Click here to view government information on phishing.
Phishing attacks involve the mass distribution of “spoofed” e-mail messages with return addresses, links and branding, which appear to come from banks, insurance agencies, retailers or credit card companies. These fraudulent messages are designed to fool the recipients into divulging personal authentication data such as account usernames and passwords, credit card numbers, Social Security numbers, etc.
Because these e-mails look “official,” up to 5% of recipients may respond to them, resulting in financial losses, identity theft and other fraudulent activity.
To avoid getting caught by one of these scams, the FTC, the nation's consumer protection agency, offers this guidance:
“If you get an email that warns you, with little or no notice that an account of yours will be shut down unless you reconfirm your billing information, do not reply or click on the link in the e-mail. Instead, contact the company cited in the e-mail using a telephone number or Web site address you know to be genuine.”
“Avoid e-mailing personal and financial information. Before submitting financial information through a Web site, look for the “lock” icon on the browser's status bar. It signals that your information is secure during transmission.”
“Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.”
“Report suspicious activity to the FTC. Send the actual spam to email@example.com. If you believe you've been scammed, visit www.ftc.gov to file your complaint and learn how to minimize your risk of damage from identity theft.”