Phishing refers to creating an imitation of an existing legitimate Web page or the use of email to trick users into providing sensitive personal information. This method of identity theft is rapidly increasing both in number of incidents and sophistication. Many attempts to gain information for identity theft appear quite legitimate.
Phishers send an email or pop-up message that claims to be from a business or organization that you deal with; for example, your Internet service provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to “update” or “validate” your account information. It might threaten some dire consequence if you don’t respond. The message directs you to a Web site that looks just like a legitimate organization’s site, but it isn’t. The purpose of the bogus site? To trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.
Legitimate businesses don't ask for this information online. If you have concerns about your account, you should contact the organization in question through other means. To be safe, you should not respond to messages of this type or click on any link in the message. Simply clicking on the link can introduce viruses or other malware to your computer, so it is important that your virus protection be kept up to date.
New phishing scams are being created all the time, and there is no fool-proof method to stop them from coming into your mailbox. Several things to keep in mind:
- Think before you click!
- Never give out personal information.
- Change your password often.
- Beware of popup messages.
For more information about phishing see: