There’s a dangerous form of internet piracy around these days called ‘phishing’ (it’s pronounced as ‘fishing’). Internet scam sites are ‘fishing’ for your personal and financial information. They’re always after new ways to trick you into handing over your Social Security Number, credit card details and other personal information that they can use or sell on to other fraudsters.
You might become victim to identity theft – a matter that can destroy your personal reputation and severely impact your credit worthiness. Becoming informed as to how these internet scams work and which sites to avoid, is the best way to protect yourself from becoming a victim.
How do these identity thieves get hold of your information?
Commonly, you’ll receive an email from a person or firm that you are familiar with which looks ‘real’ enough. It usually has a company logo, the email may even use your name. Generally upshot of the message is that they are looking after for your best interests. The message might alert you to some potential threat to your account, credit card or other financial matter. Usually the email ends by saying that you must take immediate action or suffer awful consequences.
There will be a hyperlink (the clickable text in the message) where you’re invited to click on. That will take you to their phishing web site. This is where most people are completely fooled. The website will look identical to the real thing with the company logo, graphics and so on – just on a different address.
At this point you will be prompted to ‘verify’ your account, password, or credit card details. If you do find yourself here, stop at that point. Never fill in any personal information. Exit from the website immediately and delete, clear your browser cache and delete the phishing message.
There are a number of website checkers such as Mywot which will tell you immediately if a site has a history of phishing. Alternatively sites like Bigthis.com will provide an aggregated report about the site’s reputation from all major online reviewer sources. It’s worth remembering that a site may have been hacked – in which case the official URL will be used. In this case it’s best to contact the company directly to wait for clarification.
How to identify what’s a ‘phishing’ email or site
If you didn’t contact this firm asking for details about your account, or for help with an issue, this is when you should be wary. If you’re not sure because it looks genuine, call the company directly and tell them about your concerns.
Contact phone numbers as well as fraud lines are usually printed on your monthly statements. If it is out of hours and there’s no one to answer, wait until the following business day when you can reach them.
Don’t fall for the ‘imminent threat’ message and feel you must do something immediately. ‘Phishers’ use this trick in the hope that you’ll click the link in blind panic before you realize what you’ve don’t – don’t panic and allow the fraudsters trick you into visiting their dodgy website.
What to do?
Don’t ever diclose your password or pin, over the internet, telephone, or when it is an impromptu request. Your bank knows what your password and credit card number is. They should not need to ask you for it.
Furthermore your bank already knows what your account, and social security number are. They won’t need to ask you to repeat it to them over the phone. In addition most have security policies that prevent them from asking such questions.