How to Spot and Avoid Phishing Scams

Protecting yourself from digital scams

We have seen an increase in spoofing and phishing attempts targeting the financial and insurance industry. As these scams become more sophisticated and convincing across all industries, we want to provide you with important information about how you can protect yourself from these digital threats.

These scammers don't just reach out directly − they also set traps by creating fake websites and listing fraudulent phone numbers that appear to belong to legitimate companies, including GEICO. When you search online for our contact information, you might find these fake numbers and unknowingly call scammers who will impersonate our employees. Always verify you're using official contact information by visiting GEICO.com, use our mobile app, or call +1-800-207-7847.

Understanding spoofing and phishing

Spoofing occurs when scammers disguise themselves by manipulating email addresses, sender names, phone numbers, or website URLs − often changing just one letter, symbol or number to trick you into thinking you're interacting with a trusted source. They might make an email appear to be from a person, bank or company you know, including GEICO.

Phishing schemes use these spoofing techniques as bait. Criminals create messages that look legitimate to steal sensitive information like passwords, credit card numbers and account details. They often create fake websites that mirror real ones, making you think you're logging into your GEICO account when you're actually giving your credentials to scammers.

Common attack methods

Email deception

Scammers craft emails that appear to come from legitimate sources, including GEICO. They manipulate sender addresses and create urgency about account problems or security issues. These messages pressure you to click links leading to fake websites designed to steal your login information. Never click links in unexpected emails. Instead, go directly to GEICO.com, use our mobile app, or call +1-800-207-7847.

Text message scams

Criminals send text messages appearing to be from legitimate companies or government agencies you do business with, including GEICO. They could also be delivery services or banks. They use shortened links to hide malicious websites and create urgent scenarios requiring immediate action. Never click links in unexpected text messages. Instead, go directly to GEICO.com, use our mobile app, or call +1-800-207-7847. GEICO will only send you text messages that bring you directly to our official website, GEICO.com.

Phone call fraud

Scammers spoof caller ID to make calls appear legitimate. They might pose as a GEICO employee or technical support, creating urgent scenarios that require immediate payment or personal information. Remember that GEICO won't text or call unexpectedly asking for sensitive details. When in doubt, hang up and call GEICO directly at +1-800-207-7847, navigate to GEICO.com, or use our mobile app.

Protection strategies

Keep your accounts secure by enabling 2-Step Verification (2SV) and use a unique password for your GEICO account; don’t reuse passwords across websites. 2SV is an extra layer of security designed to protect your GEICO account by preventing unauthorized access even if someone has access to your password. After you enroll, you will be asked to provide additional verification through either your phone number or email that will help ensure you are the only user accessing your account each time you log in to GEICO.com or our mobile app.

Never click links in unexpected messages − type GEICO.com manually in your browser to access our official website, or simply use our mobile app instead.

Before downloading attachments or entering information online, verify the sender's identity and website authenticity. Look carefully at email addresses and URLs for slight misspellings or changes that could indicate spoofing.

If you are targeted

Don't interact with suspicious messages. Take screenshots and report them to:

Information current as of January 2025