Credit Information and Personal Finance Resources | Credit One Bank

Credit One CentralTM

Explore ways to manage your credit and finances with Credit One Central. These informational articles and resources can help guide you in your everyday life.

Don’t Take the Bait: How to Avoid Being Phished

Don’t Take the Bait: How to Avoid Being Phished

“Phishing,” “spear phishing,” and “spoofing” may sound like fun, jovial activities, but they’re no laughing matter. Each of these activities is a scam designed to steal your personal information or hijack your computer, tablet, or smartphone. They affect millions of people and cost consumers and businesses billions of dollars.

A 2017 report by the FBI found that, from October 2013 to December 2016, the Bureau investigated over 22,000 phishing incidents involving domestic losses totaling nearly $1.6 billion. In addition, the FBI Internet Crime Complaint Center receives an average of 280,000 complaints each year. And if you think these scams only affect the gullible and could never fool you, think again. A global study by Intel Security showed that 97% of the subjects tested could not properly identify a phishing email.


They may have different names and subtle differences, but phishing, spear phishing, and spoofing all have one thing in common: They’re crimes designed to steal your personal information or exact a ransom from you. They employ cleverly disguised emails, texts, and even phone calls—all of which get more professional and sophisticated every day—to trick you into divulging personal information that can be used to make fraudulent charges or steal your identity. Or, in the case of spoofing, to download a virus or ransomware onto your phone, tablet, or computer.

Here’s a quick summary of each of these forms of fraud:

Phishing is a broad attempt to trick you into providing sensitive information such as credit card numbers, Social Security numbers, usernames, passwords, etc. These attempts typically appear to come from trusted sources, but they’re not as personalized or targeted to specific victims as in spear phishing. The objective is to trick as many targets as possible into opening an embedded link to a counterfeit website or calling a bogus phone number.

Spear Phishing is a more targeted attempt to acquire sensitive personal information, usually directed at specific individuals or organizations to obtain specific information. Like phishing, these attempts also typically appear to come from a trusted source.

Spoofing differs from phishing in that instead of trying to trick you into going to a fake website or calling a phony number, the goal is to get you to download malware onto your computer, tablet, or smartphone by clicking a link or opening an attachment. The downloaded virus can then gather sensitive information by accessing your files, or it can disable your operating system or even lock you out of your machine and demand a ransom to unlock it.


While phishing and spoofing attempts have grown more clever and sophisticated, they can often be identified and avoided by exercising a bit of common sense and a healthy dose of skepticism. So, the next time you receive a suspicious email, text, or phone call, practice the following:

1. Scrutinize What’s Being Communicated

Reputable companies do not ask for sensitive personal or financial information to be communicated via email, entered into a suspect website, or conveyed over the phone. They also rarely emphasize the urgency of doing so unless they’ve already attempted to contact you several times before. So, if you receive an email, call, or text requesting sensitive account information, be skeptical.

Also scrutinize the way the communication is being conveyed. If it’s riddled with grammatical and spelling errors, it’s doubtful it came from the company it claims to be authored by. Reputable companies employ professional writers, editors, and proofers. As clever as many of these fraudsters are in developing their scams, good, error-free writing seems to be a skill that eludes many of them.

2. When in Doubt, Verify

If an email or text looks authentic but is asking you for sensitive information or to do something that seems dubious, don’t hesitate to pick up the phone and call the customer service department of the company that supposedly sent the communication. Just don’t use the telephone number provided in the suspect communication; find a phone number from a past statement or from the company’s website. If the email is fake, any phone numbers provided within it will undoubtedly be bogus as well.

3. Don’t Click Suspicious Links or Open Attachments

If you’re not sure about an email or text, do not click on any links embedded in it or open unsolicited attachments. Doing so could take you to a bogus website or download a virus. If you hover the cursor over the link and the displayed URL does not appear to be the same as what the link claims to be, or there are spelling errors within the URL, it’s probably a scam. Also be wary of shortened URLs, which are often used by cybercriminals.

