What is Phishing?
Filed Under
Delicious
Digg
StumbleUpon
Reddit
Google
YahooPhishing is a type of identity theft in which the thief tries to get you to reveal personal information about yourself by pretending to have a legitimate need for the information.
Phishers imitate many popular websites that you may already have a relationship with including:
- MySpace
- eBay
- PayPal
- YouTube
- Bank of America
- Regions
- Chase
- Yahoo!
Most often phishing takes place via email or instant message, but it can also happen over the phone.
Email Phishing
The attacker sends an email that appears to be from an institution you may already have a relationship with. The email often claims that there has been some kind of suspicious activity on your account and urges you to login to your account. The email includes what looks like a link to the business’ website, but when clicked actually leads to a spoof of the real website. If you enter your username and password into the site, the attacker has successfully gained access to your real login information and can use it to access your real account.
Phone Phishing
Phone phishing is very similar to email phishing with the attacker pretending to be an authentic customer service representative of a business you already have a relationship with. The attacker’s aim is to have you give away your personal information. The attacker often already has key information about your account and uses it to convince you of the legitimacy of the call.
In one phone phishing scam, the attacker already has your credit card number and expiration date. The attacker claims there has been some suspicious activity on your account and needs to verify that the card is in your possession. You’re then asked to verify the three-digit code on the back of your credit card. At that point the attacker has everything needed to clone your credit card or to make purchases using your account.
Recognizing a Phishing Scam
All phishing scams have one thing in common: they want your personal information. Watch out for any type of communication (that you did not initiate) that asks you for sensitive information like usernames, passwords, account numbers, etc. Legitimate businesses will not use email to ask you to verify your personal information. When in doubt, type the URL for the business directly into your browser. Do not follow links that are embedded in the message.
Don’t give out your personal information over the phone, unless you initiated the call to a number you got from your bank statement or the back of your credit card. Scammers have been known to spoof the name and number on the caller ID, so don’t respond to calls that even appear to be from institutions you do business with.
Fight Back Against Phishing
If you receive a phishing email, you should report it to the Anti-Phishing Work Group at reportphishing@antiphishing.com. It’s also a good idea to forward the email message to the business that’s being imitated.
Report instances of identity theft to the Federal Trade Commission and your financial institution(s). Change your login information as soon as possible to prevent further damages.
My Account | Contact Us | Write For Us | About Us | Affiliate Program | Sitemap | Answers
Email Options | Privacy Policy | Terms & Conditions
Copyright © 2002-2009 SpendOnLife.com. All Rights Reserved.