Consumer Advice: How to Avoid Phishing Scams
The number and sophistication of phishing scams sent out to consumers is continuing to increase dramatically. While online banking and e-commerce is very safe, as a general rule you should be careful about giving out your personal financial information over the Internet. The Anti-Phishing Working Group has compiled a list of recommendations below that you can use to avoid becoming a victim of these scams.
Be suspicious of any email with urgent requests for personal financial information
Unless the email is digitally signed, you can’t be sure it wasn’t forged or ‘spoofed’. Phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately. They typically ask for information such as usernames, passwords, credit card numbers, social security numbers, etc. Phisher emails are typically NOT personalized, while valid messages from your bank or e-commerce company generally are
Don’t use the links in an email to get to any web page, if you suspect the message might not be authentic
Call the company on the telephone, or log onto the website directly by typing in the Web address in your browser.
Avoid filling out forms in email messages that ask for personal financial information
You should only communicate information such as credit card numbers or account information via a secure website or the telephone.
Always ensure that you’re using a secure website when submitting credit card or other sensitive information
To make sure you’re on a secure Web server, check the beginning of the Web address in your browsers address bar – it should be “https://” rather than just “http://”.
Consider installing a Web browser tool bar with “scam blocker” to help protect you from known phishing fraud websites
These are often available from your Internet Service Provider, such as AOL, Yahoo, Earthlink, etc.
Regularly log into your online accounts
Don’t leave it for as long as a month before you check each account.
Regularly check your credit union, credit and debit card satements to ensure that all transactions are legitimate
If anything is suspicious, contact us and all card issuers.
Always report “phishing” or “spoofed” e-mails to the following groups:
- Forward the email to firstname.lastname@example.org
- Forward the email to the Federal Trade Commission at email@example.com
- Forward the email to the “abuse” email address at the company that is being spoofed (e.g. “firstname.lastname@example.org”)
- When forwarding spoofed messages, always include the entire original email with its original header information intact
- Notify the Internet Fraud Complaint Center of the FBI by filing a report on the IC3 Website.
For more information, check some of the following sources:
For more information about how to protect yourself, see “Identity Theft: What to do if It Happens to You”
The Federal Trade Commission
Read the information and tips put out by the Federal Trade Commission about phishing at http://www.ftc.gov/phishing. The Federal Trade Commission also as a very informative consumer information page: http://ftc.gov/bcp/consumer.shtm.