5 Famous Phishing Scams & How To Avoid Them

Phishing is one of the most common Internet scams, pulled off by tech-savvy con artists who employ sneaky tactics to wrongfully gain access to sensitive information. Passwords, usernames, credit card numbers, social security numbers—they want you to share your private information, and they have a variety of tactics and methods to get you to do it.

Here are five famous phishing scams with simple tips to avoid falling victim to these types of attacks yourself.


In 2015, Bank of America customers were targeted with emails announcing their online banking had been blocked due to invalid login attempts. With a legitimate looking layout, logo and content, this email seemed genuine—complete with a link to a page requesting personal banking information and login details. To avoid this type of scam, directly contact companies who have access to your most private information—over the phone or on their website—to confirm the request inside the email.


A similar deceptive email from PayPal urged customers to update their account via a link after describing recent fraudulent activity, technical problems and slow online service. Littered with obvious typos, the poor use of grammar inside this deceptive PayPal email is a certified red flag of a malicious email.


An email claiming to be from Apple told consumers they were unable to process their most recent payment.  The email asked consumers to update their credit card information using a link provided within the email. The link directed users to a sophisticated billing website with credit card entry, user info and other personal information. Always be wary of messages asking for payment updates, and never click on these types of links from within the email.  Access the company’s website directly.


Posing as the nation’s tax agency is a common phishing scare tactic.  Why?  Because it works. The majority of times these IRS-themed emails offer up a tax refund, requiring payment information to access the victim’s accounts. Be aware of the URL links included in these types of emails. If it seems “phishy” (strange spellings and typos), then it probably is.  Plus, the IRS will never contact you in this form.  Usually, it’s through good ol’ fashioned snail mail.


This third-party file-sharing service is so popular among businesses that their links are rarely blocked. This is good news to a cyber-criminal; they can send malicious Dropbox links without ever being flagged by your spam blocker.  If you don’t know the sender, don’t open it—even if it from Dropbox.