Scammers and bad actors are always looking for ways to get personal info with malicious intent. Know how to recognize legitimate AOL websites, requests, and communications to keep your account secure.
AOL websites
If you're on an AOL website, the URL contains “aol.com". Another indication that the site is secure is the presence of the lock icon 
in the address bar.
AOL requests
We never ask for personal info, such as credit card numbers or passwords, in emails. However, from time to time, we'll ask you to update your recovery info after signing in. You'll also get a notification titled “Your AOL account information has changed” if any info in your account settings are updated.
What AOL communications look like
• Viewing from web-based email - Emails from AOL will include icons that will indicate it is either Official mail or Certified mail, depending on the type of email you received.
• Viewing from 3rd-party apps - The AOL icons won't appear in apps, even if the email is truly from us. Check the sender's email address without opening the email by mousing over the sender's name in your Inbox.
Reasons you'll receive notifications
• Someone responded to a conversation you participated in, on an AOL article.
• A comment you posted in an AOL article received at least one response or thumbs-up.
• There's important activity related to your account, such as password changes or expiration of a credit card you use to pay for any AOL services.
Best practices to keep yourself safe
Best practices
• Don't enable the "use less secure apps" feature.
• Don't reply to any SMS request asking for a verification code.
• Don't respond to unsolicited emails or requests to send money.
• Pay attention to the types of data you're authorizing access to, especially in third-party apps.
• Don't use internet search engines to find AOL contact info, as they may lead you to malicious websites and support scams. Always go directly to AOL Help Central for legitimate AOL customer support.
• Never click suspicious-looking links. Hover over hyperlinks with your cursor to preview the destination URL. Sometimes a hyperlink can be displayed as an AOL link in an email when in fact the destination URL is to a malicious domain.
• Be careful when authorizing an app to access your account or when providing any third-party access to your account info. Applications officially supported by AOL go through an industry-standard vetting process that offers a clear, obvious authentication known as OAuth 2.0.
What to watch out for
• Spoofing - used by spammers to make an email or website appear as if it's from someone you trust.
• Phishing - an attempt by scammers to pose as a legitimate company or individual to steal someone's personal information, usernames, passwords, or other account information.
• Fake email addresses - Malicious actors sometimes send from email addresses made to look like an official email address but in fact is missing a letter(s), misspelled, replaces a letter with a lookalike number (e.g. “O” and “0”), or originates from free email services that would not be used for official communications.
If you think your account has been compromised
• Change your AOL account password.
• Update or change your AOL account information.
• Contact your financial institution if you provided financial details.