix of people, such as those whose last names start with the same letter.
  • The message addresses you but misspells your name or contains grammatical errors.

 

RED FLAG NO. 3:
WHEN WAS IT SENT?

  • It was sent at an unusual time, such as business correspondence sent at 3 a.m.

 

RED FLAG NO. 4:
WHAT IS THE SUBJECT LINE?

  • The subject line begins with “RE:” yet is not a response to something you sent or requested.
  • The subject line does not relate to the content of the message.
  • The subject line creates a sense of urgency with phrases like “PAST DUE” or “ONE DAY LEFT”.

 

RED FLAG NO. 5:
ARE THERE ATTACHMENTS OR LINKS?

  • The message includes an attachment you’re not familiar with or weren’t expecting.
  • The attachment is a .DOC, .XLS, .PDF or .ZIP file. While these file types are commonly used in everyday life, they’re also frequently used to transmit malicious code.
  • The message includes suspicious links with strange combinations of letters and numbers, or doesn’t include standard features like https:// or .com/.org/.gov.
  • The link has a misspelling of a known website or displays a link-to address for an unexpected website.

 

RED FLAG NO. 6:
WHAT IS THE MESSAGE ABOUT?

  • The sender wants you to perform some electronic action (i.e., open an attachment or click a link) to either avoid a negative consequence or to gain something of value.
  • You’re unexpectedly being asked to sign in to an account (i.e., provide your user name and password).
  • The electronic action you’re asked to complete seems illogical or poorly defined.
  • You have an uncomfortable feeling about the sender’s requests.

 

If you’re unsure a message you’ve received is phishing, the best course of action is to contact the seemingly impersonated company or person to verify the message or inform them of the phishing scheme. It’s important to contact them using a phone number or email address you already have in your contacts or can find through an online search. Avoid using a phone number included in the phishing message, as that could be part of the scam. If you determine the message is in fact a phishing attempt, delete and report it through verified channels.

Most of all, it’s important to stay calm. At Baird, we take your financial security seriously. Contact your Baird Financial Advisor for information on how we keep your private information secure. Not a Baird client? Find a Baird Financial Advisor.

This article was originally published in April 2019 and was updated in September 2024.

The information reflected on this page are Baird expert opinions today and are subject to change. The information provided here has not taken into consideration the investment goals or needs of any specific investor and investors should not make any investment decisions based solely on this information. Past performance is not a guarantee of future results. All investments have some level of risk, and investors have different time horizons, goals and risk tolerances, so speak to your Baird Financial Advisor before taking action.

Related Links

Identity Theft
Cyber Self-Defense: How to Avoid These Common Scams

Between online commerce and social media, we’re all spending more time on the internet these days. So are cybercriminals. Learn to protect yourself from their most common scams.

Keep Reading
Identity Theft
Protect Yourself From Wire Fraud

Wire fraud is one of the most frightening types of theft that can happen to you. Here’s how you can ensure your transactions are secure.

Keep Reading
Hands on a laptop with icons floating over image
Identity Theft
Keep Your Private Information Private

Here are some easy steps you can take to keep your personal information away from prying eyes.

Keep Reading