Yahoo Life is committed to finding you the best products at the best prices. Some of the products written about here are offered in affiliation with Yahoo. We may receive a share from purchases made via links on this page. Pricing and availability are subject to change.
It's easy to assume you'd never fall for a phishing scam, but more people than you realize become victims of these cyber crimes each year. Case in point: The FBI's Internet Crime Complaint Center discovered that Americans lost a jaw-dropping $57 million to phishing scams in 2019 alone.
There are thousands of phishing scams launched every day, according to the Federal Trade Commission (FTC), raising the risk that you'll actually become a target. The best way to protect yourself from these online attacks is to understand what they are and what phishing scams are trying to do. And, of course, you need good systems in place to protect yourself.
Software like Malwarebytes Premium can help. It helps provide 24/7 protection against a slew of significant online threats, including phishing scams, ransomware, malware and viruses before they even reach you. Malwarebytes Premium also helps protect you from accessing malicious websites, along with online scams and phishing attacks designed to steal your sensitive information.
But why do you need to protect yourself from phishing scams? And what, exactly, can phishing scams do? Cybersecurity experts break it down.
What are phishing scams, again?
"Phishing is the practice of sending communications that impersonate a reputable party and claim to come from that party, in order to trick recipients into taking some action that they would not take had they known the true identity of the message’s sender," explains Joseph Steinberg, cybersecurity expert and emerging technologies advisor, tells Yahoo Life. So, a phishing scam may make you think that a message is coming from a person or institution you trust, like your bank or your favorite video streaming service, when it's actually the work of cybercriminals.
Phishing scams usually tell a story to trick you into clicking on a link or opening an attachment, the FTC explains. These emails and texts can say or include things such as:
They've noticed some suspicious activity or log-in attempts on your account
They claim there’s a problem with your account or your payment information
They say you must confirm some personal information
They include a fake invoice
They encourage you to click on a link to make a payment
They say you’re eligible to register for a government refund
They offer a coupon for free foods
"Phishing scams are a matter of numbers," tech and cybersecurity expert Chuck Brooks, president of Brooks Consulting International, tells Yahoo Life. "It only takes a few people to click out of thousands to make cybercriminals' efforts successful."
What are phishing scams trying to do?
Phishing scams are trying to get a hold of your private information, such as your social security number or bank account. Typically phishing scams will try to get you to provide credentials "that can be used to log in to some account, revealing private information that can be used for identity theft, providing credit card numbers or bank account information, issuing a payment or clicking a link that installs malware," Steinberg says.
Unfortunately, phishing scams are only getting more popular. "Phishing has become a weapon of choice for many hackers to enrich themselves," Brooks says.
How to protect yourself from phishing scams
The FTC recommends taking a few steps to protect yourself from phishing scams:
1. Install security software on your devices. Software like Malwarebytes Premium can protect you and your sensitive information. The FTC suggests setting the software to automatically update so it can deal with any new security threats.
2. Set your phone and computer's software to update automatically. Those updates can help protect you against security threats.
3. Use multi-factor authentication. Multi-factor authentication provides extra security by having you submit two or more credentials to log into your account, such as your password and answering a security question that's unique to you. Multi-factor authentication makes it harder for scammers to log on to your accounts if they happen to get a hold of your username and password, according to the FTC.
4. Back up your data. Make sure those backups aren’t connected to your home network, per the FTC. That usually means copying your computer files to an external hard drive or cloud storage instead.
Phishing scams are common, but you don't have to be vulnerable. Taking the right steps can go a long way towards protecting you now and in the future.