4. Do Not Divulge Any Personal Information Online

Unless you’re on a secure website, do not communicate sensitive information over the internet. And don’t give it out over the phone if you receive an unsolicited phone call. You can easily tell if a website is secure because it will begin with “httpS” instead of “http.” A closed padlock icon should also appear in your browser if you’re on a secure website. Clicking that padlock icon will reveal security certificate information.

If you’re directed to a suspicious website and it requests your password, try entering an incorrect one. A legitimate website will inform you that your password is wrong; a bogus one phishing for your personal information will accept anything you enter.

5. Keep Your Browsers & Operating System Up to Date

Phishers and spoofers exploit software vulnerabilities and loopholes, so be sure to regularly download updates, many of which contain critical security patches. Also be sure to use firewalls, anti-virus software, and spam filters to minimize phishing and spoofing attempts. There are even anti-phishing toolbars you can install directly to your browser.

6. Check Your Accounts Frequently

One of the best ways to detect fraud is to check your accounts on a regular basis so you can spot any activity that’s not yours. While you’re in your accounts, be sure to change your passwords regularly as well. And don’t forget to check your credit reports at least once a year—by federal law, you’re entitled to a free credit report from each of the three major credit bureaus annually.

7. Report Scams

If you’ve received a phishing email or text, don’t just shrug it off—report it. Doing so could help prevent others from falling victim to the same scam.

If you’ve received a phishing email, forward it to and to the organization being impersonated in the email. You can also file a formal complaint with the Federal Trade Commission. The Anti-Phishing Working Group (APWG) is an international coalition that collects, analyzes, and exchanges lists of phishing sites, and encourages you to report any phishing emails you receive.

Phishing and spoofing may cost the economy billions, but you don’t have to take the bait and be just another number. By exercising a little caution, you can minimize the splash phishers, spoofers, and other cybercriminals are making—at least in your own life.


« Return
This material is for informational purposes only and is not intended to replace the advice of a qualified tax advisor, attorney or financial advisor. Readers should consult with their own tax advisor, attorney or financial advisor with regard to their personal situations.
Credit One Bank Testimonials

Customer Testimonials & Success Stories

Looking to reach your financial goals? See how Credit One Bank helps people purchase a house or car, handle emergencies and build their credit.

Read More

See If You Pre-Qualify Today

With a Credit One Bank Platinum Visa®, you'll earn 1% cash back on eligible purchases, terms apply, and receive many benefits like free online access to your credit score and $0 Fraud Liability.

In less than 60 seconds, find the card that's right for you!

Credit One Bank Credit Card

 Terms of Use 

Credit One Bank maintains our various websites (hereinafter referred to as "website") as a service to our customers and visitors in order to provide information about products and services and to facilitate communication with us. We require that all customers and visitors to our website adhere to these Terms of Use. By accessing our website and any of its pages, you indicate your acknowledgement and acceptance of the Terms of Use set forth herein without limitation or qualification. We may revise the Terms of Use at any time by updating this posting. You should therefore visit this posting to review the Terms of Use from time-to-time as you visit the website. For the purposes of these Terms of Use, references to Credit One Bank include its affiliates, directors and employees.

COPYRIGHT - The information and materials contained in the website, including but not limited to text and images herein (excluding certain images licensed from third parties) and their arrangement are © Copyright 2015 by Credit One Bank. The information and materials contained in the website may not be copied, displayed, distributed, licensed, modified, published, sold, used to create derivative work or otherwise used for public or commercial purposes without the express written permission of Credit One Bank.

LIMITATION OF LIABILITY - We use our best efforts to include accurate and up-to-date information and materials on the website, however, information and materials on the website are provided "as is" without any warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose and non-infringement. Furthermore, we make no representations as to the accuracy or completeness of the information. The information and materials on the website may include technical inaccuracies or typographical errors. From time-to-time we may amend, change, add, delete, update or alter the information and/or materials contained in the website, including information regarding the products and services described or offered on the website, without notice. We assume no liability for any errors or omissions in the information or materials contained within the website and expressly disclaim any responsibility to update the information or materials contained within the website. By using the website, you acknowledge that we specifically disclaim any liability for any direct, indirect, special, unsolicited or consequential damages, losses or expenses arising out of your access to or use of the website, even if we have been advised of the possibility of such damages, including liability associated with any viruses or software which may impact a user's equipment.

