|
WHAT IS PHISHING?
Phishing is an online scam used to
commit identity theft. A fraudulent, but official-looking e-mail is sent
to a user in an attempt to con that user into divulging personal and/or
private information, which is then used for identity theft.
HOW PHISHING OPERATES
Phishers spam huge numbers of users
with a seemingly credible e-mail that instructs the user to visit a Web
site (also fraudulent) where they are prompted to enter or update their
personal or private information (such as passwords and credit card,
social security, and bank account numbers). Phishers also use pop-ups to
try and scam users into entering sensitive information.
What actually happens, to the
trusting users who submit this information in response to a Phishing
attempt, is that identity thieves steal the user’s information and their
accounts are emptied.
Phishing attempts are extremely
sophisticated and it can be extremely difficult to tell if the e-mail or
Web site is real. However, no credible organization (like your bank,
credit card company or social security office) will ever ask you for
those kinds of details in an e-mail.
There are several things to look
out for regarding phishing attempts
Typical phishing e-mails will tell
you that your account has come under review, may be in danger of being
suspended and/or cancelled, and some piece of information needs to be
verified or updated, i.e.: your credit card number, bank account number,
social security number, or other personally identifiable data.
What to do if you think you have
been a victim of phishing
If you believe you’ve been scammed,
file your complaint at
http://www.ftc.gov/
if you receive spam that is phishing for information, forward it to
spam@uce.gov
Steps you can take to
protect your personal data online and also, what to do if you receive a
phishing e-mail:
-
Do not reply to any e-mail asking to
verify your personal data. You will find that legitimate vendors and
merchants do not send such requests via e-mail.
-
Contact your merchant right away to
ask for clarification of such e-mails. (This will also make them
more aware of the range of such problems.)
-
Never divulge information, such as
passwords and credit card, social security, and bank account
numbers, to anyone making contact with you. Only give such
information when you initiate a service call, and only do so with
trusted sources and where appropriate.
-
Use anti-virus software and/or
firewalls on every computer you own/use. Remember that children are
easy prey to the ‘just click here’ tactic.
-
Stay up to date with current scams
and always
report suspicious activity.
PHISHERS USE FAKE CALLER ID
NUMBERS
In a new phishing scam, con artists
are using phony caller ID numbers to solicit personal information and
money. Thanks to the phony caller IDs, the "spoofers" are able to
convince
victims that they're receiving a call from a bank, credit union or
credit card company. The scammers use this technique to acquire
sensitive personal and financial information, or even money, from their
victims.
The frightening aspect of this scam
is that few people would ever think that the names and phone numbers
appearing on their caller ID screens were not genuine. However, scammers
are already using phony caller IDs and are posing as representatives of
banks, credit card companies and government agencies. The problem has
reached the point where Senator Bill Nelson from
Florida
is sponsoring legislation to ban the transmission of false caller ID
numbers. "A similar bill has already sailed through the house," reports
ABCnews.go.com.
Unfortunately, anyone with Internet
access and a few dollars can find a number of legal online services that
supply fake caller ID numbers. ScamBusters.org reports that in just a
few minutes of research revealed several services that tout the
"benefits" of caller ID spoofing, including:
-
Maintaining the privacy of your
caller ID number.
-
Changing your voice to sound like a
male or female.
-
Fooling friends and business
associates (or business competitors).
-
One firm claims its technology is
suited to individuals in certain law-enforcement-related
professions, while another advertises its services as inexpensive,
easy to use, and great for "business or fun."
Loss Prevention
Recommendations:
-
Do not assume that the information
displayed on your phone, regarding who the caller is, is accurate.
It can easily be spoofed.
-
Never give out personal or financial
information over the telephone unless you know EXACTLY whom you're
dealing with.
-
If you have doubts about who's on
the phone, call back the number of record at your financial
institution or credit card company.
REMEMBER:
-
No one from SAIF Federal Credit Union will ever call you and ask you
information about your account.
-
Never give anyone your personal information over the telephone or
internet
-
If anyone contacts you and claims to be from SAIF Federal Credit
Union, tell that person that you will call them back, and call the
credit union directly.
-
When calling the credit union, always speak to someone that you
know.
|
