Phishing attacks use both 'spoofed' e-mails and technical subterfuge to steal consumers' personal identity data and financial account credentials. Phishing schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant so-called ‘crimeware’ onto PCs to steal credentials directly, often using Trojan keylogger spyware.

WHAT CAN I DO TO AVOID BECOMING A VICTIM OF PHISHING?

These are some precautions that you can use to avoid becoming a victim of these scams.

• Be suspicious of any email with urgent requests for personal financial information. Phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately. They typically ask for information such as usernames, passwords, credit card numbers, social security numbers, etc. Phisher emails are typically NOT personalized, while valid messages from your bank or e-commerce company generally are.
• Don't use the links in an email to get to any web page, if you suspect the message might not be authentic, instead call the company on the telephone, or log on to the website directly by typing in the Web address in your browser.
• Avoid filling out forms in email messages that ask for personal financial information; you should only communicate information such as credit card numbers or account information via a secure website or the telephone.
• Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser. To make sure you're on a secure Web server, check the beginning of the Web address in your browser’s address bar - it should be "https://" rather than just "http://"
• Consider installing a Web browser tool bar to help protect you from known phishing fraud websites. EarthLink ScamBlocker is part of a free browser’s toolbar that alerts you before you visit a page that's on Earthlink's list of known fraudulent phisher Web sites. It’s free to all Internet users - download at www.earthlink.net/earthlinktoolbar
• Regularly log into your online accounts; don't leave it for as long as a month before you check each account. Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate. If anything is suspicious, contact your bank and all card issuers. Ensure that your browser is up to date and security patches applied; in particular, people who use the Microsoft Internet Explorer browser should immediately go to the Microsoft Security home page -- www.microsoft.com/security/ -- to download a special patch relating to certain phishing schemes.

Please click here to return to the list of contents