Consumer Alert: How Not to Get
Hooked by a 'Phishing' Scam
scammers casting about for people's financial
information have a new way to lure
unsuspecting victims: They go "phishing." Phishing,
also called "carding," is
a high-tech scam that uses spam to
deceive consumers into disclosing their
credit card numbers, bank account information,
Social Security numbers, passwords,
and other sensitive information.
to the Federal Trade Commission (FTC),
emails pretend to be from businesses
the potential victims deal with - for
example, their Internet service provider
(ISP), online payment service or bank.
The fraudsters tell recipients that
they need to "update" or "validate" their
billing information to keep their accounts
active, and direct them to a "look-alike" Web
site of the legitimate business, further
tricking consumers into thinking they
are responding to a bona fide request.
Unknowingly, consumers submit their
financial information - not to the
businesses - but the scammers, who
use it to order goods and services
and obtain credit.
To avoid getting
caught by one of these scams, the FTC,
the nation's consumer protection agency,
offers this guidance:
- If you get an email that warns
you, with little or no notice, that
an account of yours will be shut
down unless you reconfirm your billing
information, do not reply or click
on the link in the email. Instead,
contact the company cited in the
email using a telephone number or
Web site address you know to be genuine.
emailing personal and financial
information. Before submitting financial
information through a Web site, look
for the "lock" icon on
the browser's status bar. It signals
that your information is secure during
- Review credit card and bank account
statements as soon as you receive
them to determine whether there are
any unauthorized charges. If your
statement is late by more than a
couple of days, call your credit
card company or bank to confirm your
billing address and account balances.
- Report suspicious activity to the
FTC. Send the actual spam to email@example.com.
If you believe you've been scammed,
file your complaint at www.ftc.gov,
and then visit the FTC's Identity
Theft Web site (www.ftc.gov/idtheft)
to learn how to minimize your risk
of damage from identity theft.
Visit www.ftc.gov/spam to
learn other ways to avoid email scams
and deal with deceptive spam.