Phone and Phishing Scams

Every year there are students and employees that are (or almost are) frauded by phone or phishing scams. These scams can be easy to fall for if you dont know what to look for. Here are some tips.

Phone Scams

If you get a call from someone you don’t know who is trying to sell you something you hadn’t planned to buy, say "No thanks." And, if they pressure you about giving up personal information — like your credit card or Social Security number — it’s likely a scam. Hang up and report it to the Federal Trade Commission.

Often, scammers who operate by phone don’t want to give you time to think about their pitch; they just want you to say "yes." But some are so cunning that, even if you ask for more information, they seem happy to comply. They may direct you to a website or otherwise send information featuring “satisfied customers.” These customers, known as shills, are likely as fake as their praise for the company.

Here are a few red flags to help you spot telemarketing scams. If you hear a line that sounds like this, say "no, thank you," hang up, and file a complaint with the FTC:

  • You've been specially selected (for this offer).
  • You'll get a free bonus if you buy our product.
  • You've won one of five valuable prizes.
  • You've won big money in a foreign lottery.
  • This investment is low risk and provides a higher return than you can get anywhere else.
  • You have to make up your mind right away.
  • You trust me, right?
  • You don't need to check our company with anyone.
  • We'll just put the shipping and handling charges on your credit card.

IRS Fraud

The IRS does not initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information. This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.

If you receive an email that you feel is fraudulent, do not open any attachments or respond in any way. Visit the following websites to find out what steps you can take:  

How to Handle Unexpected Calls

Questions to Ask

When you get a call from a telemarketer, ask yourself:

  • Who’s calling…and why? The law says telemarketers must tell you it’s a sales call, the name of the seller and what they’re selling before they make their pitch. If you don’t hear this information, say “no thanks,” and get off the phone.
  • What’s the hurry? Fast talkers who use high pressure tactics could be hiding something. Take your time. Most legitimate businesses will give you time and written information about an offer before asking you to commit to a purchase.
  • If it’s free, why are they asking me to pay? Question fees you need to pay to redeem a prize or gift. Free is free. If you have to pay, it's a purchase — not a prize or a gift.
  • Why am I “confirming” my account information — or giving it out? Some callers have your billing information before they call you. They’re trying to get you to say “okay” so they can claim you approved a charge.
  • What time is it? The law allows telemarketers to call only between 8 am and 9 pm. A seller calling earlier or later is ignoring the law.
  • Do I want more calls like this one? If you don’t want a business to call you again, say so and register your phone number on the National Do Not Call Registry. If they call back, they’re breaking the law.

Some Additional Guidelines

  • Resist pressure to make a decision immediately.
  • Keep your credit card, checking account, or Social Security numbers to yourself. Don't tell them to callers you don't know — even if they ask you to “confirm” this information. That's a trick.
  • Don’t pay for something just because you’ll get a “free gift.”
  • Get all information in writing before you agree to buy.
  • Check out a charity before you give. Ask how much of your donation actually goes to the charity. Ask the caller to send you written informa­tion so you can make an informed decision without being pressured, rushed, or guilted into it.
  • If the offer is an investment, check with your state securities regulator to see if the offer — and the offeror — are properly registered.
  • Don’t send cash by messenger, overnight mail, or money transfer. If you use cash or a money transfer — rather than a credit card — you may lose your right to dispute fraudulent charges. The money will be gone.
  • Don’t agree to any offer for which you have to pay a “registration” or “shipping” fee to get a prize or a gift.
  • Research offers with your consumer protection agency or state Attorney General’s office before you agree to send money.
  • Beware of offers to “help” you recover money you have already lost. Callers that say they are law enforcement officers who will help you get your money back “for a fee” are scammers.
  • Report any caller who is rude or abusive, even if you already sent them money. They'll want more. Call 1-877-FTC-HELP or visit

Phishing Scams

When internet fraudsters impersonate a business to trick you into giving out your personal information, it’s called phishing. Don't reply to email, text, or pop-up messages that ask for your personal or financial information. Don’t click on links within them either – even if the message seems to be from an organization you trust. It isn’t. Legitimate businesses don’t ask you to send sensitive information through insecure channels.

Examples of Phishing Messages

You open an email or text, and see a message like this:

"We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."

"During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."

“Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”

The senders are phishing for your information so they can use it to commit fraud.

How to Deal with Phishing Scams

Delete email and text messages that ask you to confirm or provide personal information (credit card and bank account numbers, Social Security numbers, passwords, etc.). Legitimate companies don't ask for this information via email or text.

The messages may appear to be from organizations you do business with – banks, for example. They might threaten to close your account or take other action if you don’t respond.

Don’t reply, and don’t click on links or call phone numbers provided in the message, either. These messages direct you to spoof sites – sites that look real but whose purpose is to steal your information so a scammer can run up bills or commit crimes in your name.

Area codes can mislead, too. Some scammers ask you to call a phone number to update your account or access a "refund." But a local area code doesn’t guarantee that the caller is local.

If you’re concerned about your account or need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card.

Action Steps

You can take steps to avoid a phishing attack:

  • Use trusted security software and set it to update automatically.
  • Don't email personal or financial information. Email is not a secure method of transmitting personal information.
  • Only provide personal or financial information through an organization's website if you typed in the web address yourself and you see signals that the site is secure, like a URL that begins https (the "s" stands for secure). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
  • Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call to confirm your billing address and account balances.
  • Be cautious about opening attachments and downloading files from emails, regardless of who sent them. These files can contain viruses or other malware that can weaken your computer's security.

If you might have been tricked by a phishing email:

  • File a report with the Federal Trade Commission at
  • Visit the FTC’s Identity Theft website. Victims of phishing could become victims of identity theft; there are steps you can take to minimize your risk.
  • Report the incident to your local Police Department.

Most of the information on this page was obtained from the FTC website.




585 East Pleasant Street
Amherst, MA 01003-9600
413-545-2121 non-emergency
413-545-3111 emergency or 911
413-545-3113 fax


Call 413-577-TIPS (8477) or use our Anonymous Witness Form.