Phishing is a form of fraud designed to steal your identity. It works by using false pretenses to get you to disclose sensitive personal information, such as credit and debit card account numbers, account passwords, or Social Security numbers.
One of the most common phishing scams involves sending a fraudulent email that claims to be from your financial institution or a well-known company. Phishing can also be carried out in person, over the phone, through fraudulent pop-up windows, and websites.
DEFINITIONS
Phishing (pronounced “fishing”): Fraudulent emails that request or initiate a scam to get sensitive personal information.
Spoof Site: Fraudulent sites – usually linked from a phishing email – that look like well-known websites. |
 |
How phishing through email works. |
| |
|
|
|
| |
1. Mass Email |
2. Phishing Email |
3. Fraudulent Website |
 |
- A fraudster will start out sending thousands, even millions, of emails to different mail accounts disguised as messages from a well-known company. The typical phishing email will contain a concocted story designed to lure you into taking an action such as clicking a link or button in the email or calling a phone number. Learn how to spot a fraudulent email with Recognizing Phishing.
- In the email, there will be links or buttons that take you to a fraudulent website.
- The fraudulent website will also mimic the appearance of a popular website or company. The scam site will ask for personal information, such as your VISA credit or debit card account number, Social Security number, or Justice FCU account password.
You think you’re giving information to a trusted company when, in fact, you’re supplying it to a criminal. Learn how to spot a fraudulent website with Recognizing Phishing. |
|
|
Questions Justice FCU will never ask you in an email. |
To help you better identify fake emails, we follow strict rules. We will never ask for the following personal information in email:
|
• |
Account Numbers |
| |
• |
Social Security Number |
| |
• |
PIN/Password/Usernames |
| |
• |
Credit Card or Debit Card Numbers |
| |
• |
Account Balance Information |
| |
• |
Payment History |
|
Vishing: A new form of Phishing/ID theft. |
Vishing, like phishing, is an attempt to capture sensitive personal information with the intent of stealing one's identity. Vishing, is short for "voice phishing". "Vishing"
uses Voice over Internet Protocol (VoIP) phones instead of a bogus web link to steal financial information.
A recent incident involved customers from Santa Barbara Bank and Trust in California. Internet con artists sent account holders e-mails
asking them to telephone the bank. Customers who responded heard a
recorded message asking them to enter their account details. A second
incident earlier this month involved PayPal customers.
VoIP service providers allow their customers to pick a telephone number that appears to be based elsewhere, so it is possible for
fraudsters to pick a phone number in the same area code and prefix of a major bank despite being physically located somewhere hundreds of
miles away in another city or State.
Always remember that a financial institution already has your personal information, so if you get an unsolicited telephone call where someone
is asking you to provide or confirm any of your personal information, immediately hang up and call your
financial information.
Source: FEDINFO E-LetterIssue 2006-4
Part 2 - Recognizing and Fighting Phishing >>
Additional resources for everyone.
To learn more Online Safety Essentials, go to: www.onguardonline.gov |
