Sophisticated Phishing Scams Target Consumers

One online threat to consumers is a type of Internet piracy called "phishing." Phishing attacks, pronounced "fishing," are a favorite scam of organized crime rings. Here's how phishing works. The thieves send fraudulent e-mails which appear to come from reputable organizations, such as banks. These e-mails usually warn of a problem on the consumer's account that requires immediate action. The e-mails then instruct the individual to click on a link to update account information or provide personal information such as a Social Security number, account number, password, etc. If the consumer clicks on the link, they are redirected to a phony web site that appears to be authentic. When the consumer provides their personal data, it is then captured by the thieves.

Now There Are New Identity Theft Attacks

Financial companies such as Citibank, Washington Mutual, Bank One, SunTrust bank, and eBay's online payment service, PayPal, have all been targets of phishing. The latest type of phishing attack is particularly hard to discern. The result can be the loss of personal information even if the consumer is not fooled by the e-mail.

When a bank customer simply opens the e-mail, a program attached to the e-mail runs a script, even if the consumer deletes the message without clicking on any links. When that consumer tries to visit the legitimate web site of their bank, a malicious code redirects the consumer to a fraudulent site where their personal data is then stolen.

There is Good News About Phishing!

Internet companies such as Microsoft, AOL, Earthlink, and VeriSign, Inc. have joined with the Federal Bureau of Investigation, Federal Trade Commission, U.S. Secret Service, and U.S. Postal Inspection Service to form Digital PhishNet to accelerate the number of arrests and convictions against phishers.

Protect Yourself

Anti-virus software and personal firewalls can keep phishing e-mails out of your in-box. Spam filters, from companies like AOL, Yahoo, and Microsoft, have gotten better at capturing the phishing e-mails before they get to you. In addition, some companies have rolled out downloadable toolbars that alert users when they are potentially on a fraud list website.

Protect your information. Do not open e-mail from financial institutions that you are not expecting to hear from or if you are not sure who sent the e-mail. Never provide your personal data, including your Social Security number, any account numbers or passwords, or other sensitive information over the phone or on the Internet unless you initiated the call. If you fall victim to an attack, act immediately and place fraud alerts on all your credit accounts. Monitor your credit accounts and bank account statements closely. Finally, report any suspicious e-mails or phone calls to the Federal Trade Commission at or by calling 1.877.IDTHEFT.