Protect Yourself from Phishing Schemes

Beyond the Numbers

Date: 
Monday, February 22, 2016
Posted by: 
The Communications Division

When identity thieves use the name of an official organization or business to try to deceive you into giving them your personal information online or on the phone, they’re “phishing” for your data.

Generally, legitimate organizations will not ask you to send your sensitive personal information, such as your Social Security number (SSN), through unsecure channels like email. It’s critical to remain vigilant and protect your and your family’s information to guard against identity theft. 

Phishing is very common—nearly all of us have been or will be targeted by these schemes.  Perpetrators will use emails, phone calls, and even text messages to try to learn your SSN, bank account numbers, and other information they can use to steal money from you or apply for credit in your name.

Sometimes, people will use Social Security’s good name to “phish” for information.  In recent years, we’ve received numerous reports of email messages that falsely claim to be from SSA in attempts to hook victims and obtain their personal information.

At first sight, a phishing email may appear to be an official communication from SSA, complete with SSA’s official logo. However, if you receive an email from SSA and have your suspicions about its validity, stop and look for a few telltale signs.

Know the Signs:  Logos, Grammar Errors, Persuasive Words, and Scare Tactics

A concerned citizen recently received this message and sent it to us for review. The message lists SSA as the sender, with the subject line, “Verify Your Personal Information with Social Security Administration.”

On first glance, it looks fine.  But if you look more closely, you might notice the text is oddly formatted, and random words are capitalized. The sender might have tried to mask these errors with an unlawful use of SSA’s seal (learn more about that here) to make the email look more official.

The sender then tries to frighten you by citing a “high incidence of rising issues of identity theft,” and a need for SSA to verify your personal details in its records in “preparation for the Coming 2016 Tax year.” The message even implies that if you verify your information, your Social Security benefits may increase. They say and do anything that might make you decide to “CLICK HERE” and fill in your SSN and other identifying information.

Social Security does not and would not do this. It’s a phishing attempt; please don’t take the bait, as the Inspector General warned in a recent fraud advisory.

Spread the Word:  FTC Webinar This Week

We work hard to prevent and combat Social Security fraud and SSN misuse, and part of our approach is public outreach to get the word out about these and other fraud schemes.

This week, we’re participating in an outreach event sponsored by the Federal Trade Commission (FTC). The FTC will host a special event with Members of Congress and their staffs on Thursday, February 25, titled Free Resources to Help Your Constituents Fight Scams and Fraud. The event will feature several Federal agency officials discussing fraud schemes that all citizens should be aware of, including Social Security-related phishing schemes.

Kelly Bloyer, Assistant Inspector General for Communications and Resource Management, will represent SSA and OIG at the event, which begins at 3 p.m. EST on Feb. 25.

If you receive a suspicious email, phone call, or other communication that appears to be from SSA, please report it to us at oig.ssa.gov/report.