GOVERNING LAW - You agree that your use of the website shall be governed by all applicable Federal laws and the law of the state of Nevada.

INFORMATION SUBMISSIONS - All information and materials (including but not limited to feedback data, documents, questions, comments, and suggestions) you submit to us via the website or email shall be deemed to be the property of Credit One Bank and may be used by us in a manner consistent with our Privacy Policy. We shall be free to reproduce, use, disclose, exhibit, display, transform, create derivative works and distribute this information and materials to others without limitation. Furthermore, we shall be free to use any ideas, concepts, know-how or techniques contained in such information or materials for any purpose whatsoever, including but not limited to developing, manufacturing and marketing purposes. Application information submitted to us shall be treated confidentially to the extent required by applicable law or as disclosed in the application and/or supporting materials.

ADVERTISING DISCLOSURE AND LINKS TO OTHER WEBSITES - We do not provide, endorse, nor guarantee any third-party product, service, information, or recommendation available through links from this website. The third parties providing products and services available through this website are not affiliated with us and are solely responsible for their products, services, information, recommendations, and all other content on their websites. We shall not be held liable for any third party's failure with regard to such advertised products, services, and benefits. Many of these advertised products and services are not FDIC insured, nor bank guaranteed. By responding to offers advertised on this website, you may be communicating information about yourself to the company that provides such product or services - for example, that you are a Credit One Bank customer. Please be aware that these third parties may have a different privacy policy than ours. Their website(s) may also provide less security than ours. We encourage you to check individual offers, products, and services to become familiar with any applicable restrictions or conditions.

 Security & Fraud  

We are committed to protecting the security of your personal information. We list some activities below that we perform in order to safeguard your data and some tips that you can follow to protect your security.

What We Do:

  • We employ industry-proven standards and technologies to protect information in our computing environment.
  • We protect our systems and networks from the Internet with Firewall systems.
  • We use 128-bit SSL encryption technology to protect sensitive information that is transmitted over the Internet.
  • We maintain a Global Digital Certificate signed by Verisign® that assures you are, in fact, communicating directly with Credit One Bank.
  • We control access to your information inside our company by limiting employee access to systems and data.

What You Should Do:

  • Protect your Username and Password. Avoid choosing easily guessed words or numbers. Avoid writing your Sign In information in a place where others can view it.
  • Use the "Sign Out" button to Sign Out from Online Account Access upon completion of your session and close your browser.
  • Do not use email for account-specific questions. Email is not normally encrypted and your account information could be intercepted.
  • Review your statement information regularly for unauthorized transactions.

Alerts Regarding Phishing and Web-Spoofing:

  • Phishing is an Internet scam (spoof) in the form of an email or pop-up box. The emails and pop-ups link to sites that look like well-known legitimate businesses and ask you to provide and confirm personal, financial, or password information.
  • Legitimate businesses do not ask for this information unless you initiate a request for a service. Please DO NOT RESPOND to these emails requesting personal identity, accounts or password information.
  • Scam emails often contain misspelled words, poor grammar, awkward or unprofessional writing and typos.
  • Be suspicious of urgent or alarming appeals that request security information.

Fraud Alerts:

  • Credit One Fraud Alerts messages are provided to you at no cost. You will not be charged for alerts received.
  • Message frequency varies, as they are only sent when there is suspicion of fraud.
  • Mobile carriers are not liable for delayed or undelivered messages.
  • For help send HELP to 89283.
  • Send STOP to 89283 to end future fraud alert messages.
  • For support contact us at 1-877-825-3242.

To learn other ways to avoid email scams and deal with deceptive spam visit the Federal Trade Commission site at


You are leaving

If you the 'Continue' button, you will be directed to a third-party website unaffiliated with Credit One Bank, which may offer a different privacy policy and level of security. Credit One Bank is not responsible or liable for, and does not endorse or guarantee, any products, services, information or recommendations that are offered or expressed on other websites.

the 'Return to' button to return to the previous page or 'Continue' to proceed to the third-party website.

Return to Continue