Tips to avoid a phishing scam
"We suspect an unauthorized transaction on your account. To ensure that
your account is not compromised, please click the link below and confirm your
identity."
"During our regular
verification of accounts, we couldn't
verify your information. Please click
here to update and verify your
information."
Have you received email with a similar message? It's a scam called
"phishing" - and it involves Internet fraudsters who send spam or pop-up
messages to lure personal information (credit card numbers, bank account
information, Social Security number, passwords, or other sensitive information)
from unsuspecting victims.
Phishers send an email or pop-up
message that claims to be from a
business or organization that you may
deal with - for example, an Internet
service provider (ISP), bank, online
payment service, or even a government
agency. The message may ask you to
"update," "validate," or "confirm" your
account information. Some phishing
emails threaten a dire consequence if
you don't respond. The messages direct
you to a website that looks just like a
legitimate organization's site. But it
isn't. It's a bogus site whose sole
purpose is to trick you into divulging
your personal information so the
operators can steal your identity and
run up bills or commit crimes in your
name.
We suggest these tips to help you avoid getting hooked by a phishing scam:
If you get an email or pop-up
message that asks for personal or
financial information, do not reply. And
don't click on the link in the message,
either. Legitimate companies don't ask
for this information via email. If you
are concerned about your account,
contact the organization mentioned in
the email using a telephone number you
know to be genuine, or open a new
Internet browser session and type in the
company's correct Web address yourself.
In any case, don't cut and paste the
link from the message into your Internet
browser - phishers can
make links look like they go to one
place, but that actually send you to a
different site.
Use anti-virus software and a
firewall, and keep them up to date.
Some phishing emails contain software
that can harm your computer or track
your activities on the Internet without
your knowledge.
Anti-virus software and a firewall
can protect you from inadvertently
accepting such unwanted files.
Anti-virus software scans incoming
communications for troublesome files.
Look for anti-virus software that
recognizes current viruses as well as
older ones; that can effectively reverse
the damage; and that updates
automatically.
A firewall helps make you invisible
on the Internet and blocks all
communications from unauthorized
sources. It's especially important to
run a firewall if you have a broadband
connection. Operating systems (like
Windows or Linux) or browsers (like
Internet Explorer or Netscape) also may
offer free software "patches" to close
holes in the system that hackers or
phishers could exploit.
Don't email personal or
financial information. Email is
not a secure method of transmitting
personal information. If you initiate a
transaction and want to provide your
personal or financial information
through an organization's website, look
for indicators that the site is secure,
like a lock icon on the browser's status
bar or a URL for a website that begins
"https:" (the "s" stands for "secure").
Unfortunately, no indicator is
foolproof; some phishers have forged
security icons.
Review credit card and bank
account statements as soon as you
receive them to check for
unauthorized charges. If your statement
is late by more than a couple of days,
call your credit card company or bank to
confirm your billing address and account
balances.
Be cautious about opening any
attachment or downloading any files from
emails you receive, regardless
of who sent them. These files can
contain viruses or other software that
can weaken your computer's security.
Forward spam that is phishing
for information.
Click the tab above that says "report
phishing email". The form will
automatically report your phishing email
to five government and private
organizations dedicated to preventing
phishing.
If you believe you've been
scammed, file your complaint at
ftc.gov, and then visit the
FTC's Identity Theft website at
www.consumer.gov/idtheft.
Victims of phishing can become victims
of identity theft. While you can't
entirely control whether you will become
a victim of identity theft, you can take
some steps to minimize your risk. If an
identity thief is opening credit
accounts in your name, these new
accounts are likely to show up on your
credit report. You may catch an incident
early if you order a free copy of your
credit report periodically from any of
the three major credit bureaus. See www.annualcreditreport.com
for details on ordering a free annual
credit report.
|
