“Phishing” is a term used to describe a criminal attempt to solicit your sensitive personal information, usually electronically via email. While phishing schemes are not new, con artists continue to invent new ways to trick consumers into handing over sensitive information.
In a typical “phishing” scheme, consumers receive an email purportedly from their email service provider or a financial service provider, such as a bank or credit card company, or even a government agency. The email tells the consumer that there is a problem with his or her account. The supposed problem can range from an unauthorized use of the account, to repeated attempts to change passwords or a notification that the account activity is being audited. Regardless of the reason given, the consumer is instructed to verify that she is the account owner by responding with identifying information such as name, address, date of birth, email username and password, bank account number, PIN number or Social Security number.
- No legitimate company will ever send you an unsolicited email asking for your personal information.
- If you get an email or pop-up message that asks for personal or financial information, do not reply. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct web address yourself.
- Contact your email service provider or financial service provider directly using the customer service number on your account statement or the number given on the provider’s website to verify that the information in the original email was, or was not, legitimate.
- Do not give sensitive information in response to an unsolicited request for it.
- Immediately delete all suspicious emails, and never open email attachments or click on links from unknown sources.
- Use anti-virus and anti-spyware software, as well as a firewall, and update them regularly.
- Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.