We’ve recently heard that scammers are recycling an old phishing attempt. In this version, scammers, posing as a well-known tech company, email a phony invoice showing that you’ve recently bought music or apps from them. The email tells you to click on a link if you did not authorize the purchase. Stop – do not click on the link. That’s the new twist on an old scam.
More precisely, you just experienced a phishing attempt – that is, when a scammer uses fraudulent emails or texts, or copycat websites to get you to share valuable personal information. The scammers then use that information to commit fraud or identity theft.
Scammers also use phishing emails to get access to your computer or network – then they install programs like ransomware that can lock you out of important files on your computer.
Here are some tips to help keep your information secure:
- Be suspicious if a business, government agency, or organization asks you to click on a link that then asks for your username or password or other personal data. Instead, type in the web address for the organization or call them. The link in the email may look right, but if you click it you may go to a copycat website run by a scammer.
- Be cautious about opening attachments. A scammer could even pretend to be a friend or family member, sending messages with malware from a spoofed account.
- Set your security software to update automatically, and back up your files to an external hard drive or cloud storage. Back up your files regularly and use security software you trust to protect your data.
If you got a phishing email or text message, report it. The information you give helps fight scammers.
- If you got a phishing email, forward it to the Anti-Phishing Working Group at email@example.com.
- If you got a phishing text message, forward it to SPAM (7726).
- Report the phishing attempt to the FTC at ReportFraud.ftc.gov.
The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.
We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.