Phishing is a general term for e-mails, text messages and websites fabricated and sent by criminals and designed to look like they come from well-known and trusted businesses, financial institutions and government agencies in an attempt to collect personal, financial and sensitive information. It’s also known as brand spoofing.
Look for these characteristics:
- The content of a phishing e-mail or text message is intended to trigger a quick reaction from you. It can use upsetting or exciting information, demand an urgent response or employe a false pretense or statement. Phishing messages are normally not personalized.
- Typically, phishing messages will ask you to “update”, “validate”, or “confirm” your account information or face dire consequences. They might even ask you to make a phone call.
- Often, the message or website includes official-looking logos and other identifying information taken directly from legitimate websites. Government, financial institutions and online payment services are common targets of brand spoofing.
Some frequently used phrases:
- E-mail Money Transfer Alert: Please verify this payment information below…
- It has come to our attention that your online banking profile needs to be updated as part of our continuous efforts to protect your account and reduce instances of fraud…
- Dear Online Account Holder, Access To Your Account Is Currently Unavailable…
- Important Service Announcement from…, You have 1 unread Security Message!
- We regret to inform you that we had to lock your bank account access. Call (telephone number) to restore your bank account.
There are things you can do to help prevent phishing:
- Be suspicious of any e-mail or text message containing urgent requests for personal or financial information (financial institutions and credit card companies normally will not use e-mail to confirm an existing client’s information).
- Contact the organization by using a telephone number from a credible source such as a phone book or a bill.
- Never e-mail personal or financial information.
- Avoid embedded links in an e-mail claiming to bring you to a secure site.
- Get in the habit of looking at a website’s address line and verify if it displays something different from the address mentioned in the email.
- Regularly update your computer protection with anti-virus software, spyware filters, e-mail filters and firewall programs.
- A number of legitimate companies and financial institutions that have been targeted by phishing schemes have published contact information for reporting possible phishing e-mails as well as online notices about how their customers can recognize and protect themselves from phishing.
- Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate.