Phishing (pronounced "Fishing") is an online method con artists use to get your sensitive information for
identity theft
purposes.
Identity thieves use many different phishing tactics to get you to reveal personal information to them. These include e-mail and websites that appear to be from a well-known, trusted company such as your bank, a credit card company, charity, or e-commerce online shopping or auction website.
Phishers want to trick you into providing personal information such as:
Name and username
Password or PIN
Debit/ATM or credit card number
Security codes on credit cards such as credit validation code (CVC), the code that credit card companies use to authorize charges (example: Visa, MasterCard, and Discover use a three-digit number on the back and American Express uses a four-digit number on the front of the card), or card verification value (CVV).
Address and phone number
Social security number (or just the last four digits)
Bank account number
Identity theft criminals use this information to do the following:
Empty your bank account
Max out your credit cards
Apply for and get new credit in your name
Get medical procedures done in your name so you are billed
Use a copy of your debit card to withdraw cash from your checking account at ATMs everywhere
Unfortunately, it is very difficult for the average person to tell if a message is fraudulent because phishing attacks have gotten very sophisticated. This is why these phishing schemes are so common and lucrative for criminals.
How to Detect Phishing Fraud
Be on the lookout for:
Urgent wording--Phishing e-mail messages attempt to create a sense of urgency to get you to respond without thinking. They usually want you to respond to the message or click on a link that is included. Fake e-mail messages are usually NOT personalized, whereas valid communication from your bank or e-commerce company generally are.
Request for sensitive personal information in an e-mail message. Be extremely suspicious of any message that asks for personal information even if it looks legitimate because most reputable businesses have a policy that they do not ask you for that type of information through e-mail.
Fake links--It's always best to type the URL or website address into your browser because these phishers often create misleading links.
Masked links--Beware of URLs that include the @ sign or uses a slightly altered spelling or mispelling of a well-known company.
Attachments--Phishing schemes often ask you to open attachments in e-mails. These attachments can infect your computer with a virus or spyware. Never open attachments in suspicious e-mail messages.
Phone calls--Some criminals attempt to obtain your personal and financial information through the phone rather than online. Be wary of calls where the caller requests personal and financial information, even if it seems that the call is from a trusted source. Caller ID information can now be altered to display a name that appears to be legitimate.
"If it's too good to be true, it probably is"--as the old saying goes, so use common sense and be suspicious when you are offered extremely large sums of money or discounts.
Stop. Look. Call.
The Department of Justice recommends following three simple rules when you see emails or websites that may be part of a phishing scheme:
Stop. Phishers typically include upsetting or exciting (but false) statements in their emails with one purpose in mind. They want people to react immediately to that false information, by clicking on the link and inputting the requested data before they take time to think through what they are doing.
Resist that impulse to click immediately. No matter how upsetting or exciting the statements in the email may be, there is always enough time to check out the information more closely.
Look. Look more closely at the claims made in the email, think about whether those claims make sense, and be highly suspicious if the email asks for numerous items of your personal information such as account numbers, usernames, or passwords.
For example:
If the email indicates that it comes from a bank or other financial institution where you have a bank or credit card account, but tells you that you have to enter your account information again, that makes no sense.
Legitimate banks and financial institutions already have their customers' account numbers in their records. Even if the email says a customer's account is being terminated, the real bank or financial institution will still have that customer's account number and identifying information.
If the email says that you have won a prize or are entitled to receive some special "deal," but asks for financial or personal data, there is good reason to be highly suspicious. Legitimate companies that want to give you a real prize don’t ask you for extensive amounts of personal and financial information before you're entitled to receive it.
Call. If the email or Web site purports to be from a legitimate company or financial institution, call or email that company directly and ask whether the email or Web site is really from that company. To be sure that you are contacting the real company or institution where you have accounts, credit card accountholders can call the toll-free customer numbers on the backs of your cards, and bank customers can call the telephone numbers on your bank statements.
Con artists have been around forever and now they prey on unsuspecting people by using the internet through deceptive e-mail messages and websites. Protect yourself and your loved ones from phishing schemes by learning their techniques and how to spot them.
3-in-1 Bureau Credit Report with 3 Credit Scores
Daily Surveillance of the Internet's "Financial Black Market", "Back Alley" Chat Rooms and News Groups: patented scanning technology helps ensure that your important financial information is not being compromised or swapped by identity thieves
3-Bureau Credit Profile Monitoring: we monitor your credit files from the top 3 bureaus to deliver email or text message alerts of activities you may find suspicious
Personal Public Record Report & Monitoring: up-to-date summary of public information about you compiled from thousands of data sources
Application Monitoring: daily scanning for applications fraudulently submitted in your name, including credit, retail, cell phones, mortgages and loans
Unlimited Toll-free Personal Customer Service: our specially trained Identity Theft Specialists are standing by to answer any questions you may have
Up to $20,000 in Identity Theft insurance at no additional charge (after $250 deductible)
