Identifying and Handling Phishing Emails

Identifying and Handling Phishing Emails

Phishing is a type of social engineering scam where an attacker sends a fraudulent or deceptive message designed to trick the recipient into either revealing sensitive information to the attacker or deploying malicious software, like ransomware, on the victim’s electronic devices.

Phishing can occur through text message (“smishing”), voice or video calls (“vishing”), and even fraudulent QR codes (“qishing”).

How to Identify Fraudulent Emails

Phishing most commonly occurs through an email with a malicious attachment or with links that lead to malicious websites. Opening the attachment or visiting the website introduces the possibility of having malicious software secretly installed on your device. In some cases, the unauthorized software may turn your device into a base to spread even more malicious software to other users on the internet or within your company. A malicious website may also prompt you to enter certain login credentials in order to steal your information.

Fraudsters who use phishing tactics hope to convince victims to share their personal information by using clever and compelling language, such as an URGENT need for you to update your information IMMEDIATELY (“We will shut down your account if you do not log on today and update your password!”) or a need to communicate with you FOR YOUR OWN SAFETY OR SECURITY (“We have determined that your computer is not protected and you need to install our software to prevent further infections!”). Make sure to look out for spelling mistakes within the message, and hover over the sender’s information to ensure the message is from a verified email address. Fraudsters often create lookalike email addresses and domains to appear as though their email is from a trusted party.

Harmful Pop-Up Windows

Fraudsters may use pop-up windows — small windows or ads — to obtain personal information. These windows may be generated by programs hidden in free downloads, such as screen savers or music-sharing software. Some best practices can help protect you from harmful pop-up windows:

  • Avoid downloading programs from unknown, untrusted sources on the internet.
  • Always run reputable antivirus software on your computer or device.
  • Be wary of unsolicited pop-ups and ads warning you of computer viruses or suspicious fraudulent charges. Scammers may try to trick you into believing there is a problem with your device and will request remote access.

What to Do if You Receive a Phishing Email

  • If you receive an email from an unknown or suspicious sender, do not open or respond.
  • Avoid clicking on links or opening attachments in emails from unknown senders as these types of links and attachments often contain harmful malware that may allow intruders to compromise your computer, laptop, tablet or smartphone.
  • Install antivirus software from a reputable source and always keep it up to date.
  • Periodically ensure the most current updates for your operating system and applications are installed on your device.

If you receive a fraudulent email that appears to be from First Republic, this does not mean that your email address, name and other information have been taken from First Republic systems. Please know: WE WILL NEVER EMAIL YOU AND REQUEST YOUR CONFIDENTIAL PERSONAL IDENTIFYING OR ACCOUNT INFORMATION, INCLUDING YOUR ONLINE CREDENTIALS, PIN, SECURE ACCESS CODE OR OTHER CONFIDENTIAL INFORMATION.