The Phishing Trap

HOME | ABOUT ME | CONTACT

the phishing trap

Phishing (pronounced the same as "fishing") is a high-tech way to lure you into revealing your bank accounts, passwords, credit card numbers, PIN codes and other sensitive data. Armed with this private information, your identity, and then your money, can be stolen!

How "phishermen" phish:

Phishers target you, the consumer, by sending you e-mail or instant messages that appear to be legitimate messages from well-known companies such as PayPal, eBay, Citibank, and AOL.

Even though it resembles a message that could have been sent from one of these companies, including the e-mail header, there's one crucial difference: The link provided in the email or instant message does NOT go to company's website. Rather, it links to a phony site controlled by criminals! Carefully check the web address of the link provided in the email or instant message . It isn't a direct link to the company's website!

Once you reply to and enter the requested information that these blatant thieves ask for (including everything from your credit card number to your driver's license and even your mother's maiden name), they can then access all yours accounts and rob you blind! The same scam can be used with any financial site, no matter how real it looks.

Notice that some phishing messages may claim that updating your account will help you avoid future problems. Don't be fooled by the threat to terminate your account if you fail to reply by a certain date. This is just a way to trick you into responding quickly.

Steps to avoid phishing hooks:

In the real world, you wouldn't reveal your private financial information to anyone who asks, so don't do it online either. Here's how to avoid becoming a victim:

	DO NOT respond to email or instant messages requesting your financial information! If you have doubts or questions regarding such messages, telephone the company and talk to a customer service representative. (Don't use the number on the email! It too is fake!)
	Never transmit sensitive information in an email or instant message.
	If you want to check or update your account information, do it by going directly to the company's website. Type the address into your web browser. Remember: DO NOT click on links provided in an email or instant message. It could be a phish hook!
	Whenever you transmit sensitive data online, make sure the website is secure. A closed lock icon will appear at the bottom of your web browser, which looks like this: . Also, the web address will begin with "https," in which the "s" stands for "secure."
	If you receive a suspicious email message, file a complaint by emailing the Federal Trade Commission or contacting the FBI's Internet Fraud Complaint Center or the Anti-Phising Working Group .

How to unhook yourself:

According to the Anti-Phising Working Group , up to 5% of recipients respond to these bogus messages. If you believe your have been "hooked by a phisher," don't feel bad. Take action immediately by doing the following:

	Check your financial accounts to see if there's been unauthorized access.
	Make a report to the company in question, such as PayPal, eBay, the credit card issuer or bank.
	Close your account and open a new one.
	If you suspect that your identity has been stolen, file a police report and make a report with credit bureaus like Equifax.

For more detailed information and action, visit IdentityTheft.org and PrivacyRights.org .

Just a Sidenote:
You may wonder why this deceptive scheme is called phishing. As every angler knows, you need bait to catch a fish. In the electronic ocean of information, an email or instant message becomes the bait. Since hackers commonly substitute "ph" for "f," phishing (fishing) is the practice of luring personal data with phony e-mail or instant message.