What is Phishing?
Phishing is an Internet-based scam that uses spam emails or pop-up messages to trick people into disclosing sensitive information such as credit card numbers, bank account information, Social Security number or passwords. In many cases, people are sent to web sites that look like authentic, resembling well-known merchants, utilities and financial organizations. In some cases, the message asks you to call a phone number; often these are toll numbers that charge unsuspecting victims for the call.
Phishers rely on email and pop-up message that claims to be from a business or organization that you deal with. These messages claim to be a bank, an online payment center, a government agency or your Internet Service provider (ISP).
In most cases, the message requests that you “update” or “validate” your account information. It may indicate that your account is overdue, that your balance is overdrawn, or that there is suspicious activity. They will say anything to make you think you absolutely must click on the message or link.
If you do click, your browser will bring up a web site that looks like a legitimate organization’s site. Some sites are poorly duplicated, but others look exactly like the real organization they pretend to be. Once you arrive at that site, it will ask for account or other personal information that can then be used to take your money and your identity.
How to Avoid Phishing Scams
Do Not Click on the Links
If you get a message that claims it needs your information, do not be fooled. Legitimate organizations do not solicit personal information in this manner. If you suspect the message is from a real organization you use, go directly to their web site or call them on the phone, but do not use the links or phone numbers in the message.
Never Email Personal or Financial Information
Email is one of the least secure methods of sending information on the Internet. Even if you are not responding to a fraudulent message, when you e-mail vital information you are always taking a risk that it will be read by an unintended recipient.
Examine Websites Closely
Always check to see that the url matches the web site/ Look for indicators that your connection is secure (secure site urls start with https:// rather than http://). Even this information may not be enough to spot a fraud. Some phishers are very skilled at their scams.
Check your Accounts
Always review your credit card statements, bank statements and phone bills as soon as you receive them. Make sure there are no unauthorized charges. If you do find something suspicious, call the organization immediately. Tle longer you wait, the less likely you are to get your money back.
Be Careful with your Email
Use anti-virus software and firewalls to keep your computer safe. Some fishing emails contain viruses as well as scams. Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.
Forward suspicious e-mail to uce@ftc.gov, and complaints should be filed with the state attorney general’s office or through the FTC at www.ftc.gov.