Phishing is a scam where Internet fraudsters send spam or pop-up messages to lure unsuspecting victims into providing passphrases, personal, and/or financial information. To avoid getting hooked:
For general information about phishing, see: What are phishing scams and how can I avoid them?
“We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.”
“During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”
“Your e-mail (or passphrase) will expire soon. To avoid any interruption please click the link below and upgrade your email.”
Have you received email with a similar message? It’s a scam called “phishing” — and it involves Internet fraudsters who send spam or pop-up messages to lure personal information (credit card numbers, bank account information, Social Security number, passwords, or other sensitive information) from unsuspecting victims.
According to OnGuard Online, phishers send an email or pop-up message that claims to be from a business or organization that you may deal with — for example, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message may ask you to “update,” “validate,” or “confirm” your account information. Some phishing emails threaten a dire consequence if you don’t respond. The messages direct you to a website that looks just like a legitimate organization’s site. But it isn’t. It’s a bogus site whose sole purpose is to trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.
We suggest these tips to help you avoid getting hooked by a phishing scam:
This depends — mostly on how much information you accidentally provided to the phishers.
In addition to reporting the phishing scam, this guide should help:
|I accidentally sent…||You should…|
|My email/username & password/passphrase||Change your password/passphrase immediately.If you’re using a free provider (Gmail, Hotmail, etc) and you find an increasingly and uncontrollable amount of spam, you may wish to change your email address as well.|
|Personal information, such as:||While there’s no way to “unsend” the email, many of these pieces of information are changeable (especially credit card numbers). Contact the appropriate organization or financial institution. You should also report this as identity theft.Please note: the theft of a credit card (or credit card number) alone does not constitute identity theft (as determined by the FTC). You should, however, promptly call the financial institution and have the number changed. You can also work out any erroneous charges on your account.Also, technically, yes — your address is changeable, if you move. However, consider that only as a last resort; most identity thieves attempt to collect thousands (even millions) of individuals’ information during phishing scams; they’re likely not singling you out as a target. If you feel your personal safety threatened, contact your local police department.|
|Personal information that isn’t changeable — such as:||Unfortunately, there’s not much you can do about this except defend yourself (electronically). Being proactive and staying alert/aware of your credit is your best defense.|
Forward spam that is phishing for information to firstname.lastname@example.org – and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.
If you believe you’ve been scammed, file your complaint with the FTC, and then visit the FTC’s Identity Theft website at www.consumer.ftc.gov/features/feature-0014-identity-theft. Victims of phishing can become victims of identity theft.
You also may report phishing email to email@example.com. The Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.
Subscribe to get new posts in your mailbox.
This entry was posted on Tuesday, April 8th, 2014 at 3:40 pm. It is filed under email, Security and tagged with ATTOG Technologies, blacklist, DKIM, DMARC, DomainKeys Identified Mail, email, Eric Leuthardt, mc, passwords, phishing, security, sender policy framework, spam, SPF, spoof, spoofing, spying. You can follow any responses to this entry through the RSS 2.0 feed.
Built and designed by 7th Circle Designs
All content © 2017 by ATTOG Technologies