Beware
of Email
Phishing

Don't Take the Bait.

Criminals Use Fake Emails to Phish for Your Information.

What is Phishing?

Online fraud and identity theft are on the rise, and cyber criminals may try to steal your personal information by tricking you to click on a fake email that looks legitimate. Phishing emails often ask for personal information to gain access to your financial assets, to place malicious code into your computer or to steal your identity. It's never a good idea to respond to emails with personal information like account numbers, passwords, credit card information or Social Security numbers.

Criminals design these messages to trick you, so they may look like real messages from companies you trust, but with fake web links, phone numbers, and attachments. This method of email fraud is called phishing. Avoid clicking any links or opening attachments from emails you are not expecting.

Phishing Facts

  • Phishing scams can appear as emails from brands you trust
  • 94%
    of malware that infects computers is delivered by email1
  • Users reported nearly
    9.2
    million
    suspicious emails in 2019, a 67% increase over 20182
  • 59%
    of phishing attacks in the Americas relate to finance3
  1. 2019 Verizon Data Breach Investigation Report
  2. 2020 Proofpoint State of the Phish Annual Report
  3. NTT Security - Global Threat Intelligence Report 2018

How to Identify a Phishing Email.

  • Poor spelling or grammar
  • Generic or non-personal greetings
  • Requests personal information (passwords, financial information, etc.)
  • Unusual or unnecessary sense of urgency
  • Offers that are too good to be true
  • Emails that instruct you to transfer money or to change wire instructions

What to Do if You Receive a Phishing Email.

If one of these suspicious emails should arrive in your inbox, here are some steps you can take to protect yourself.

  • Never Click a Link Without Checking: Hover your mouse over the text of the link without clicking to verify the true destination of the link. The true link address will be displayed in the lower right corner of your browser.
  • Keep Your Systems Updated: Be sure to keep your operating systems, browsers, email software, virus protection and apps updated with the latest versions. These updates will often contain fixes for certain vulnerabilities that fraudsters may try to exploit.
  • Be Careful With Attachments: If you are not confident that the sender is legitimate and the attachment is secure, call the sender through an independently verified telephone number and confirm they actually sent the email.
  • Report Suspicious Emails: Most email software (Microsoft Outlook, Gmail, and others) have functions that allow you to report suspicious emails and provide details of the email. You can also report any fraud attempt to the Federal Trade Commission (FTC).

Do not click links in or reply to suspicious emails. Call the supposed sender through an independently verified telephone number and delete the fishy email.

Report Suspicious Email.

It might be difficult to tell whether an email is truly from a company you trust or just looks like an authentic communication. If you receive a suspicious email that appears to be sent from First American, please forward the message as an attachment to phishing.abuse@firstam.com, and we can help you verify it.

Please follow the steps below, and our security experts will investigate. These steps may take a few extra minutes but your help reporting phishing emails protects everyone.

How to Forward Your Suspected Email.

To enable our investigation, we need to receive the suspicious email as an attachment. For your convenience, we've included some instructions from some common email providers. You can also find the most current instructions from your email provider's support center.

  1. Select the email you want to forward, then go to the Home tab.
  2. In the Respond group, select More Respond Actions. In Outlook 2010, select More.
  3. Select Forward as Attachment.
  4. In the To text box, enter phishing.abuse@firstam.com
  5. You may enter the Subject as "Potential Phishing Email" or a different Subject of your choosing.
  6. Do not include any sensitive personal information in the email body.
  7. Click Send.
  1. In Gmail, select the email you want report.
  2. Click the More icon and then click Forward as attachment.
  3. In the To text box, enter phishing.abuse@firstam.com
  4. You may enter the Subject as "Potential Phishing Email" or a different Subject of your choosing.
  5. Do not include any sensitive personal information in the email body.
  6. Click Send.