What Are Phishing Sites and How Do I Avoid Them?

What is Phishing?

Phishing is a clever term to define an identity theft technique that closely resembles fishing, unscrupulous and clever con artists trolling bait in front of a wide pool of potential victims and seeing who will bite.  And according to the 2 in every 10 times, These "Phiserman" are looking for a wide variety of personal information and carefully craft spurious emails or phone calls (less common) which might lead the unsuspecting to disclose this information.:

  • Full Name
  • Address
  • Telephone Number
  • Email Address
  • Date of Birth
  • Mother's Maiden Name
  • Social Security Number
  • Username
  • Passwords
  • Pin Numbers
  • Credit Card Number
  • Credit Card Expiration Date
  • Credit Card Verification Number

How Does Phishing Work?

Classic Phishing emails will pose as a bank, ebay, paypal, even the government, and tell you they need confirmation of your account number, passcode, social security number etc. Phishing emails will claim there has been an error on your account, that your taxes have been filed incorrectly, or that you are not in compliance of with the Patriot Act, to name a few. These emails will then re-direct you to a site that looks just like the institution they are posing as.  Be aware, that both the email and the website link can be fake, even though the site that comes up my look exactly like your own Bank-of-the-Scammed website you are used to. The following websites supply more information about identified Phishing schemes if you think you may have already been victimized or wish to know what to look for.
www.antiphishing.org
www.secretservice.org
www.irs.gov

Another type of Phishing email is the one that asks for help in accessing or inheriting money, often of foreign origination, where the unsuspecting might buy into not understanding the legal rules. Remember, no one in Africa, India, China etc. needs your help to access their long lost fortune.  They only need your help to access yours. If you are concerned about the possible truthfulness of an email or forward that falls in this category of Phishing, www.truthorfiction.com has details about most of the prevalent emails, and their comparative veracity.

How Can I Avoid Being Victimized?

The number of Phishing emails in circulation increases exponentially every day. However, thanks to public awareness campaigns and the growing savvy of consumers, increasingly few are falling for them. But the number still remains high enough to make it a lucrative business for the ethically challenged.  According to the Federal Trade Commission, 2 of every 10 "Phishermen" are successful.  Here are some tips to keep yourself from being one of their victims.

  • Be aware that banks and other financial institutions will never, ever request personal information from you via email.
  • Be aware that the IRS does not EVER communicate via email.  If you think are suspicious about an email claiming to be from the IRS, call 1-877-777-4778 or visit the above IRS website
  • Be aware that solicitors, via internet or phone never need to obtain your personal information in a way that cannot be submitted to them in writing or thru normal channels.
  • If you are still concerned an email might be a valid information request, call your company directly and ask them if they really do need an information change, and conduct that business over a secure phone line.
  • Never click on links in an email to contact a financial institution.  If you need to do business online, always type in the URL yourself.
  • http(s) indicates a secure or encrypted website, after you have typed in the URL yourself, look for the (s) on the website.  In addition, a small lock symbol on the lower right hand corner of your screen also indicates an encrypted session.
  • Never enter your credit card information online without making sure the institution has an online identity protection policy.  Never send credit card, bank account or social security information via email or any other hackable entity.
  • When you receive emails that have the possibility of being valid, check the URL and IP address of the email sender to see if it matches with the known address of the bank or sender that could be being spoofed.
  • Delete emails asking for personal or account information immediately
  • Never reply to a Phishing email, even to question it. If you have not initiated the contact, do not respond.
Install and update your antivirus and antispyware software regularly. Update your browser and use a personal firewall.