Estimate Time6 min

4 ways to stop scammers and identity thieves

Key takeaways

  • Just like buckling your seatbelt whenever you drive, it makes sense to take some regular precautions in navigating the digital world.
  • Even if you feel confident in your ability to spot a scam, it's important to stay vigilant against phishing attempts in your daily life.
  • Increasingly, your phone service has become a master key to accessing your digital information. So take steps to protect and monitor it.
  • Stay up to date with the latest levels of protection available on your accounts and devices.

Recent reports suggest a worrisome uptick in scams targeting customers of financial institutions. The latest versions start with a communication that seems to come from your own bank, credit union, or even Fidelity.

The scammers will make up a story, often starting with communicating over text message.

These text messages are branded to appear real and designed to engage with you, such as asking, "Do you recognize this transaction?" or "Can you confirm this payment?" They try to entice you to respond with a "yes" or a "no," or with clicking on a link, which gives the scammers a hook to engage you with a sophisticated fraud in which they impersonate Fidelity or your bank representative.

Then, they will try to trick you into providing your password, security code, account details, or personal information.

Image shows a phone with an example of the type of message scammers may try to use to impersonate a financial institution.
For illustration only.

The following clues may help alert you that you've received a scam communication:

  • Any communication that is unexpected, particularly if it tries to get you to take action.
  • Jumbled, misspelled, or unusual links or words.

To help safeguard your identity and accounts, if you get an unsolicited text message or phone call:

  • Do not click on the link, reply to the text, or answer the call.
  • Do not provide or "confirm" any of your personally identifying information.
  • Never read back a security passcode (unless you have initiated the service call to a company's official phone number).

If you believe the message may be legitimate, contact the company through an official channel, such as a phone number listed on its website. Do not rely on a phone number provided by search-engine results. (Make sure you have the correct Fidelity phone numbers.)

Here are 4 more steps to protect against scams and identity theft.

1. Stay vigilant against phishing

Phishing is a technique criminals may use to try to trick you into giving them your personal information—information that they may then use to try to steal your identity. They often do this by impersonating a company or institution, and then asking you to click on a link, open an attachment, or to "confirm" your date of birth, Social Security number, or account credentials.

Even if you feel confident in your ability to spot a scam, it's important to stay vigilant in your daily life, especially as phishing attempts have become more convincing with the use of artificial intelligence (AI). Most phishing attempts are carried out by email, text message, or phone. Here are several warning signs that should raise suspicion:

Warning signs of phishing attempts

  • Communication requesting personal information or a security passcode.
  • Unusual communication (that may sound legitimate) claiming to be from a company you have a relationship with.
  • Communication from an unfamiliar email address or phone number.
  • Phone calls, emails, or texts that claim to be from the IRS.
  • Prompts to download software to give someone else access to your device—purportedly so they can help remove malicious software.
  • Communication that tries to get you to "act now," such as by saying you've won a freebie, offering a deal that sounds too good to be true, or claiming to be from someone who needs help.

Remember that phishers may use urgent-sounding language to try to get you to click on a link or attachment right away—before you have time to think it through. To create this sense of urgency, they might claim that something very good has happened (like you've won some money), or that something very bad has happened (like you're in debt with the IRS). Be suspicious anytime you receive an unexpected text, call, or email that makes such claims. And be aware that convincing-looking images or text in a communication can be generated with AI, to give a fraudulent communication an appearance of legitimacy.

Here's how you can protect yourself, particularly if you've received a suspicious or unexpected communication:

Protecting yourself against phishing attempts

  • Stop communication with the phisher immediately.
  • Hang up the phone, or ignore the suspicious email or text.
  • Do not click on any links or download any attachments.
  • Do not provide or "confirm" any of your personally identifying information.
  • If you think the communication could be a legitimate request from a company you do business with, hang up and then call the company directly.
  • Never grant remote access to your computer or read back a security passcode (unless you have initiated the service call to a company's official phone number).

2. Protect your phone service

Think of how protective you are with something like your Social Security number. You know that if a criminal were to obtain it, they might be able to take out a credit card in your name, obtain your tax refund, or even worse.

Increasingly, your cell phone account is becoming something you need to protect just as diligently. If criminals can gain access to your phone calls and text messages, they can potentially steal one-time passcodes and break into your accounts.

For example, one way they may do so is with "SIM swapping." (A SIM card is a small plastic card that stores identifying information on your cell phone, and that allows you to make and receive calls.) With this scam, a fraudster may call your cell phone provider pretending to be you, saying that you have a new SIM card to activate. If the scammer already has some of your personal information (like the last 4 digits of your Social Security number, your date of birth, or your password for your mobile provider account), they might be able to convince the cell phone carrier that they are you and get your phone number reassigned to their SIM card.

Here are several warning signs not to ignore:

Warning signs that your phone has been compromised

  • You stop receiving phone calls and text messages.
  • Your phone says "no service" or "emergency calls only."
  • Restarting your phone does not restore service.
  • You receive emails from your cell phone provider about changes to your account.
Fidelity Viewpoints

Sign up for Fidelity Viewpoints weekly email for our latest insights.


If you notice any of these warning signs, contact your provider right away to see if your account has been compromised. You can also take some proactive steps to help better protect your cell account:

Protecting your cell phone against hackers

  • Set up online access for your mobile account, if you haven't already.
  • Secure your account by setting up a PIN and, when available, multi-factor authentication (which might include push authentication or use of authenticator apps).
  • If you believe your PIN or password has been compromised, reset it.
  • Ask your cell provider about additional ways to secure your account.

3. Strengthen your account security

Many companies, including Fidelity, go to great lengths to safeguard customers' information and accounts, and are continually working to build new and enhanced layers of protection.

You can help reinforce those safeguards by being cautious with your passwords, opting in for new security measures, and making sure the companies you work with know how to reach you if they ever need to.

Here are some proactive steps you can take to strengthen security for your accounts:

Protecting your financial and other accounts

  • Set up online access for your accounts. Use a unique, long password or passphrase for each account and change it if you believe it's been compromised.
  • Make sure your institutions have up-to-date phone and email contact information for you.
  • Sign up for multi-factor authentication, when available.
  • Enroll in eDelivery to reduce the risk of theft of paper documents that can contain sensitive information.
  • Sign up for automated alerts of suspicious account activity, when available.
  • Regularly monitor your accounts.

Fidelity offers a number of security features that customers should be aware of. For example, we offer additional login security with multi-factor authentication. Customers can also use money transfer lockdown to block electronic money movement out of their accounts, if they believe or know they have recently been a victim of fraud or identity theft. Enrolling in Fidelity MyVoice® means that when you call Fidelity, you no longer have to enter a PIN or password, and your identity is instead verified using your voiceprint.1

Fidelity customers can visit the Security CenterLog In Required  to learn more about our security features and to complete actions from a security checklist.

4. Secure your devices

Finally, any device you use that's connected to the internet can become an avenue for cybercriminals to attack. Hackers may get in through newly discovered security gaps in these devices and systems. From there, they may also be able to record your keystrokes, access your personal information, or even break into your accounts.

Here are some measures you can take to help secure your devices:

Protecting your devices from hackers

  • Change all default passwords that come with your devices.
  • Apply operating system and application patches as soon as they are released.
  • Only download apps from an approved vendor app store. Don't download apps, games, or software from companies you don't know.
  • Run antivirus and personal firewall software.
  • Avoid conducting financial or other sensitive transactions, including money movement, online shopping, or checking email or social-media accounts, using shared devices or unsecure networks.
  • Avoid public Wi-Fi unless you are taking steps to encrypt and protect your activity, such as by using a personal virtual private network (VPN).

In conclusion

Protecting your information and online accounts can help avoid the hassle and heartache of identity theft and fraud.

In addition to the proactive measures mentioned above, consider also regularly monitoring your credit reports for any suspicious activity, such as profile changes, transaction attempts, or unfamiliar activity. Freezing your credit may be another line of defense to consider, as this prevents lenders from accessing your credit report and so can stop fraudsters from taking out credit in your name.

If you believe you have been a victim of identity theft, a scam, or a cybercrime, there are government resources that may help you.

Is your contact information up to date?

To make sure we can send you important notifications, double-check your mobile phone and email.

More to explore

1. A voiceprint is a combination of your physical and behavioral voice patterns. Like a fingerprint, it's unique to you.

Fidelity does not provide legal or tax advice. The information herein is general and educational in nature and should not be considered legal or tax advice. Tax laws and regulations are complex and subject to change, which can materially impact investment results. Fidelity cannot guarantee that the information herein is accurate, complete, or timely. Fidelity makes no warranties with regard to such information or results obtained by its use, and disclaims any liability arising out of your use of, or any tax position taken in reliance on, such information. Consult an attorney or tax professional regarding your specific situation.

The third-party trademarks and service marks appearing herein are the property of their respective owners.

Fidelity Brokerage Services LLC, Member NYSE, SIPC, 900 Salem Street, Smithfield, RI 02917

917554.9.0