Respond • Recover • Prevent

What to Do If You Encounter a Scam

Clear, practical steps to protect yourself before and after phishing, fraud, or social engineering attempts.

Report a Scam Training
1) Pause
Don’t click, reply, or pay. Scammers rely on urgency.
2) Verify
Use official websites and known phone numbers — not the message.
3) Protect
Change passwords, enable MFA, and monitor accounts if exposed.
4) Report
Reporting helps others and can reduce losses if done quickly.

Email Phishing

Avoid it first — then what to do if it happened.
How to avoid it
  • Do not click links or download attachments from unexpected emails.
  • Check the sender’s address carefully — attackers spoof names.
  • Hover over links to inspect the destination URL.
  • Report suspicious emails to your IT team or email provider.
If you fell for it
Do these steps as soon as possible.
  • Immediately change any passwords you entered.
  • Enable multi-factor authentication (MFA).
  • Run a malware scan if an attachment was opened.
  • Notify your IT or security team.

SMS / Text Message Scams

Avoid it first — then what to do if it happened.
How to avoid it
  • Do not click links in unsolicited text messages.
  • Be suspicious of urgent delivery or account alerts.
  • Delete and block the sender.
If you fell for it
Do these steps as soon as possible.
  • Contact your bank if financial information was entered.
  • Change passwords associated with the message.
  • Report the message to your mobile carrier.

Phone Call Scams (Vishing)

Avoid it first — then what to do if it happened.
How to avoid it
  • Hang up on callers demanding immediate action.
  • Never share one-time passcodes or PINs.
  • Call organizations back using official phone numbers.
If you fell for it
Do these steps as soon as possible.
  • Contact your bank or credit card provider immediately.
  • Monitor accounts for unauthorized transactions.
  • Report the incident to the FTC or your local fraud authority.

Website & Social Media Scams

Avoid it first — then what to do if it happened.
How to avoid it
  • Verify website URLs carefully — look for misspellings.
  • Be cautious of login pages reached via links.
  • Avoid downloading files from unknown sites.
If you fell for it
Do these steps as soon as possible.
  • Change affected passwords immediately.
  • Log out of all sessions for compromised accounts.
  • Warn contacts if your account sent messages.

Romance & Relationship Scams

Avoid it first — then what to do if it happened.
How to avoid it
  • Be cautious of online relationships that escalate quickly.
  • Never send money, gift cards, or crypto to someone you have not met.
  • Watch for stories involving emergencies or restricted access.
If you fell for it
Do these steps as soon as possible.
  • Stop all communication immediately.
  • Contact your bank or payment provider.
  • Report the profile to the platform and local authorities.

Investment & Cryptocurrency Scams

Avoid it first — then what to do if it happened.
How to avoid it
  • Be skeptical of guaranteed or unusually high returns.
  • Avoid investment advice from social media or messaging apps.
  • Verify platforms through official regulators.
If you fell for it
Do these steps as soon as possible.
  • Cease all payments immediately.
  • Document all transactions and communications.
  • Report the scam to financial regulators or law enforcement.

Business & Vendor Fraud

Avoid it first — then what to do if it happened.
How to avoid it
  • Verify payment or banking changes via a second channel.
  • Be cautious of urgent executive or vendor requests.
  • Train staff to recognize Business Email Compromise (BEC).
If you fell for it
Do these steps as soon as possible.
  • Contact your bank immediately to stop or recall payments.
  • Notify internal leadership and security teams.
  • Preserve all emails and records for investigation.

Mail, Gift Card & Other Scams

Avoid it first — then what to do if it happened.
How to avoid it
  • Legitimate organizations do not demand gift card payments.
  • Be cautious of QR codes in public places.
  • Shred unsolicited documents requesting personal data.
If you fell for it
Do these steps as soon as possible.
  • Report gift card scams to the card issuer immediately.
  • Place fraud alerts with credit bureaus if identity data was shared.
  • Monitor credit reports and financial accounts.
Need help right now?
Report what you saw and we’ll help categorize it for others.
Report a Scam Scam Lookup