How to Identify and Avoid Fraudulent Communications or “Phishing”

Share Post: facebook Created with Sketch. twitter Created with Sketch. linkedin Created with Sketch. mail Created with Sketch. print Created with Sketch.

In this day and age, electronic communication has made huge improvements toward making communications quick and convenient. However, we must remain vigilant in protecting our valuable personal information. We believe the best safeguard is for you to educate yourself on what “phishing” is, how to identify possible “phishing” communications and how to protect yourself and your information from getting into the wrong hands. The information below is taken directly form the SEC Investor Publication, “Phishing” Fraud: How to Avoid Getting Fried by Phony Phishermen.

EDUCATE:

“Phishing” involves the use of fraudulent emails and copy-cat websites to trick you into revealing valuable personal information — such as account numbers for banking, securities, mortgage, or credit accounts, your social security numbers and the login IDs and passwords you use when accessing online financial services providers. The fraudsters who collect this information then use it to steal your money, your identity or both.

When fraudsters go on “phishing” expeditions, they lure their targets into a false sense of security by hijacking the familiar, trusted logos of established, legitimate companies. A typical phishing scam starts with a fraudster sending out millions of emails that appear to come from a high-profile financial services provider or a respected Internet auction house.

IDENTIFY:

The email will usually ask you to provide valuable information about yourself or to “verify” information that you previously provided when you established your online account. To maximize the chances that a recipient will respond, the fraudster might employ any or all of the following tactics:

  • Names of Real Companies — Rather than create from scratch a phony company, the fraudster might use a legitimate company’s name and incorporate the look and feel of its website (including the color scheme and graphics) into the phishy email.
  • “From” an Actual Employee — The “from” line or the text of the message (or both) might contain the names of real people who actually work for the company. That way, if you contacted the company to confirm whether “Jane Doe” truly is “VP of Client Services,” you’d get a positive response and feel assured.
  • URLs that “Look Right” — The email might include a convenient link to a seemingly legitimate website where you can enter the information the fraudster wants to steal. But in reality the website will be a quickly cobbled copy-cat — a “spoofed” website that looks for all the world like the real thing. In some cases, the link might lead to select pages of a legitimate website — such as the real company’s actual privacy policy or legal disclaimer.
  • Urgent Messages — Many fraudsters use fear to trigger a response, and phishers are no different. In common phishing scams, the emails warn that failure to respond will result in your no longer having access to your account. Other emails might claim that the company has detected suspicious activity in your account or that it is implementing new privacy software or identity theft solutions.

PROTECT:

The best way you can protect yourself from phony phishers is to understand what legitimate financial service providers and respectable online auction houses will and will not do. Most importantly, legitimate entities will not ask you to provide or verify sensitive information through a non-secure means, such as email.

Follow these five simple steps to protect yourself from phishers:

  1. Pick Up the Phone to Verify — Do not respond to any emails that request personal or financial information, especially ones that use pressure tactics or prey on fear. If you have reason to believe that a financial institution actually does need personal information from you, pick up the phone and call the company yourself — using the number in your rolodex, not the one the email provides!
  1. Do Your Own Typing — Rather than merely clicking on the link provided in the email, type the URL into your web browser yourself (or use a bookmark you previously created). Even though a URL in an email may look like the real deal, fraudsters can mask the true destination.
  1. Beef Up Your Security — Personal firewalls and security software packages (with anti-virus, anti-spam, and spyware detection features) are a must-have for those who engage in online financial transactions. Make sure your computer has the latest security patches, and make sure that you conduct your financial transactions only on a secure web page using encryption. You can tell if a page is secure in a couple of ways. Look for a closed padlock in the status bar, and see that the URL starts with “https” instead of just “http.”
  1. Read Your Statements — Don’t toss aside your monthly account statements! Read them thoroughly as soon as they arrive to make sure that all transactions shown are ones that you actually made, and check to see whether all of the transactions that you thought you made appear as well. Be sure that the company has current contact information for you, including your mailing address and email address.
  1. Spot the Sharks — Visit the website of the Anti-Phishing Working Group at www.antiphishing.org for a list of current phishing attacks and the latest news in the fight to prevent phishing. There you’ll find more information about phishing and links to helpful resources.

What To Do If You Run Into Trouble

Always act quickly when you come face to face with a potential fraud, especially if you’ve lost money or believe your identity has been stolen.

  • Phishy Emails — If a phishing scam rolls into your email box, be sure to tell the company right away. You can also report the scam to the FBI’s Internet Fraud Complaint Center at www.ic3.gov. If the email purports to come from the Securities and Exchange Commission, alert the SEC by submitting a tip online at https://denebleo.sec.gov/TCRExternal/disclaimer.xhtml.
  • Identity Theft — If you think that your personal information has been stolen, visit the Federal Trade Commission’s feature on Identity Theft at www.consumer.ftc.gov/features/feature-0014-identity-theft for information on how to control the damage.
  • Securities Scams — Before you do business with any investment-related firm or individual, do your own independent research to check out their background and confirm whether they are legitimate. For step-by-step tips and links to helpful websites, please read Check Out Brokers and Advisers and SIPC Exposes Phony “Look-Alike” Web Site. Report investment-related scams to the SEC using our online Complaint Center.
Share:
facebook Created with Sketch. twitter Created with Sketch. linkedin Created with Sketch. mail Created with Sketch. print Created with Sketch.
Share Post: facebook Created with Sketch. twitter Created with Sketch. linkedin Created with Sketch. mail Created with Sketch. print Created with Sketch.

RECENT POSTS

Why You Need a Will (and You Need One Today)

Who wants to spend an afternoon thinking about their mortality? No one, which is why more than half of Americans don’t even have a will. The foundation of your estate plan is a Last Will and Testament. Without a will, you are leaving the disposition of your assets and the guardianship of yo …

Carson Provides Support to Flood Victims

In late March, several states in the Midwest including Nebraska and Iowa endured record flooding. Nebraska alone has endured over an estimated $1 billion in damages, with more than 2,000 homes and 340 businesses destroyed. With several of our Omaha stakeholders directly affected by the floo …

5 Reasons to Think About Long-Term Care Planning Today

I once received an email from a family friend about long-term care insurance. He was frustrated over a premium increase – which wasn’t the first rate hike – yet, he was still thankful for the policy. Despite the rising cost, he knew the importance of long-term care insurance in helping prot …

Volatility – What to Expect and How to Act

I recently gave an annual presentation to the 401(k) participants I advise. I always try to explain risk tolerance and investing to my audience in an easily understandable way. For most of the participants, investing in their 401(k) has been their only experience investing, so their knowled …
1 2 3 38 39 40 41 42 106 107 108

Get in Touch

In just 15 minutes we can get to know your situation, then connect you with an advisor committed to helping you pursue true wealth.

Schedule a Consultation