Have you ever gotten an email that just doesn’t look right? You had a “gut feeling” that something was suspicious.
This practice of tricking (or baiting) is called PHISHING.
Phishing is when a scammer uses fraudulent emails or texts, or copycat websites from your Internet service provider, your bank, your college/university to spoof and trick you to get you to share valuable personal information – such as account numbers, Social Security numbers, or your login IDs and passwords and other account updates. Scammers use your information to steal your money or your identity or both. The perpetrators then use this private information to commit identity theft.
Phishing scammers lure their targets into a false sense of security by spoofing the familiar, trusted logos of established, legitimate companies. Or they pretend to be a friend or family member.
One type of phishing attempt is an email message stating that you are receiving it due to fraudulent activity on your account, and asking you to “click here” to verify your information.
Businesses are particularly at risk since gaining access to a business network system through an employee’s email can lead to identify theft and easy access to confidential records and billing information.
Below are some tips from Beacon Mutual Insurance to help avoid phishing scams:
- Be especially cautious! Watch for emails that come from unrecognized senders who ask you to confirm personal or financial information over the Internet or make urgent requests for this information.
- Communicate personal information only over the phone or on secure web sites.When conducting online transactions, look for a sign that the site is secure such as a lock icon on the browser’s status bar or an “https” URL where the “s” stands for “secure” rather than the standard “http” website address.
- Do not click links, download files, or open attachments in emails from unknown senders. It is best to open attachments only when you are expecting them and know what they contain, even if you know the sender.
- Never email personal or financial information, even if you are close with the recipient. You never know who may gain access to your email account, or to the person’s account to whom you are emailing.
- Beware of links in an email that ask for personal information, even if the email appears to come from an organization with whom you do business. Phishing websites often copy the entire look of a legitimate website, making it appear authentic. To be safe, call the organization first to see if they really sent that email to you. Businesses should not request personal information to be sent by email.
- Beware of pop-ups! Never enter personal information in a pop-up window. Do not click links in a pop-up window, and do not copy web addresses from a pop-up window into your browser. Legitimate organizations should never ask you to submit personal information in pop-up windows, therefore, do not enter personal information.
- Protect your computer with a firewall, spam filters, anti-virus and anti-spyware software. Do some research to ensure that you have the most up-to-date software, and update it regularly to ensure that you are blocking new viruses and spyware.
- Check your online accounts and bank statements regularly. This helps ensure that no unauthorized transactions have been made.
What to do if you believe that you are the victim of an internet scam?
- Victim of an identity theft, Report to the FTC at 1877-FTC-HELP (1-877-382-4357; TTY: 1866-653-4261
- If you received spam, forward to FTC: spam@uce.gov, as well as reportphishing@antiphishing.org.
- Victim of an internet crime, report to the FBI at Internet Crime Complaint Center (IC3).