What would you do if you received e-mail from your bank asking you to access its website and update your account information? The message looks authentic--it's even got the bank's logo. If you're smart, don't do it! In all likelihood, this seemingly innocent request is really from a cyberthief looking to steal your personal--and valuable--financial information.
This unscrupulous practice, known as phishing, is a high-tech way to lure you into revealing your bank accounts, passwords, credit card numbers, PIN codes and other sensitive data. Armed with this private information, your identity and then your money, can be stolen.
How It Works
Phishers target you by sending e-mail messages that appear legitimate from well-known companies such as PayPal, eBay, Citibank, and AOL . Take a look at this message:
Even though it resembles a message that could have been sent from PayPal, including the e-mail header, there's one crucial difference: The link doesn't go to Paypal's site. It links to a phony site controlled by criminals. Look at the web address highlighted below. It spoofs Paypal's address, but in reality, it has nothing to do with it.
Once you enter the requested information--these brazen thieves ask for everything from your credit card number to your driver's license and your mother's maiden name--they can access all yours accounts and rob you blind. The same scam can be used with any financial site, no matter how real it looks.
According to the Anti-Phising Working Group, up to 5% of recipients respond to these bogus messages.
By the way, did you notice how the message claims that updating your account will help you avoid future problems. Sneaky, huh? And don't be fooled by the threat to terminate your account if you fail to reply by a certain date. This is just another way to trick you into responding quickly.