Phishing occurs when someone impersonates your financial institution, Internet service provider, credit card company or some other entity and requests your personal financial information (such as account number, credit card number, Social Security number, passwords, etc.) via e-mail. The e-mail will probably warn you of a serious problem that requires your immediate attention.
These e-mails look official and often contain graphics and/or logos that are copied from a legitimate company's web site. The e-mail may include a link to a legitimate-looking web site. In reality, you're redirected to a phony site that may look exactly like the web site of your financial institution, credit card company, etc.
You're asked to provide personal information, which is then used by the thieves to gain access to your existing accounts and credit cards. In the worst case, you could find yourself a victim of identity theft.
Avoid falling victim to new phishing scams.
The latest phishing e-mails offer a reward (usually money) if you complete a short survey about the company. The e-mail promises that you will not have to provide any sensitive information when you complete the survey. The survey will most likely contain the name and logo of the company, and may look legitimate. You will be asked some simple, impersonal questions.
However, later in the survey you are asked to provide personal information so that the reward can be deposited into your account. This personal information can then be used to open accounts in your name and perpetrate other types of fraud – including identity theft.
No legitimate business will ever ask for this kind of information in an e-mail. If you believe the e-mail (or phone call) may be legitimate, contact the business yourself. The credit union's contact information is listed on your monthly statement.
Do not respond to any e-mail that asks for your personal information, and do not click on any link in a suspicious e-mail. Delete it or forward the e-mail to the Federal Trade Commission (FTC) at firstname.lastname@example.org.
Four actions to take if you are a victim of phishing
- Contact the credit union (and the company represented in the e-mail) immediately.
- Review all credit card and other account statements for unauthorized transactions immediately upon receipt. Take note of when your statements arrive every month, and if any of them are more than a day or two late, notify the appropriate companies.
- If you've disclosed personally identifying information, contact the three major credit reporting agencies listed above. They will help you determine if a fraud alert should be placed on your file, which will help prevent thieves from opening accounts in your name.
- If your response to a phishing e-mail results in your becoming a victim of identity theft, file a complaint with the Federal Trade Commission and the Internet Crime Complaint Center. Click the "File a Complaint" link on screen.