What is Phishing?
“Phishing” is when criminals use email, phone and online scams to purposefully and maliciously trick people into sharing information such as passwords, Social Security numbers, account and credit card details and even your mother’s maiden name! Phishing is Phraud and it is a crime.
- Educate yourself, your family, and if applicable, your co-workers, clients and business partners on what Information Theft is, and what you can do to protect yourself.
- No legitimate business or government agency will ever ask for personal information via email or phone unless you initiate the contact. If you receive such a request, DON’T RESPOND.
- According to a Federal Trade Commission report, Information Theft is the fastest growing crime in the United States. It occurs once every 79 seconds on average. In 2005, the cost to consumers was in excess of $5,000,000,000, while the cost to businesses was in excess of $47,000,000,000. The average consumer loss from a phishing attack is $1200.
- According to a Symantec presentation, 1 out of every 125 emails sent is a phishing attack. In 2005, phishing attacks rose by 90%.
- The Anti-Phishing Working Group reports that 5.7 billion phishing emails are sent each month, and that over 150,000 unique phishing attacks and 3,000 phishing websites are reported per month.
What information are Phishers after?
Phishers are interested in gathering information which, by nature, is private and/or confidential, especially if this information can help them steal your identity.
Information Theft targets a wide array of information, including, but not limited to:
- Social Security Numbers.
- Driver’s License Numbers.
- Date and Place of Birth.
- Mother’s Maiden Name.
- Account Numbers.
- Personal Information.
- Any confidential information that criminals can either directly use or resell.
- Do not disclose any personal information unless the requester has a valid need for the information.
- Don’t hesitate to ask how your information is going to be protected.
- Never agree to have your information shared or sold.
- Remember: No legitimate business or government agency will ever ask for personal information via email or phone unless you initiate the contact. If you receive such a request, DON’T RESPOND!
How NOT to become a Victim.
Phishing may appear to be an anonymous crime, but it is not a victimless crime. However, we have good news: simple techniques exist to NOT become a Phishing Victim.
- Never provide confidential information unless you started the conversation. Never answer an email, pop-up, phone call, letter, etc. that asks for personal information. Legitimate companies do NOT ask for this information, ever!
- Be suspicious! Because something is written down in an email or in a pop-up does not mean that it is true and legitimate.
- Do not click on a link provided in an email or enter information in a pop-up window. Go to the website yourself and from there navigate to the area of interest.
- Use anti-malware solutions that are updated. This will stop the installation of crimeware on your computer that could harvest your information.
- Do not use public computers or wireless networks to conduct confidential activities. This includes wi-fi hot spots, kiosk computers, cybercafés.
- Shred all documents that contain personal, sensitive or confidential information.
What to do if you have been phished?
If you are a phishing victim, it is important for you to follow these simple instructions to minimize the damage caused by the criminals who stole your information.
- Place a Fraud Alert on your Credit Report.
- Close the accounts that you know, or believe, have been tampered with or opened fraudulently.
- File a police report.
- File a complaint with the Federal Trade Commission. By sharing your identity theft complaint with the FTC, you will provide important information that can help law enforcement officials across the nation track down identity thieves and stop them. The FTC can refer victims’ complaints to other government agencies and companies for further action, as well as investigate companies for violations of laws the agency enforces.
- Monitor your bank accounts, credit card accounts and credit report.
Spotlight on Reporting Action Plan:
- Write down the name of everyone you talk to, what he or she tells you, and the date the conversation occurred.
- Follow up in writing with all contacts you’ve made on the phone or in person. Use certified mail, return receipt requested, so you can document what the company or organization received and when.
- Keep copies of all correspondence or forms you send.
- Keep the originals of supporting documents, like police reports and letters to and from creditors; send copies only.
- If you are a victim of phishing, others in your community will be, too. The sooner you report it, the sooner you can help protect your community against these criminals!