What is phishing?
Phishing is the act of sending an e-mail to a user falsely claiming to be a legitimate enterprise in an attempt to scam the user into surrendering private information that could be used for identity theft.
According to the Federal Trade Commission, phishers send e-mails or pop-up messages that claim to be from a business or organization, for example, an Internet Service Provider, a bank, an online payment service or even a government agency. The message may ask you to update, validate or confirm your account information. Some phishing emails even threaten dire consequences if you don’t respond. The messages often direct you to a Website that appears to be a legitimate organization’s site – However, it is not. It is a bogus site, whose sole purpose is to catch you off guard and to trick you into divulging your personal information, so operators can steal your identity and run up bills or commit crimes in your name.
According to the APWG (Anti-Phishing Work Group), in the first quarter of 2014, there were a reported 125,125 observed phishing attacks. The group reported that the number and diversity of targets continues to increase especially in the United States.
Remember these tips:
If you get an e-mail or a pop-up message that asks for personal or financial information, do not reply or click on any links in the message. Legitimate companies do not ask for this information via e-mail. If you are concerned about your account, contact the organization in the e-mail by using a telephone number you know or open a new Internet browser session and type in the company’s correct Web address yourself. DO NOT cut and paste the link from the message into your Internet browser – phishers can make links look real, but it actually sends you to a different site.
Use anti-virus software and a firewall and keep them up-to-date. Some phishing e-mails contain software that can harm your computer or track your activities on the Internet without your knowledge.
What if you believe you’ve been a victim of a scam?
File a complaint at www.ftc.gov, and then visit the FTC’s Identity Theft Website at www.ftc.gov/idtheft.