Do Not Get Caught in the Phish Trap
In the real world, you wouldn't reveal private financial information to anyone who asks. Don't do it online either. Here's how to avoid becoming a victim:
1.DO NOT respond to these e-mail requests. If you have questions, call the company and talk to a customer service representative. (Don't use the phone number in the e-mail--it too, could be fake.)
2.Never transmit sensitive information in an e-mail.
3.If you want to check or update your account information, do it by going directly to the company website. Type the website address into your web browser. Remember, DO NOT click on a link in an e-mail message or copy and paste it into your browser's address bar.
4.Whenever you transmit sensitive data online, make sure the website is secure. Look for a closed lock icon on your web browser. Also, the web address will begin with https. (Notice the "s,"short for "secure.")
5.If you receive a suspicious message, file a complaint by e-mailing the Federal Trade Commission or contacting the Anti-Phising Working Group .
Get Off the HookIf you think you've been caught off-guard, don't feel embarrassed, take action immediately by doing the following:
1.Check your financial accounts to see if there's been unauthorized access.
2.If there is, report it immediately to the company in question, such as PayPal, eBay, the credit card issuer or bank.
3.Close your account and open a new one.
4.If you suspect that your identity has been stolen, file a police report and make a report with credit bureaus like Equifax.
5.For more detailed information and action, visit IdentityTheft.org and PrivacyRights.org .
Finally, you may wonder why this deceptive scheme is called phishing. As every angler knows, you need bait to catch a fish. In the electronic ocean of information, an e-mail message becomes the bait. Since hackers commonly substitute "ph" for "f," phishing is the practice of luring personal data with phony e-mail.
Last update: Jan 19, 2010
