Since phishing scams run rampant, it helps to know
how to recognize one. Generally, they stress the urgency of updating
or verifying account information in response to a pressing problem.
To scare you into cooperation, the scammer will mention some type
of threat, typically in the form of account deactivation.
For the customer's "convenience," a phishing e-mail
provides a link to a page where account information can be updated
or verified. In reality, the link likely leads to a fraudulent Web
site that will ask for sensitive information such as your date of
birth, mother's maiden name, account number, credit card information,
pass codes or Social Security number.
||Characteristics of a phishing scam
We found nearly all of these characteristics in the
following phishing e-mail that landed in our editors inbox at Bankrate.com.
The greeting generically is addressed to a "valuable customer,"
sentences read in a broken English fashion, the explanation for
the necessity of the security upgrade makes little sense, the deadline
gives the message a sense of immediacy, the message threatens account
suspension if the customer doesn't comply and the e-mail instructs
the customer to click on the link. The link, of course, doesn't
go to Wachovia -- hovering our cursor over the link, we found that
the link actually goes to www.edencorp.net/varner/wachoviabank/bank,
not an authorized Wachovia site.
After forwarding the e-mail to Wachovia at email@example.com,
the company replied, confirming that they did not send or authorize
Don't take the bait!
Security experts contend that banks will not send an e-mail if a real problem exists with your account. E-mail, as they know, doesn't provide a secure transfer of customer information.
When in doubt about an offer or warning, call your
bank or company with which you have an account by using the number
on the back of your card or a recent statement. Ask if they tried
to contact you.
If they didn't, report the phishing e-mail to them.
You should also forward the scam e-mail to the Federal Trade Commission
and the Anti-Phishing Working Group at firstname.lastname@example.org.
You can also file a complaint with the Internet
Crime Complaint Center, which will alert the appropriate authorities.
If you answered a phishing e-mail, consult the identity
theft help page on the Federal
Trade Commission's Web site.
Have you received a phishing e-mail? After notifying the authorities, forward the e-mail to us email@example.com?subject=phishing