The various takeovers and mergers in the financial fallout give phishers a new opportunity to try to scam you into giving over your bank account warns the FTC. As most of you know, any unexpected email message that looks like it came from a financial institution, asking you to “update,” “validate,” or “confirm” your account information is invariably a scam. Unwitting victims are redirected to a login site that looks like it’s for their bank, but is really just a way to steal your account logins and/or personal information for use in further identity theft. Here’s the FTC’s tips for getting “hooked” by the “phishers” (gotta love it when the Feds pun)…
* Don’t reply to an email or pop-up message that asks for personal or financial information, and don’t click on links in the message – even if it appears to be from your bank. Don’t cut and paste a link from the message into your Web browser, either. Phishers can make links look like they go one place, but actually redirect you to another.
* Some scammers call with a recorded message, or send an email that appears to be from an institution, and ask you to call a phone number to update your account. Because they use Voice over Internet Protocol technology, the area code you call does not reflect where the scammers are. To reach an institution you do business with, call the number on your financial statements.
* Use anti-virus and anti-spyware software, as well as a firewall, and update them regularly.
* Don’t email personal or financial information. Email is not a secure way to send sensitive information.
* Review your financial account statements as soon as you receive them to check for unauthorized charges.
* Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer’s security.
* Forward phishing emails to firstname.lastname@example.org – and to the institution or company impersonated in the phishing email. You also may report phishing email to email@example.com. The Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.
* If you’ve been scammed, visit the Federal Trade Commission’s Identity Theft website at ftc.gov/idtheft for important information on next steps to take.