| Phishing is the practice of sending | | | | been suspicious activity on your bank |
| fraudulent email messages supposedly from a | | | | account, or your credit card has been charged |
| legitimate company or organization in order | | | | by an undesirable web site. |
| to trick someone into giving out personal and | | | | |
| confidential information. This information | | | | The criminals who send out Phishing emails |
| could include a user ID, password, credit | | | | have taken their scam to a new level. Now |
| card number or even a Social Security number. | | | | people are getting Phishing messages that |
| At its most basic level, Phishing is a form | | | | offer a reward for responding to the message. |
| of identity theft. It is one of the fastest | | | | The newest Phishing scam is a message that |
| growing cyber crimes, and there are estimates | | | | states you ve won a gift card somewhere (JC |
| that 1 in 20 people who receive a Phishing | | | | Penney, Circuit City and The Sports Authority |
| email will respond to it with their personal | | | | have been recent ones), and you need to click |
| information. Since the criminals who send out | | | | the link in the email to provide the |
| these Phishing messages are good at what they | | | | information where the gift can be sent. Other |
| do, it's important to be able to recognize a | | | | Phishing emails offer free enrollment in a |
| Phishing email so you won't respond to their | | | | fraud protection program by clicking the link |
| request and become a victim of identity | | | | and providing the requested information. |
| theft. Here are a few signs that the message | | | | |
| you have received might just be a Phishing | | | | - The message states specifically "this is |
| expedition. | | | | not a scam". How does that saying go if it |
| | | | looks like a duck and quacks like a duck, it |
| - The email message is generic. Phishing | | | | probably is a duck. Legitimate messages don't |
| emails are sent out in bulk to thousands of | | | | need to state the obvious. |
| people, so you'll see a generic greeting like | | | | |
| 'Dear Valued Customer' and not directly | | | | - A request is made to verify your |
| addressed to you by name. | | | | information, and a link provided for you to |
| | | | do so. Phishing emails will use some tactic |
| - The message gives a false sense of urgency. | | | | in order to trick the recipient into |
| Phishing emails are developed and designed | | | | providing confidential information. This |
| specifically to push the recipient to | | | | request is often tied in with the false sense |
| immediate action. If there is no compelling | | | | of urgency created in the message. The link |
| reason to respond to the message, you won't. | | | | will take you to a very authentic looking |
| But if there is a fear of some kind of | | | | site and ask you to fill in certain personal |
| consequence for not providing the requested | | | | information. If you recognize you've made a |
| information you might just be motivated to | | | | mistake and you try to go back to a Phishing |
| act quickly. | | | | web site you probably won't find it. The |
| | | | average lifespan of a Phishing web site in |
| This fear, urgency or even panic created by a | | | | December 2004 was 6 days. |
| Phishing email begins right with the subject | | | | |
| line. Here are a few examples from actual | | | | The link that is included in the email |
| Phishing messages: | | | | message for you to click and provide |
| | | | information might look legitimate, but it |
| 'Online Alert: Online Account is Blocked' | | | | isn't. Often the criminals will create a web |
| | | | site that has almost the same name as the |
| 'Fraud Report' | | | | original web site. They might add the word |
| | | | "verify" or use some other word along with |
| 'Credit Card Declined Notice' | | | | the company name. You should never click a |
| | | | hyperlink in an email, especially if you |
| 'Unauthorized Account Access' | | | | don't know who sent it to you. |
| | | | |
| The text of the message builds upon the | | | | Knowledge can be power when it comes to |
| initial sense of urgency. A message may state | | | | protecting yourself from identity theft and |
| that your account will be closed within 24 | | | | Phishing scams. Be aware of the tricks a |
| hours if you don t verify your information. | | | | criminal might do to steal your information, |
| Sometimes the messages state that there has | | | | and don't fall prey to them. |