How to Avoid Becoming a Victim of Phishing

Have you ever received an email from your banking institution requesting an update of your personal identifying information, as well as account information?  If you have, stop and think.

Financial institutions do not use email as a form of communication to update personal information.  It is however, common to receive email alerts, if you have signed up for them.  If you have received an email from your alleged financial institution that requires you to click on a link to update or confirm your name, address, telephone number, account number, PIN, and/or Social Security number, it is an attempt to phish for your personal identifying information.  Data thieves use phishing emails to gain access to personal information.  In most cases, this information is used to commit identity theft, or financial fraud.

Phishing scams are characterized by these scam emails, and often times by telephone calls.  While both are common, online phishing scams can have serious repercussions.  If the victim follows the instructions on the email, he or she is redirected to a site.  This site will mirror tremendous similarities to the original institution’s website.  Not only can the victim compromise the information requested, but can also allow access to his or her computer system.   Often times, these fraudulent sites install malicious software in the form of viruses, Trojans, spyware, worms, etc.   This software is intended to gain unauthorized access to data stored in computers, or even remotely control someone’s computer.

So, remember that financial institutions will not ask you to click on a link to verify your personal information.   Emails are not their primary method of communication.  If you receive one of these emails, do not reply or enter any information.   Instead, contact your banking or financial institution via telephone.  Use the customer service telephone number on the back of your debit or credit card.  Upon contacting your institution, you will confirm it was a phishing attempt.

If you wish to visit your institution’s website, be sure to enter the URL directly into your browser, or use your bookmarks.  Look for the security certificate, and make sure the URL begins with HTTPS: This means you have accessed a secure site.

A good rule of thumb is: Never provide your personal identifying information unless you have initiated the communication with your financial or banking institution.