Have you ever received an e-mail asking you to provide, verify, or update personal information? Maybe the e-mail came from an unknown source, so you disregarded it Wise move' But even if the e-mail appears to be from a company you do business with, you could still be the victim of a phishing scam.
So what exactly is phishing?
According to www.webopedia.com, phishing is defined as the act of sending an e-mail to a user falsely claiming to be an established, legitimate enterprise in an attempt to trick the user into surrendering personal or private information. The e-mail typically directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, Social Security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the users information.
Phishing attacks are becoming more and more sophisticated. In fact, many of todays phishing scams appear perfectly legitimate. For example, a popular phishing technique is for criminals to send an e-mail that appears to be coming from eBay or PayPal, asking for verification of account information. Because eBay and PayPal accounts are very common, many people have fallen victim and had their identities stolen. According to the Gartner Group, victims of phishing attacks are three times more likely to suffer some form of identity theft than the general population.
Tips to Avoid Trouble
So how can you protect yourself? It takes a keen eye and overall diligence to detect dishonest activities in your e-mail and over the Web. Here are some tips that can help:
- Never disclose personal information such as account numbers, Social Security numbers, etc., in an e-mail. Your vendors already have this information and will not try to confirm it via e-mail.
- Do not click on embedded links in an unsolicited or unexpected e-mail. Just as you would not enter a strangers home without some information, you should not enter a strange link or e-mail.
- If an e-mail from a supposedly legitimate source is filled with spelling and grammatical errors, be very cautious! Criminals generally aren't known for their writing ability, and this could be a sign you're dealing with one.
- If an e-mail contains a generic salutation, such as Dear client, this may indicate that the sender doesnt really know you.
- Whenever you submit credit card or other sensitive information via your Web browser, make sure you're using a secure Web site. To do this, check the beginning of the Web address in your browsers address bar- it should be https:// rather than just http:// .
- Regularly log into your online accounts and check your bank, credit, and debit card statements to ensure that all transactions are legitimate.
What Should You Do If You Think Youre a Target?
If you receive a suspicious e-mail in your home account, you can report it to any or all of the following sources:
Anti-Phishing Working Group- firstname.lastname@example.org
The Federal Trade Commission- email@example.com
The FBis Internet Fraud Complaint Center- http://www.ic3.gov/
The spoofe-mail address at the company that is being impersonated - for example, firstname.lastname@example.org