Today I am going to write about “phishing.” Now, I did not spell that wrong, I don’t mean fishing like you would do on a boat or dock. It isn’t the name of a band or a club. It is a dangerous form of identity theft (aka ID theft.) According to Dictionary.com, phishing is “A method of identity theft carried out through the creation of a website that seems to represent a legitimate company.” I mean fishing for information. It is fraud and it is illegal!!
Have you ever received an e-mail from your bank asking you to update your password? What about from E-Bay asking you to update your PayPal account? What about from a popular shopping site asking you to update your credit card information? Because we live in a digitized society, this all may seem very legitimate. In truth, you would never be contacted this way. When logging on to the organization’s site normally and accessing your account the way you always have, you would be prompted for an update. Why wouldn’t your bank or a vendor contact you via e-mail? Isn’t that a major medium for communication today? The truth, is NO. Phishing is very real and it is what is known as a scam.
S0 what happens with a phishing scam? A very crafty criminal (aka “the scammer”) sits at home and creates a fake website for a reputable bank or company. These websites look very, very authentic. They are fashioned after the organization’s real website and match up right down to the logo! Next, the scammer creates an e-mail. The e-mail typically includes a request to update a password or credit card information and a warning (!) that your account will be frozen or cancelled. Lastly and most importantly, there will be a link. The link will look authentic and will probably include the name of the organization the scammer is impersonating. The link will take you to a fake website, not the one you use. Some noteworthy signs of a phishing e-mail are misspellings and if you roll your mouse over the link, somewhere down below in your e-mail window you will see the actual link-it won't be from the organization.) Next, the scammer obtains a mailing list of e-mail addresses and sends the e-mail to tens of thousands of recipients.
The scammer is hoping to gain your personal information which will give them access to your accounts. You may be thinking that this would be obvious. You may be thinking that you are a smart and educated adult who would spot a scam a mile away. I can tell you that I have spoken to high school students, college students, smart working adults, smart educated retirees and even IT professionals who have become victims of phishing scams. Scammers are very good at what they do and they do it in volume. They may send out 30,000 phishing e-mails and get two responses. For them, that means they earn between $6,000 and $20,000. A nice profit.
Another item of note is that a scammer will collect your information but not use it right away. They will do some additional research on you to find out more of your personal information; they will put in address changes to start getting mail from your bank and any other company who you have credit with. They will build a personal database on you and then squirrel it away for a year or two (or sell it.) In a year or two the scammer will begin to use it. It helps them to wait because you will probably not remember when you responded to that original e-mail. You may not remember it at all. This makes it more difficult for the authorities to trace it back to the scammer.
So what do you do if you think you are a victim? First, file a police report. Next, contact the three major credit reporting agencies: Equifax, TransUnion and Experian. They will put a fraud flag on your account. Contact your bank and your credit card agencies to cancel all accounts. Contact the US Postal Service to make sure there has not been a change of address put in for you. Collect all of your account information and start a file. Keep track of all the calls you make, who you talk to, and what was said. You will need this diary to keep things organized. Don’t be surprised if you don’t have access to your accounts; the scammers are very good at what they do. It usually takes years to undo what the scammers have done.
How can you prevent ID theft? The best thing you can do is monitor your credit report each year. You can get a copy of your credit report from each of the three agencies for free each year. I suggest spreading it out. Request one from Equifax every April, request one from TransUnion every August and request one from Experian every December. Monitor these reports for inaccuracies. If you are a victim of ID theft, this is the first place it will show up. You can request one free report annually from each agency via the offical website (annualcreditreport.com.) If you go to freecreditreport.com or the individual agency sites you will be charged. These sites are legitimate and will all give you what you need but will charge you. Next, get information from the ID theft government site.
I taught ID theft awareness as part of a financial literacy program I ran for work. I hope this blog provides some awareness to you. I urge you all to monitor your reports and visit the ID theft website! Here is another interesting article on phishing A brief history of Phishing: Part I.
Subscribe to:
Post Comments (Atom)
6 comments:
I can't tell you have many emails I receive on a daily basis to "update my account information." However, a lot of the time they are to sites/banks that I am not a member of so I know that they are a scam and quickly delete them. However, I feel horrible because I know like elderly man or woman who is checking there email will most likely fall for this scam and possibly have their identity stolen. It makes me really angry actually thinking about the nerve these people have. I mean seriously, get a life you know? I just have one word, karma.
It angers me as well but it frightens me too. I actually worry more about young people. They are bigger targets for e-mail scams (more of them use e-mail.) I am not sure that kids have enough awareness. I wish educators would devote a unit in grammar school and again in high school to update kids on the latest scams, especially those involving the Internet.
As much as I love the internet and what it allows me to do, I hate it for allowing people to scam like what you had mentioned. Like I said in my blog, someday, we may not ever have to leave our house by how fast the internet is advancing in what we are capable of doing. That is extremely scary because stealing important personal information from others and scaming seems to be more easy than we think. There always has to be someone to ruin something so great like the internet for the rest of us...
I never heard of "Phishing" before, and it seems like a very serious crime. I'm glad that you wrote about it in your blog because many people, including me, can benefit from hearing this information.
I really found your posting interesting because i never heard of "phishing" before and Identiy theft is a huge sercurity threat on the web. Great job addressing it and allowing us to be aware of the issue.
Great post! We'll be covering this topic in some detail in a few weeks. But I'm not sure how this relates to a pre-1994 internet technology or development.
Post a Comment