Consumers should stay on alert to avoid being
The Federal Bureau of Investigations (FBI) advises consumers
to stay on alert as phishing scams continue to increase. In
the last several months, the FBI has issued numerous alerts,
including its latest notice informing the public of a phishing
scam that involves the Internal Revenue Service (IRS). The
FBI warns consumers not to fall prey, as this e-mail scam
lures them to a fake IRS web site. Unsuspecting consumers
believe that by clicking on the link provided, they will be
directed to the IRS web site where they can follow the necessary
steps to receive their owed tax refund. In actuality, they
are redirected to a fake web site where their personal data,
including credit card information, is captured.
The IRS is of course not the only organization to be exploited
in this type of scam. The FBI has issued alerts warning consumers
of phishing attacks imitating organizations such as the American
Red Cross and even the FBI itself. Even credit unions, leagues,
the Credit Union National Association (CUNA) and NCUA have
The Federal Trade Commission (FTC) suggests these tips to
help consumers avoid getting hooked by a phishing scam:
- If you get an email or pop-up message that asks for personal
or financial information, do not reply. And don’t
click on the link in the message, either. Legitimate companies
don’t ask for this information via email. If you are
concerned about your account, contact the organization mentioned
in the email using a telephone number you know to be genuine,
or open a new Internet browser session and type in the company’s
correct Web address yourself. In any case, don’t cut
and paste the link from the message into your Internet browser
— phishers can make links look like they go to one
place, but that actually send you to a different site.
- Use anti-virus software and a firewall, and keep them
up to date. Some phishing emails contain software that can
harm your computer or track your activities on the Internet
without your knowledge. Anti-virus software and a firewall
can protect you from inadvertently accepting such unwanted
files. Anti-virus software scans incoming communications
for troublesome files. Look for anti-virus software that
recognizes current viruses as well as older ones; that can
effectively reverse the damage; and that updates automatically.
A firewall helps make you invisible on the Internet and
blocks all communications from unauthorized sources. It’s
especially important to run a firewall if you have a broadband
connection. Operating systems (like Windows or Linux) or
browsers (like Internet Explorer or Netscape) also may offer
free software “patches” to close holes in the
system that hackers or phishers could exploit.
- Don’t email personal or financial information.
Email is not a secure method of transmitting personal information.
If you initiate a transaction and want to provide your personal
or financial information through an organization’s
website, look for indicators that the site is secure, like
a lock icon on the browser’s status bar or a URL for
a website that begins “https:” (the “s”
stands for “secure”). Unfortunately, no indicator
is foolproof; some phishers have forged security icons.
- Be cautious about opening any attachment or downloading
any files from emails you receive, regardless of who sent
them. These files can contain viruses or other software
that can weaken your computer’s security.
- Forward spam that is phishing for information to firstname.lastname@example.org
and to the company, financial institution, or organization
impersonated in the phishing email. Most organizations have
information on their websites about where to report problems.
- If you believe you’ve been scammed, file your complaint
and then visit the FTC’s identity theft web site at
Victims of phishing can easily become victims of identity
theft. While you cannot entirely control whether you will
become a victim of identity theft, you can take some steps
to minimize your risk. If an identity thief is opening credit
accounts in your name, these new accounts are likely to
show up on your credit report. You may catch an incident
early if you order a free copy of your credit report periodically
from any of the three major credit bureaus. See www.annualcreditreport.com
for details on ordering a free annual credit report.
You can learn other ways to avoid email scams and deal with
deceptive spam at www.ftc.gov/spam.