Every year millions of innocent people find themselves victimized by phishing scams. No, I’m not talking about fans of an American rock band getting ripped off or someone stealing your grilled salmon dinner out from under you.
So, what is a phishing scam?
Phishing is a common scam in which criminals pose as a legitimate organization such as a bank, credit union, government agency, credit card company or Paypal to obtain your personal information.
They start out with scary emails indicating that your account has been hacked or fraudulent charges have been identified on your account. The idea is to tug at your emotions and make you think you need to urgently click on a link provided in the email to verify or re-submit your information to keep your account from being locked out.
You immediately begin having visions of your bank account being drained to zero and all your checks and automatic bill payments bouncing like a beach ball.
The link in the email certainly appears to be legitimate and when you click it you’re taken to a website that looks just like the one owned by your bank or financial institution. Of course, the link and the website are just carefully crafted copies operated by the criminals running the scam.
Once you’re on the fraudulent website, you’re asked to enter personal information such as your user name, password, account number, mother’s maiden name, and Social Security number.
You anxiously fill in the information to verify your account and BAM! As soon as you’ve handed over your personal information, the criminals begin accessing your bank accounts and assuming your identity to open more new accounts and use up every bit of your credit they can get their hands on. Some sites will even go so far as to install malicious code on your PC to phish for even more information they can use to scam you over and over again.
Avoiding Phishing Scams
- Legitimate companies will never ask you to confirm personal information via email or text. If you receive these types of emails just delete them. Don’t reply to them and don’t ever click on the links embedded in them.
- If you’re afraid the email could be legitimate go directly to your bank’s website (type in the address yourself, don’t click anywhere in the email) or pull out an old bill and call the customer service department. Don’t call any phone numbers provided in the email as those too could be spoof numbers set up as part of the scam.
- Review your bank and credit card statements every month and look for unfamiliar charges. If anything looks suspicious, or if a statement goes missing, call to confirm. It could just be a purchase you forgot all about or it could be a sign of theft.
- Review your credit report regularly and look for suspicious activity. If your identity has been stolen you may find unfamiliar accounts that you were completely unaware of.
- If you think you’ve received a phishing email, forward it to firstname.lastname@example.org, an official email address monitored by the Federal Trade Commission.
Once you’ve fallen victim to a phishing scam, it can take years to repair the damage. Your best bet is to avoid falling prey to them in the first place, so remain vigilant and on the lookout for scam artists at all times.
image by 28288673@N07