Phishing is a type of fraud designed to steal your
identity. Social-engineering schemes use 'spoofed' e-mails to lead
consumers to counterfeit websites designed to trick recipients into
divulging financial data such as credit card numbers, account usernames,
passwords and social security numbers. Hijacking brand names of
banks, e-retailers and credit card companies, phishers often convince
recipients to respond.
The number and sophistication of phishing scams
is continuing to increase dramatically. While online banking and
e-commerce is very safe, as a general rule you should be careful
about giving out your personal financial information over the Internet.
Here is a list of recommendations that you can use to avoid becoming
a victim of these scams.
- Be suspicious of any email with urgent requests for personal
- unless the email is digitally signed, you can't be sure
it wasn't forged or 'spoofed'
- phishers typically include upsetting or exciting (but false)
statements in their emails to get people to react immediately
- they typically ask for information such as usernames, passwords,
credit card numbers, social security numbers, etc.
- phisher emails are typically NOT personalized, while valid
messages from your bank or e-commerce company generally are
- Don't use the links in an email to get to any web page, if
you suspect the message might not be authentic
- instead, call the company on the telephone, or log onto
the website directly by typing in the Web adress in your browser
- Avoid filling out forms in email messages that ask for personal
o you should only communicate information such as credit card
numbers or account information via a secure website or the telephone
- Always ensure that you're using a secure website when submitting
credit card or other sensitive information via your Web browser
- to make sure you're on a secure Web server, check the beginning
of the Web address in your browsers address bar - it should
be "https://" rather than just "http://"
- Regularly log into your online accounts
- don't leave it for as long as a month before you check
- Regularly check your bank, credit and debit card satements
to ensure that all transactions are legitimate
- if anything is suspicious, contact your bank and all card
- Ensure that your browser is up to date and security patches
- in particular, people who use the Microsoft Internet Explorer
browser should immediately go to the Microsoft Security home
page -- http://www.microsoft.com/security/ -- to download
a special patch relating to certain phishing schemes
For more information, check some of the following sources:
antiphishing.org - Anti-Phishing
- Tech compared and reviewed
- Credit Report