Phishing - Top Tips on Avoiding Internet Scams

What is phishing? It's a dangerous con which uses spam email for luring its victim. Unlike a worm or virus, it doesn't hurt your computer, but it can harm something even more sensitive - personal finances and your bank account.

These phish emails look like they're from a company that you may even use frequently, for example, a bank, an ISP, or a web-based service or credit card. The phony email asks that you update, validate or confirm your info on file to keep the account active, and refers a link to a dummy website which looks like the real thing but is instead a fake. Not knowing this, the unsuspecting enters name, mailing address, telephone number, SSN, and account or credit card info. As the site looks like the trusted business, with the same look and feel, people are fooled into giving out this private info. That's when it happens - it's as if you've just had your handbag or wallet stolen, as the scammer now can use your information to purchase items or make applications for credit posing as - you. They just might even run away with your identity.

Phishing tactics are particularly loathed as they mis-use an individual's trust, good-nature, and willingness to follow instructions which appear official and real. The con artist takes advantage of folks who may not be as savvy or experienced with using an online bank account, and the victim may simply fail to identify a clue that the email may be a con. For some examples, we see that phish emails sometimes contain clunky language, or the web address is a bunch of numbers such as 155.42.21.14 in place of the words you'd typically expect. At times the nav buttons such as 'forward' and 'submit' appear misplaced compared to the overall page design.

Avoid the Scam

With these con artists out there in Internet-land, what can one do to protect oneself? To avoid the trap, the Federal Trade Commission suggests:

- If you receive an email which contains a warning stating that your account will be closed in short notice unless you re-enter your info, don't reply or use the link in the email. Open another window in your browser instead, and enter the website address. Use standard account info and password to login, and make the needed adjustments within. When finished, logout and shut the browser window. You may also use the telephone to contact the business directly in order to verify that the email is legitimate.

- Don't send personal and finance info by email. Before submitting finance info to a website, have a look for the lock image shown in the status bar. You may also want to be sure that the website address has 'https' at the beginning, indicating a secure connection.

- Look over your credit and banking statement when you receive it, and keep an eye out for any fraudulent charge. If it's more than a few days late, give the company a call for confirmation of your address and balance.

- Suspect emails or activity online should be reported to the FTC. You can forward the actual phish spam to: uce@ftc.gov.

Phishing Victims

If you've been conned and have emailed your personal or finance info, there are some actions to take:

- Report the theft to the appropriate institution ASAP.
- The account should be cancelled; open another.
- Take a close look at your statements and report fraudulent charges. Most companies prefer this info in writing, and will often provide a form for you to use.
- If it is a case of fraud, find out the most you are liable for with your banking institution or credit business. Federal laws often set a max.
- File your complaint to the FTC.

Learn to reduce the risks of phishing cons and ID theft online - visit: http://www.consumer.gov/idtheft

Nick Pegley is a marketing expert with All Covered: Technology Services Partner for Small Business, providing information technology consulting and IT services in 20 major U.S. metro areas. Outsource your procurement, installation and technical headaches..