If you get one of these messages, don't panic - and don't respond. Remember our advice: Don't give your personal information to anyone you don't know. If you are concerned that the message might be genuine, call your ISP (or bank or other organization being spoofed) at a telephone number you obtain from your billing statement or through an email address the legitimate company provides.
In July 2003, the Federal Trade Commission announced the settlement of an action it had brought against a minor who ran a fairly sophisticated scam involving AOL subscribers. You can read about that action by clicking here.
"Phishing" isn't new. The term comes from the computer world, but the concept goes back decades. A con man or woman can take your money if he or she can get you to give access to important account information. An identity thief can pose as a representative of your bank, your credit card company, your internet service provider. And their stories can sound very plausible. Here's an example.
If you are asked for any type of personal information, ask the caller for his/her name and telephone number and the organization he/she is representing. Then call the company using the customer assistance number the company provides with your account statement or bill (not the number you were given by the caller). Tell the customer service department about the call and the information you were asked to provide. If the call is legitimate, you'll be transferred to the correct department. If the call is not legitimate, you'll help alert the company that a fraud may be going on in the company's name.
- I think I’ve been "phished"; what do I do?
If you suspect that your personal information has been "phished" by an unknown source, you should assume that you either are – or soon will be – the victim of an identity thief, and you should take immediate self defense measures. Here’s some steps we recommend you take right away:
- If you were lured by a "spoof" of a genuine company or organization, get in touch with the real company immediately. They may be able to help you minimize the damage. For example, if you thought you were updating your credit card information with an online store, and you discovered it wasn’t your online store, call or email the real store at once.
- If you provided your credit card information as part of the "phishing" scheme, contact the customer service department of the bank that issued your credit card and ask to speak to someone in risk management or loss prevention.
- For additional steps you can take, click here to visit the section of our identity theft web site designed to provide victim assistance.
- Origin of the term "Phishing". According to the Anti-Phishing Working Group, the word "phishing" comes from the analogy that Internet scammers are using email lures to "fish" for passwords and financial data from the sea of Internet users.
- Phishing Resources
Government:
Private:
|
