Phishing is an attempt to fraudulently acquire sensitive information, such as passwords, account details, credit card details, etc. by masquerading as a trustworthy person or business. The victim is usually emailed a warning that there is a problem related to their account which requires them to follow a fraudulent link and provide specific confidential information.
This information is meant to teach you ways you can protect yourself from becoming a victim of phishing or identity theft.
- Be suspicious of any email with urgent requests for personal financial information unless the email is digitally signed (you can't be sure it wasn't forged or 'spoofed'). Phishers typically: (1)include upsetting or exciting (but false) statements in their emails to get people to react immediately; (2)ask for confidential information such as usernames, passwords, credit card numbers, social security numbers, account numbers, etc.; and (3)do not personalize the email message (while valid messages from your credit union should be).
- Don't use the links in an email to get to any web page if you suspect the message might not be authentic. Instead, call the company on the telephone, or log onto the website directly by typing in the Web address in your browser.
- Avoid filling out forms in email messages that ask for personal financial information. You should only communicate information such as credit card numbers or account information via a secure website or the telephone.
- Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser. To make sure you're on a secure Web server, check the beginning of the Web address in your browsers address bar - it should be "https://" rather than just http://
- Consider installing a Web browser tool bar to help protect you from known phishing fraud websites.
- Regularly log into your online accounts and don't wait for as long as a month before you check each account.
- Regularly check your financial institution, credit, and debit card statements to ensure that all transactions are legitimate. If anything is suspicious, contact your financial institution(s) and card issuers.
- Ensure that your browser is up to date and security patches applied.
- Always report "phishing" or "spoofed" e-mails to the following groups:
- forward the email to firstname.lastname@example.org;
- forward the email to the Federal Trade Commission at email@example.com;
- forward the email to the "abuse" email address at the company that is being spoofed;
- when forwarding spoofed messages, always include the entire original email with its original header information intact; and
- notify the Internet Fraud Complaint Center of the FBI by filing a complaint on their website: www.ifccfbi.gov/ .
Click here for valuable information on how to protect yourself if you think you may be a victim of identity theft or phishing.