Scammers will typically begin their phishing attempt by sending you an email that appears to be from a business or person you know. It could be your internet-service provider, online payment service, or bank, for example. The email might say you need to "update" or "validate" your billing information to keep your account active.
You are then directed to a "look-alike" website of the legitimate business, further tricking you into thinking you are responding to a valid request. Unknowingly, you submit your financial information to the scammers, who then use it to order goods and services - and potentially obtain credit — in your name.
Be Wary of Getting Hooked
The Federal Trade Commission (FTC) urges you to take the following precautions to avoid getting hooked by a phishing scam:
- If you get an email that warns you, with little or no notice, that an account of yours will be shut down unless you reconfirm your billing information, do not reply or click on the link in the email. Instead, contact the company cited in the email, using a telephone number or web site address you know to be genuine.
- Avoid emailing personal and financial information. Before submitting financial information through a website, look for the "lock" icon on the browser's status bar. It signals that your information is secure during transmission.
- Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
- Report suspicious activity to the Federal Trade Commission. Send the actual spam to uce@ftc.gov. If you believe you've been scammed, file your complaint at the FTC website, then visit the FTC's Identity Theft website to learn how to minimize your risk of damage from identity theft.
- Visit the FTC Spam website to learn other ways to avoid email scams and deal with deceptive spam.
Locations
