| If you have an e-mail account, you've probably received an “urgent” message that appeared to come from your bank, credit card company, eBay, or some other online account you have. The e-mail would convey some problem with your account, and tell you to follow a link to log on and take care of the problem - or lose your access.
Hopefully, you've ignored that e-mail, knowing you've been “phished” by some scammer who is after your financial information. Unfortunately, many people fall for it. And it's getting harder to recognize these fakes, as criminals are becoming more sophisticated.
“They're extremely good as disguising illegitimate e-mails as good e-mails,” said Jim Kendall of Telebyte NW. “It's absolutely criminal.”
Phishing is a term that essentially refers to someone sending a false e-mail that pretends to be from an established business with the goal of stealing a person's bank or credit card data or other information that can be used for identity theft. These messages contain company logos and other elements that make them look authentic, and usually direct the person to a site that also looks like the real deal.
“It's real easy to fall into that trap,” Kendall said. But legitimate companies don't ask for that information by e-mail, and most people know that yet still ignore the red flags.
You can do several things to check for the legitimacy of an e-mail communication. You're likely to see the scam right away in an e-mail containing misspellings and poorly written text, but those are becoming more rare. If you follow the link, look in the browser address bar for the Web site address, if you see a bunch of letters and numbers that form a nonsense address, it's a sure sign this is a hoax. Those a little more technologically savvy can look at the page's source code and find the URL that way.
But the best protection is to simply call your institution and see if there is a problem, or go to their Website and log into your account directly (although entire Websites too have been hijacked on occasion).
“The first thing you should do if you think you've bee suckered, contact your bank. It's no different than having your credit card stolen: The perpetrator will try to use it immediately,” Kendall said. “It's important, if there is even a hint, to take quick action.”
You should also report this to the law enforcement agencies. The FBI could get involved as well if a lot of money is at stake, usually more than $10,000, but Kendall said criminals know that and keep their theft to lower amounts.
Aside from phishing, other scams to look for are unsolicited e-mails offering loans, credit, or other financial services. Legitimate companies don't resort to mass e-mailing for their promotions. Being careful while shopping online in general is a good rule of thumb. If it's an unfamiliar company, do a little more research before handing over, virtually speaking, your credit card. Things like lack of contact information except for e-mail may be signs the company is not legit.
“The Internet still operates as a trusted network, and you can't trust it anymore,” Kendall said. | 