HomeAbout UsOnline ServicesProducts & ServicesConsumer Alerts  
   
 

Home Page » Consumer Alerts » Consumer Advice: How to Avoid Phishing Scams

Consumer Advice: How to Avoid Phishing Scams

The number and sophistication of phishing scams sent out to consumers is continuing to increase dramatically. While online banking and e-commerce is very safe, as a general rule you should be careful about giving out your personal financial information over the Internet. The Anti-Phishing Working Group has compiled a list of recommendations below that you can use to avoid becoming a victim of these scams.

Be suspicious of any email with urgent requests for personal financial information

Unless the email is digitally signed, you can't be sure it wasn't forged or 'spoofed'.  Phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately.  They typically ask for information such as usernames, passwords, credit card numbers, social security numbers, etc.  Phisher emails are typically NOT personalized, while valid messages from your bank or e-commerce company generally are

Don't use the links in an email to get to any web page, if you suspect the message might not be authentic

Call the company on the telephone, or log onto the website directly by typing in the Web address in your browser.

Avoid filling out forms in email messages that ask for personal financial information

You should only communicate information such as credit card numbers or account information via a secure website or the telephone.

Always ensure that you're using a secure website when submitting credit card or other sensitive information

To make sure you're on a secure Web server, check the beginning of the Web address in your browsers address bar - it should be "https://" rather than just "http://".

Consider installing a Web browser tool bar with "scam blocker" to help protect you from known phishing fraud websites

These are often available from your Internet Service Provider, such as AOL, Yahoo, Earthlink, etc.

Regularly log into your online accounts

Don't leave it for as long as a month before you check each account.

Regularly check your credit union, credit and debit card satements to ensure that all transactions are legitimate

If anything is suspicious, contact us and all card issuers.

Ensure that your browser is up to date and security patches applied

In particular, people who use the Microsoft Internet Explorer browser should immediately go to the Microsoft Security home page -- http://www.microsoft.com/security -- to download a special patch relating to certain phishing schemes.

Always report "phishing" or “spoofed” e-mails to the following groups:

  • Forward the email to reportphishing@antiphishing.com
  • Forward the email to the Federal Trade Commission at spam@uce.gov
  • Forward the email to the "abuse" email address at the company that is being spoofed (e.g. "spoof@ebay.com")
  • When forwarding spoofed messages, always include the entire original email with its original header information intact
  • Notify the Internet Fraud Complaint Center of the FBI by filing a report on the IC3 Website.

For more information, check some of the following sources:

For more information about how to protect yourself, see "Identity Theft: What to do if It Happens to You" at http://www.privacyrights.org/fs/fs17a.htm.

The Federal Trade Commission

Read the information and tips put out by the Federal Trade Commission about phishing at http://www.ftc.gov/phishing.  The Federal Trade Commission also as a very informative consumer information page:  http://ftc.gov/bcp/consumer.shtm.

Top
 
   
Home Privacy Statement/Security Disclosures Fee Schedule