Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them.
As with most scams of this type, the recent US Bank and Citicorp scams attempt to obtain personal information from bank customers. Phishing scams attempt to obtain information such as account numbers, credit card numbers, user-id's, passwords, social security numbers, phone numbers, addresses and other personal information.
If you receive an email that requests this type of sensitive information, you should be suspicious of it. Banks, credit card companies, Paypal, Ebay, Stock brokerage companies, and most companies doing business online will not request personal account information via an email or a link in an email. If you have doubts phone the institution directly and use a url entered yourself to access their web site.
Follow this link to view a list of Recent Phishing Attacks.
Microsoft has outlined Steps that you can take to help identify and to help protect yourself from deceptive (spoofed) web sites and malicious hyperlinks. In addition Microsoft offers advice on how to help protect yourself from phishing. Just as they do in the physical world, scam artists will continue to develop new and more sinister ways to trick you online. But following these five easy steps will help protect you and your information.
- Never respond to requests for personal information via e-mail. If in doubt, call the institution that claims to have sent you the e-mail.
- Visit Web sites by typing the URL into your address bar.
- Check to make sure the Web site is using encryption.
- Routinely review your credit card and bank statements.
- Report suspected abuses of your personal information to the proper authorities.