Phishing, Spamming and Spoofing...OH MY!

Don't Get Hooked by a Phishing Attack

If you have Internet access, you may be under attack--a phishing attack, that is. This high-tech scam involves three components:

• Spoofing is creating a replica of an existing Web site.
   
• Spamming is unsolicited, or "junk" e-mail.
   
• Phishing is the act of using spoofing and spamming to lure unsuspecting victims, hoping to deceive you into disclosing your Social Security number, credit card and checking account numbers, passwords, or other sensitive information.

The Federal Trade Commission recommends the following tips to help you avoid getting hooked:

1. If you get a pop-up or e-mail message requesting personal or financial information, don't reply or click on the link in the message. Legitimate companies won't ask for this information.
    
2. Be cautious about opening attachments or downloading files from e-mail messages.
    
3. Never send personal information via e-mail. Look for a closed padlock at the bottom of your browser window, or a URL that begins with "https"--the "s" stands for secure. However, some phishers forge these security icons.
    
4. Review statements for accuracy as you receive them. If they're late, call the company to confirm billing address and balance.
    
5. Use antivirus software and keep it up-to-date. Run a firewall, particularly if you have a broadband connection. Take advantage of free software patches.
    
6. Report suspicious activity to the FTC at www.ftc.gov, and forward suspicious messages to spam@uce.gov.

You've Been Phished--Now What?

Even the most tech-savvy people are victims of phishing attacks. Despite being educated and prepared, you still may be fooled into giving out your personal information. If you've been phished, you should assume that you'll probably become a victim of credit card fraud, bank fraud, or identity theft. The following advice will help you if you've given out sensitive information:

Credit, debit, or ATM card information

• Report the theft of this information to the card issuer immediately using the toll-free, 24-hour service number.
   
• Cancel your account and open a new one.
   
• Check your statements closely after the attack.
   
• Federal law limits your liability to a maximum of $50 for any unauthorized use of your credit card. You have zero liability if your credit card number has been stolen but not the card itself.
   
• Liability for ATM or debit card charges depends on how quickly you report the loss. If you report the loss before a thief uses it, your liability is zero. If you don?t report it within 60 days after your bank statement containing the unauthorized use is mailed to you, you risk unlimited loss.

Account information

• Call your affected financial institution to report the loss right away.
   
• Cancel your account and open a new one.

Personal identification information

• Contact the three major credit reporting agencies--Experian, Equifax, and TransUnion--and request they place a fraud alert and a victim's statement in your file. Also ask that they remove inquiries and fraudulent accounts opened after the theft. At the same time, request a free copy of your credit report. The Fair and Accurate Credit Transactions Act (FACT Act) of 2003 requires each major credit bureau to provide one free credit report annually, phased in by region, to consumers who request a copy.
   
• Contact your financial institution and have it flag your account so you are notified if there is any unusual activity.
   
• File a criminal report with your local police.
   
• Report the theft to the Social Security Administration?s Fraud Hotline.
   
• Alert the passport office to watch for someone ordering a passport in your name.
   
• File a complaint with the Internet Fraud Complaint Center.