One of the main concerns about anyone who does any kind of business, personal or otherwise, on the internet is identity theft. For identity theft to work, a victim has to provide the scammer with their social security number, bank account number, mother's maiden name, PIN number, other financial account numbers, or any other sensitive information so that the scammer can use that to pose as the victim and clean out existing accounts or get new accounts in the victim's name. This method of tricking victims into providing that information by pretending that they are someone they are not called "phishing" (PHony identity + fISHING for information = "PHISHING"). Here are some things to beware of in your attempt to protect your self from these phishing expeditions.
Beware Of "Phishy" Looking Emails
By far the most common form of phishing is fraudulent emails pretending to be from a financial institution, the government, or a legitimate business. The scammer sends this email out asking to "confirm" your personal or account information. They can use any type of reasoning from verifying your identity because you've recently won a settlement or lottery to exceeding your account will be closed without you providing this information. A popular avenue that phishers use is to claim that they are from the fraud department of an established company and they want you to verify your information as they suspect you may be the victim of identity theft.
If you have received emails like this, do not click on any links in the email. Scammers have the ability to make websites that look amazingly like the actual website of the company they are pretending to be. Clicking on these links will take you to these websites where you will be prompted to enter in your personal information. If you are in doubt if an email from a legitimate company is real, call them or go to their website (the best way to guarantee it is their site is to type their name into a search engine and click on it from there).
If these emails contain attached files, do not open them. Most legitimate companies do not send out attached files unannounced in their emails, but rather have you download something directly from their website if that is what they need you to do. Attached files from scammers or phishers could contain programs that install them on your computer and then send personal information to the scammer.
Beware Of "Pharming"
Pharming is one of the latest versions of online ID theft. Through the downloading of a file a malicious program is covertly planted on your computer and takes over your web browser. When you attempt to go to a legitimate web site, you're instead taken to a fake copy of the site without realizing it. Then, any personal information you provide at this phony site you are in essence handing straight over to the identity thieves.
Closely associated with "pharming" is the practice of prompting for information in a pop-up window. Sometimes a scammer will send your browser to a legitimate website for a bank, the government, or a retailer. While you're at this completely legitimate website an unauthorized pop-up window, created by the scammer, can open up requesting your personal information. Never enter sensitive information in a pop-up window, legitimate companies and organizations do not ask for personal information to be entered in pop-up windows. It is best if you install a pop-up blocker to help prevent this from happening.
Job Seekers Beware
People seeking employment online are a big target for phishers. Phishers know that when someone is filling out applications or sending in resumes that they are forced to divulge some of their most personal information. Pretending to be potential employers, they will ask for your social security number and other personal information. Make sure you verify the person's identity before providing any personal information.
Beware Of People "Helping" You
Many phishers will contact you and say you've been a victim of fraud or identity theft, they will then ask that you verify your identity by providing them with your personal information. Credit card companies, banks, and law enforcement all contact people from time to time regarding fraud or identity theft. Usually these people will not ask you to verify your personal information. To be safe, you can always ask for their name and the name of the agency or department they are in. Then you can get the contact number from the phone book or Internet and call out to verify their legitimacy.
Beware Of Not Protecting Your Computer / Data
An up-to-date firewall, anti-virus program, spam filter, and spyware detecting program go a long ways in protecting you against phishing attempts. If you have a broadband Internet connection, then your computer is open to attack whenever it is turned on. A firewall can prevent hackers and other scamming entities from accessing your computer and your data. Spyware detecting software and an anti-virus program will protect your computer from what is being put on it. If you intendally install a program that comes with some sort of unintended virus or spyware or if you become infected by means of someone infiltrating your computer, these programs help secure the integrity of your system. A simple spam filter will reduce the quantity of phishing attempts that reach you. None of these systems will help protect your computer and your data if they are not installed, not turned on, or not updated.
Beware That Phishing Can Happen Offline As Well
It is also not unexpected that you could receive a phone call from someone impersonating a bank or government agency. Use some of the same verification steps above to make sure they are who they say they are.
Beware Of Procrastination If You Have Been Victimized
If you think you may have provided account numbers, PIN numbers, or other sensitive information to a phisher or scammer notify the companies with whom you have those accounts with as soon as possible.
If you were contacted in a phishing attempt and were not victimized, make sure you notify the government agency or financial institution that they were impersonating and provide them with any additional information that they could use to investigate these people. This information may lead to the apprehension of this scammer so they can not victimize you or someone else in the future.