Editor's Outlook

Don’t Get Caught in a “Phishing” Scam

Over the last year, I have witnessed a growing level of sophistication in scam E-mail trying to capture sensitive financial information.

Phishing, scamming, carding, and spoofing are just some terms used to describe Internet scams that obtain personal information by luring you to replica Web sites. These spoof E-mails are typically trying to obtain any of the following:

• passwords,
• pin numbers,
• ATM and credit card numbers,
• bank account numbers, and
• Social Security numbers.

CLICK ON IMAGE TO SEE FULL SIZE.

The E-mails that I would receive last year typically were oddly worded or filled with typos that made them look obviously fake. However, recent versions look completely legitimate and include official-looking logos and links. The E-mails usually try to convey some sense of urgency to respond by including threat of closing off account access unless you respond to the E-mail.

In some cases, the E-mail may direct you to a part of a legitimate site coupled with a fake log-in section set-up to capture your data. Even if you don’t provide the information that the spoof is looking for, going to the spoof site may initiate the installation of spyware or key-capturing programs onto your system.

It is best not to respond to any E-mail that requires going to a site and entering any private information. If you have any doubt, go the Web site in question directly using the Web address that you normally use to interact with the financial service. Better yet, pick up the phone and call the company using a phone number that you also know is legitimate.

Here are some additional precautions to keep in mind: Before submitting your user name and password at a site, make sure that your browser’s status line displays the closed padlock or solid key to indicate you have a secure connection with the site. Remember to log off the Web site once you are finished and close your browser.