Learn how to avoid phishing email scams

Thieves and hackers have become more and more creative and clever in finding ways to trick people into sharing personal information that can put their finances at risk. One method is a so-called “phishing” email.

These phishing (pronounced like “fishing”) scams are emails designed to mimic legitimate emails from businesses like retailers or financial institutions. In reality, they are created by thieves to trick you into entering your confidential financial and login information into a scam website. The scammers can then use the victim’s information to make fraudulent purchases or steal identities.

Below are some tips on how to identify phishing emails and what you should do to protect yourself.

Tip-offs to phishing scams

So how do you know if an email that says it is from Alliant or another financial institution is legitimate?

• From an unfamiliar source. If you receive an email from a person or organization that you don’t know, don’t click on any links and don’t open any attachments. In fact, the safest course of action is to delete the email without opening it.
• Strange wording or typos. Many phishing attempts originate in foreign countries and are written by people for whom English is a second language. If the subject line or text of the email has obvious typos or is written in broken English, it’s likely to be a scam.
• False urgency. Phishing emails often contain words like alert, urgent, immediate action or action required. The scammers hope that if they imply urgency and scare you, you’ll react quickly without checking to see if the email is legitimate. Although Alliant has in the past sent out emails related to major retailer data breaches, they were informational only, and did not ask members to log in to any account or take any action other than being diligent about monitoring their accounts. Alliant will never solicit you for account information or ask you to login to your account for validation purposes. 
• Fake links/URLs. Links in emails can be masked so that the words displayed in the link appear to be legitimate, while the actual link takes you to a site for a different, fraudulent company. The easiest way to check an email link (or a linked image) is to hover your cursor over it without clicking. The actual URL of the link should appear at the bottom left side of your screen. (Note: In some email systems, when you hover over a link, a pop-up window will appear showing the URL.) If the URL displayed doesn’t match the company that ostensibly sent you the email, don’t click it. For example, most Alliant emails link to pages on alliantcreditunion.org or alliantcreditunion.com. Use your judgment when a link goes to a different website if that site makes sense in the context of the email. If an email from us promoting the Alliant Visa Platinum Rewards credit card includes a link to Visa’s website, which makes sense in that context, it likely indicates that the link is legitimate.
• Site is not a “secure” site. Any site into which you enter personal or financial information should be a secure site with a link starting with “https” (the added “s” stands for secure) instead of just “http.” If the URL for a form page starts with http instead of https, it is not safe to enter your login or financial information into that form.

How to protect yourself

Review your account activity regularly. Monitoring your accounts on a regular basis is the best way for you to guard against being a victim of fraud. Alliant makes it easy for you to monitor your accounts for fraud: 

• Alliant Mobile Banking App. You can log in to our mobile app in seconds using fingerprint ID technology available in most smartphones. In the app, you can review your most recent transactions to ensure that they are legitimate.
• Alliant Online Banking. You don't have to wait to receive your monthly statement to review your account. Just log in to online banking anytime! 
• Emailed alerts: When you opt in to email alerts, you'll receive notifications about logins or transactions made on your accounts. You can select the accounts and transaction types for which you'll receive alerts, too. Just select "manage alerts" on the main account page and follow the prompts to customize your alerts.
• Real-time fraud text alerts. Alliant offers real-time text alerts for debit card transactions that we think are suspicious. Opting in is easy, too! Just click on the "Receive Text Messages" checkbox on the Phone Number Management page in Alliant Online Banking. It’s on the Settings tab at this location: Settings > Personal Information > Manage Phone Numbers.

Never provide personal information in response to an unsolicited email.

• If you receive an email from an unfamiliar sender, don’t click!
• If you receive an email from a company that is familiar to you, but about which you are suspicious based on the phishing characteristics listed above, contact the financial institution directly rather than clicking a link in the email. For example, you could use Alliant’s mobile app or navigate to our site yourself instead of clicking an emailed link. The key is that you initiate the contact, using information that you have verified yourself instead of information provided by an unsolicited email.

More security resources

Learn more about steps you and your family can take to protect against fraud. 

• Read more Alliant Money Mentor articles related to security and fraud on the Up Your Security IQ section of our blog. 
• Check out the Security Center on our website for more great tips about securing your devices and protecting yourself from identity theft. 

Pam Leibfried is a marketing content specialist whose love of words led to a writing and editing career. After a brief stint teaching English, she transitioned to corporate communications and spent 20 years at The Nielsen Company before joining Alliant’s content development team. Early in her work life, Pam’s friend Matt explained the benefits of a 401(k) and her dad encouraged her to start a Roth IRA. Their good counsel prompted her to prioritize retirement savings, which just might enable her to retire early so she can read more and live out the slogan on her fave T-shirt:  “I have a retirement plan: I plan on quilting.”