When internet fraudsters impersonate a business to trick you into giving out your personal information, it’s called phishing. Don’t reply to email, text, or pop-up messages that ask for your personal or financial information. Don’t click on links within them either – even if the message seems to be from an organization you trust. It isn’t. Legitimate businesses don’t ask you to send sensitive information through insecure channels.
Phishing e-mail Case Study:
You open an email or text and see this message:
“We suspect that your account has unauthorized transactions. To ensure that your account is not compromised, please click on the link below and confirm your identity.
“While we periodically verified our account, we were unable to verify your information, please click here to update and verify your information.”
“Our records indicate that your account is overpaying.You must call us within 7 days to receive a refund.”
The sender will fish your information so they can use it for fraud.
How to deal with phishing fraud
- Delete emails and text messages asking you to confirm or provide personal information (credit card and bank account numbers, social security numbers, passwords, etc.). Legitimate companies do not request this information via email or text.
- This information may come from the organization in which you do business – for example, a bank. If you do not respond, they may be threatening to close your account or take other actions.
- Do not reply, do not click the link or phone number provided in the email. This information leads you to malicious sites that appear to be real but whose purpose is to steal your information so that the crooks can track bills or commit crimes in their own name.
- Area code will be misleading. Some crooks require you to call a phone number to update your account or to access a “refund.” However, the area code does not guarantee that the caller is local.
If you are concerned about your account or need to contact an organization with whom you do business, dial the phone number on the financial statement or the phone number on the back of your credit card.
You can take steps to avoid phishing attacks:
- Use trusted security software and set it to automatically update. In addition, use these computer security measures.
- Do not email personal or financial information. E-mail is not a secure way to transfer personal information.
- If you enter your own URL, you can only provide personal or financial information through the organization’s website, and you see that the website is a safe signal, such as a URL that begins with https (“s” stands for Security). Unfortunately, no indicator is foolproof. Some anglers forged security icons.
- Upon receipt of the credit card and bank account statements, it checks for unauthorized charges. If your statement is a few days late, please call to confirm your billing address and account balance.
- Regardless of who is sending the mail, be careful when opening the attachment and downloading the file from the email. These files may contain viruses or other malware that may impair the security of your computer.
- Report fishing emails
Forward phishing emails to firstname.lastname@example.org – as well as companies, banks or organizations posing as e-mails. You can also report phishing mail at email@example.com. Anti-Phishing Working Group (ISP), security vendors, financial institutions and law enforcement agencies use these reports to combat phishing.
If you could be tricked by phishing mail:
- Submit a report to the Federal Trade Commission at www.ftc.gov/complaint.
- Visit the FTC identity theft website. Phishing victims can become victims of identity theft; there are some steps you can take to keep your risks to a minimum.
Common Online Scams
Refer to Avoid On-line Scams http://www.onguardonline.gov/topics/avoid-scams
This article is part of a series from OnGuard On-line.gov: Common Online Scams from OnGuard On-Line.gov
- Work-at-Home Scams
- Weight Loss Claims
- Lotteries and Sweepstakes Scams
- Fake Check Scams
- Imposter Scams
- Mystery Shopper Scams
- Bogus Apartment Rentals
- Miracle Cures
- Debt Relief Scams
- Pay-in-Advance Credit Offers
- Investment Schemes
- The “Nigerian” Email Scam
- Online Dating Scams
- Money Transfer Scams
- Tech Support Scams
Scammers use email, online ads, pop ups, and search results to trick you into sending them money and personal information. One way to outsmart them? Use your email’s spam filter to screen the email you get. Then forward any email that seems suspicious to firstname.lastname@example.org. You also might want to read our Phishing article.
Protect Your Kids Online
Protect your family from On-Guard Online Website http://www.onguardonline.gov
Information for parents about video game ratings and parental controls
Warning signs that someone may have misused your child’s personal information and what you can do about it
Information about parents’ rights under the Children’s Online Privacy Protection Act (COPPA)
Tips for chatting with kids about being online
Tips for parents whose teens use social networks
Tips for parents about how to prevent or stop cyberbullying
Tips for parents whose kids use mobile phones
Tips for talking to your kids about texting on their phones
Kids and Computer Security – Tips for talking to kids about computer security practices, phishing, P2P file-sharing and apps
Parental Controls – Parental control options for parents who want to monitor or limit their kids’ online activity
Young Kids – Tips for talking to young kids about being online
Teens- Tips for talking to teens about being online
Tweens – Tips for talking to tweens about being online
Kids and Virtual Worlds – Tips for parents whose kids may be accessing online worlds intended for adults