While sipping your morning coffee, you check your inbox. Then, you see it: Important: There’s a problem with your checking account. It’s an email from Flagstar, or at least it claims to be. You open the message and see an urgent request to verify your information. Click this button quickly before things get worse. Hurry! What are you waiting for? The sky is falling!
Fortunately, something about the email smells fishy—or even phishy—so you look closer. Yep, it’s a scam. You’re not clicking anything. Way to go, you!
It used to be easy to tell if an email was fake, but criminals are getting better at sending official-looking content. To protect yourself and your finances, follow these tips for spotting fake emails, whether they appear to be from Flagstar or another business.
Tips for spotting scam emails
It’s important to take care of the little things when it comes to identity protection.
- Typos and poorly written sentences. Scammers in other countries may not know the nuances of American English. It’s a red flag if the email is worded strangely, the language is more formal than usual, or the company’s name is spelled wrong.
- Blurry logos and pictures. These are also red flags. With a quick search, scammers can download any company’s logo, but it takes a professional designer’s touch to make the graphics and photos look crisp.
- Urgency. An email that pressures you to act now before something terrible happens is usually a trick. Scammers play to your emotions because they want you to act, not think.
- Close-but-no-cigar URLs. Hover over buttons and links to view the URL. The word or words that appear before .com, .org, or .edu should match what you would type into a browser for that company. For example, Flagstar’s URLs should include flagstar.com, not flagstarbank.com or officialflagstar.com or even falgstar.com.
- From who? Changing the From line in an email is easy. Scammers who are slightly more tech-savvy can set up an email address that contains the business name or is the business name with a few letters transposed. For example, a Flagstar email looks like this: [email protected]. If you see info@flagstar_account.com or [email protected], you’ve spotted a fake.
- Request for personal information. Flagstar will never ask for your username or password, and we won’t ask for your account number or personal information via email.
What to do if you receive a fake Flagstar email
- Do not click on links or buttons or open attachments.
- Do not reply to suspicious emails.
- Forward the email to [email protected].
- If you’ve already clicked on a link, call us at 888-248-6423. You can also email the Federal Trade Commission at reportfraud.ftc.gov.
The FTC website offers more advice on what to do if you’ve been scammed. If the scam includes identity theft, the FTC has another website for building a recovery plan.