Phishing: A New Kind of Identity Theft
P hishing is a relatively new strategy used by criminals to obtain your personal information over cyberspace. It is when identity thieves, called phishers, use e-mails and the Internet to masquerade as a company you normally do business with in order to fraudulently obtain personal information, like your user name, passwords, credit card numbers, or bank account numbers. A phisher might send the potential victim a fraudulent e-mail that appears to be from a legitimate Internet address. It contains a justifiable request, 'such as asking you to verify your personal information or account details by clicking on a link in the e-mail, followed by a negative consequence if the information is not provided, such as the discontinuation or suspension of your account. If you fall for the scam and disclose the requested information, the sender has achieved his or her goal of obtaining your personal information to use for identity theft crimes.
In the newest phishing scam, spear phishing, the targeted victim is a single user or a department within an organization. The victim receives an e-mail that appears to be legitimately addressed from someone else in a position of trust within that company, like the company's human resources manager. The e-mail requests sensitive information, like log-in IDs or passwords. With this data, hackers can gain entry into secured networks.
To avoid being phished, always delete e-mails from unknown or suspicious senders, and never click the links within the text of such e-mails; then empty your e-mail trash box. Notify the company from which the e-mail appears to come, if possible; most companies want to know if their company name is being used to scam people, so they can take action to protect their reputation. Finally, you can report instances of phishing
to the Federal Trade Commission (FTC) and your State and local authorities.
For more information, visit the National Consumers League Web site, at www.phishinginfo.org
