You might receive an email from your creditor to inform you that your account has been attacked by hackers. This email will then direct you to a page asking you to enter your password or other personal information in order to confirm your identity.
Oftentimes this link will be to a fake site (typically denoted by a url beginning with “http://” in place of “https://” for a secured site as a real creditor would have). The scammer will thus trick you into divulging you information so that they can login to your account.
If you receive one of these emails, never act without first consulting your creditor or bank personally.