This is a placeholder Slider.

How to Avoid Phishing Scams

The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user's information.

The number and sophistication of phishing scams sent out to consumers is continuing to increase dramatically. While online banking and e-commerce is very safe, as a general rule you should be careful about giving out your personal financial information over the Internet. The Anti-Phishing Working Group has compiled a list of recommendations below that you can use to avoid becoming a victim of these scams.

  • Be suspicious of any email with urgent requests for personal financial in formation

    ♦ Unless the email is digitally signed, you can’t be sure it wasn’t forged or ‘spoofed’
    ♦ Phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately
    ♦ They typically ask for information such as usernames, passwords, credit card numbers, social security numbers, etc.
    ♦ Phisher emails are typically NOT personalized, while valid messages from your bank or e-commerce company generally are

    Don’t use the links in an email to get to any web page, if you suspect the message might not be authentic
    instead, call the company on the telephone, or log onto the website directly by typing in the Web adress in your browser.


    Avoid filling out forms in email messages that ask for personal financial information
    ♦ You should only communicate information such as credit card numbers or account information via a secure website or the telephone

    Always ensure that you’re using a secure website when submitting credit card or other sensitive information via your Web browser
    ♦ To make sure you’re on a secure Web server, check the beginning of the Web address in your browsers address bar – it should be “https://” rather than just “http://”

    Consider installing a Web browser tool bar to help protect you from known phishing fraud websites

    Regularly log into your online accounts
    ♦ Don’t leave it for as long as a month before you check each account

    Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate
    ♦ If anything is suspicious, contact your bank and all card issuers

    Ensure that your browser is up to date and security patches applied
    ♦ In particular, people who use the Microsoft Internet Explorer browser should immediately go to the Microsoft Security home page — http://www.microsoft.com/security/ — to download a special patch relating to certain phishing schemes

    Always report “phishing” or “spoofed” e-mails to the following groups:
    ♦ Forward the email to the Federal Trade Commission at spam@uce.gov
    ♦ Forward the email to the “abuse” email address at the company that is being spoofed (e.g. “spoof@ebay.com”)
    ♦ When forwarding spoofed messages, always include the entire original email with its original header information intact
    ♦ Notify the Internet Fraud Complaint Center of the FBI by filing a complaint on their website: www.ifccfbi.gov/

back to our Newsroom



Untitled Document