Phishing Scams: How Not to Get Hooked
How To Avoid Phishing Scams
We detected irregular activity to your account on 01/29/10 at 6:15pm.
As part of our continuing commitment to protect your account and to reduce the instance of fraud on our website, we are undertaking a period review of our member accounts.
This email is to notify you that you have a new message in your Secure Online Mailbox from Customer Service in response to your inquiry.
The above examples are taken directly from phishing emails. Phishing is a form of identity theft in which criminals use deceptive emails to separate you from your login information in order to eventually separate you from your finances or other secure information.
How to Detect a Phishing Email
Asking for Personal Information
Since the purpose of phishing is to obtain your login information for nefarious purposes, the phishing email will attempt to convince you that you need to login to your account for some reason or another. Common reasons include:
Your account is going to close and you need your personal information to open it.
“Suspicious” or “irregular” or “fraudulent” activity has been detected in your account and you need to login to find out what it is.
You have a piece of information waiting for you in your account and you must login to retrieve it.
You have won a contest and you need to login to claim your prize.
Don’t let phishing companies “lure” you into providing your information. If you think the email might be legitimate, call the organization but make sure you do not call any phone number provided in the questionable email! For instance if you think the email is from your bank, call a number for your bank that you already know to be legitimate.
If you have a HouseCall Systems Administrator we would be happy to take a look at any email you think is suspicious.
Disguising Themselves as a Reputable Website
Phishing companies know that you are too smart to give your personal information to a website that is unfamiliar, so they disguise themselves as websites you trust such as Paypal, eBay, or even your bank.
Web addresses can be disguised in emails. The email can write out the address www.ebay.com but then have it link to another website that will steal your information. The phishing websites can copy the design of the reputable websites. They can also send you to legitimate websites and then display a pop-up that asks you to login there and take your information that way.
Pretending to be a Potential Employer
A recent technique of phishing scams targets people on job seeking websites. The emails pretend to be an interested employer and ask for personal information, such as a social security number. You should always be careful when giving out your social security number to anyone.
Things You Can Do
Always make sure you have anti-virus software running on your computer and that it is up to date. Sometimes phishing emails contain spyware that monitors your activity on your computer in attempt to gain information about you that can be used for malicious purposes. Be cautious when downloading any attachments.
Turn the spam filter on your email account. If you are a HouseCall client we are happy to assist you in doing so. Remember that no spam filters are perfect and even if your spam filter is turned on some phishing emails can slip through the cracks.
Never respond to an email asking you for personal information, such as your social security number, a PIN number, or your password. Your HouseCall Systems Administrator will never email you asking for you password.
If you receive a phishing email you can report it by forwarding it to firstname.lastname@example.org as well as the organization that the phishing email is attempting to impersonate.
If you think you may be a victim of phishing or identity theft, you can file a complaint with the FTC. You should check your credit report to make sure that no one is opening accounts under your name. You are entitled to a free credit report every year. To obtain yours visit annualcreditreport.com.