What is Phishing?
Phishing is an attempt by fraudsters, often posing as a trusted company or individual, to steal your personal and financial information through e-mail, text messages (SMiShing), or phone calls (vishing).
How to Avoid a Phish
Fraudsters often “spoof” their email addresses, text links and phone numbers so they appear to come from a trusted source, when in reality that is not the case. Be wary of unexpected emails and text messages, even those that appear to come from PNC, asking you to follow links and/or provide personal information. While PNC may occasionally ask you to reply to a text message, we will never ask you to click a link from a text.
Text messages and emails containing certain red flags should alert recipients to a possible phishing or SMiShing attack, including:
- Grammatical errors
- Offering fantastic prizes
- Creating a sense of urgency
- Requesting personally identifiable information (PII)
- Requesting user IDs and passwords
- Threatening with consequences
- Making demands
If you suspect you have received a suspicious text message, take precautions to avoid a phish:
- Do not respond to suspicious text message before confirming it is from a trusted source.
- Do not click links in a suspicious phish.
- Do not respond to a text message requesting personal or financial information like credit card numbers, Social Security numbers or other banking information.
- Do not call a phone number contained in a suspected phish. Go directly to a known source of information for contact information, such as the company’s legitimate website.
How to Protect Your Accounts
If you suspect that your personal information may have been exposed, take these important steps, then be on high alert for signs of identity theft and phishing.
- Review your financial statements and online transaction activity. If you notice unauthorized activity on your account, contact us immediately at 888-PNC-Bank (888-762-2265) or stop by your local branch. Representatives are available Monday through Friday from 7:00 a.m. until 10:00 p.m. ET and Saturday and Sunday from 8:00 a.m. until 5:00 p.m. ET. Please contact your local branch for hours of operation.
- Check your credit report. You can request one free copy of your credit report every 12 months from each of the three credit bureaus at www.annualcreditreport.com. Consider spreading out your reviews, checking one report every four months. Make sure that all the information on your report is accurate. If there is any suspicious activity, contact the credit bureau.
- Place a fraud alert on your credit profile, which prompts potential lenders to contact you directly for authorization prior to opening new accounts in your name. A fraud alert placed with one credit bureau will automatically extend to the other two bureaus, and remains active for one year.
- Consider placing a security freeze on your credit profile. A security freeze blocks all inquiries into your credit report, and must be removed prior to applying for new credit accounts. As of September 21, 2018, there is no charge to add or remove a security freeze. Unlike fraud alerts, a security freeze placed with one credit bureau will not extend to the other two bureaus, and must be activated with each bureau individually.
- Set up PNC Alerts to Your Accounts. Monitor your account by setting up PNC Alerts to be notified by email or text message regarding certain activity on your PNC accounts, including:
- Receive notification of your balances and important activity.
- Know when your direct deposit has arrived.
- Get notification when overdrafts have occurred.
- Monitor your card transactions such as online, phone or international purchases.
Take Action If a Phishing Email or Text Message Appears To Be From PNC
If you suspect you've received a fraudulent email that appears to be from PNC, forward the message via email to PNC Abuse (firstname.lastname@example.org). If you suspect you’ve received a fraudulent text message that appears to be from PNC, take a screen shot of the text message on your mobile phone and forward it to PNC Abuse (email@example.com).