How to Recognize and Avoid Phishing Scams

Phishing scams—where criminals impersonate legitimate organizations to steal your information—are one of the most common forms of fraud. They arrive via email, text message, phone calls, and even social media. Here's how to protect yourself.

What Is Phishing?

Phishing is when a scammer pretends to be a trusted entity—your bank, a government agency, a retailer—to trick you into revealing passwords, account numbers, Social Security numbers, or other sensitive information.

Red Flags to Watch For

• Urgency: "Your account will be suspended!" or "Act immediately!" Legitimate companies rarely demand instant action.
• Generic greetings: "Dear customer" instead of your actual name.
• Suspicious links: Hover over links before clicking. If the URL doesn't match the organization's real website, don't click.
• Requests for sensitive information: Your credit union will never ask for your password, PIN, or full account number via email or text.
• Poor grammar and spelling: Professional organizations proofread their communications.
• Unexpected attachments: Don't open attachments from unknown senders.

How to Protect Yourself

• Never click links in unexpected emails or texts. Go directly to the company's website by typing the address in your browser.
• Call the organization directly using the number on their official website—not the number in the suspicious message.
• Keep your software and antivirus programs updated.
• Use unique, strong passwords for each account and enable two-factor authentication.

What to Do If You've Been Phished

If you clicked a suspicious link or shared information, act immediately: change your passwords, contact your financial institutions, place a fraud alert on your credit reports, and report the scam to the FTC at ReportFraud.ftc.gov.

If you receive a suspicious message claiming to be from BrightStar Credit Union, do not respond. Call us directly at (954) 486-1344 to verify.