Phishing is one of the 21st century con artist's favorite fraud tactic. It's becoming increasingly common and the FBI called phishing the "hottest, and most troubling, scam on the Internet." Don't fall victim to this crime.
So what is Phishing? According to Webster's New Millenium Dictionary:
A common scheme is to create a web page that looks like the site of a bank, retailer, online commerce company, or government agency and then send a blast e-mail to millions of people asking them to update their information, verify account details, or to confirm an order. Recent phishers have pretended to be Bank of America, Best Buy, PayPal and eBay.
Also be careful when typing a URL into your browser: Crafty phishers have bought commonly misspelled domain names and replicated the sites in order to trick customers into entering their log-in or credit card information on the fake site.
How to Recognize a Phishy Email
- The actual URL for a link doesn't match the text URL
- The e-mail asks you to validate, update, or confirm personal or financial information. (Most legitimate companies send hardcopy letters to customers when asking for this information.)
- Check the MillerSmiles database. The site currently has an archive of thousands of phishing emails that have been submitted by users.
How to Avoid Phishing Scams
- Never reply to an email asking for personal or financial information.
- Never click on links within the body of an email. Instead, log-in into the company's site directly to “update your information,” etc. or call the company's customer service line.
- If an email asks you to call a number to update your account or access a refund, don't do it. Scammers can easily fake area codes using VOIP lines. Instead, call the number listed on your bill or on the company's official website.
- Never open an attachment unless you are expecting it.
- Keep your anti-spam and anti-virus software up-to-date.
- When you receive a suspicious email, forward it to email@example.com.
Remember, a legitimate business:
- Will never ask you to enter personal information on any Web page that you can access without first signing in with your username and password.
- Will never pressure you to provide a credit card number over the phone. If you're not sure that you are talking to a company representative, hang up and redial the published telephone number.
- Will always be able to answer a question to which only you and the company know the answer. Ask the caller something only you or the company can know: If the caller doesn't know the answer, hang up and call the customer service telephone number listed on the company's Web site. For example, a HomeAway representative will always be able to tell you the date of your last payment, the private e-mail address we use to contact you (assuming you use another email address for your business) or even your vacation home full address.
If you think you may have been a victim of phishing, contact your credit card companies and bank immediately and have a fraud alert placed on your accounts. If you're unsure how to do this, contact the Federal Trade Commission's ID Theft Clearinghouse (877-438-4338).
© Copyright HomeAway, Inc. 2011