If you suspect that an email or text you receive is a scam or phishing attempt:

Take a deep breath.

In most cases, it’s perfectly safe to open a scam email or text. Modern mail apps, like Gmail, detect and block any code or malware from running when you open an email. The key is not to click links or download any attachments.

Don’t download any attachments.

Attachments may contain malware such as viruses, worms or spyware.

Don’t click links that appear in the message.

Links in phishing messages direct you to fraudulent websites.

Do not reply to the sender.

Ignore any requests from the sender and do not call any phone numbers provided in the message.

Report the scam.

Help fight scammers by reporting them. Forward suspected phishing emails to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726). Then, report the phishing attack to the FTC at ftc.gov/complaint.

If you receive a phone call that seems to be a phishing attempt:

Hang up or end the call.

Be aware that area codes can be misleading. If your Caller ID displays a local area code, this does not guarantee that the caller is local.

Do not respond to the caller’s requests.

Financial institutions and legitimate companies will never call you to request your personal information. Never give personal information to the incoming caller.

If you feel you’ve been the victim of a scam, contact your bank immediately.

Banks can usually be reached at their publicly listed customer service number. Often, this is found on the back of your bank card. Be sure to include any relevant details, such as whether the suspicious caller attempted to impersonate your bank and whether any personal or financial information was provided to the suspicious caller.