Phishing, Spoofing & Pharming

An industry organization, the Anti-Phishing Working Group, reports that identity theft frauds known as "phishing" attacks have increased significantly over the last year. Phishing, spoofing and pharming are terms used for criminals' attempts to steal personal financial information through fraudulent e-mails and Websites designed to appear as though they were generated from legitimate businesses, financial institutions, and government agencies. These scams are contributing to a rise in identity theft, and credit card and other Internet-based frauds. E-commerce customers, including bank customers, have fallen victim to these scams.

If you receive an e-mail or pop-up message requesting verification of personal and/or financial information, chances are that someone is trying to lure you into a phishing scheme. These con artists use letterheads, e-mail and website addresses of what would appear to be legitimate companies. However, while convincing, they do not represent the entities at all. They are simply attempting to gather your personal and financial information to be used to steal your identity and ruin your name and credit. Legitimate companies will not use e-mail to obtain confidential information.

Should you receive such an e-mail, follow these steps:

• Do NOT click on the link provided in the message nor respond in any way.
• NEVER provide any personal information using the contact information provided in the e-mail or in the bogus website link! Instead, locate a genuine telephone number for the company and make contact with them.
• Forward the e-mail to the Federal Trade Commission (FTC) at spam@uce.gov by attaching the message to a new e-mail. This will ensure that all original headers are included. When sending the e-mail to the FTC, copy your local internet service provider's abuse center as well as the legitimate company (if you can obtain that information). For example, eBay has an e-mail reporting box set up at spoof@ebay.com