Identity Theft Methods: Phishing

We've all received these emails at some point. It will look like an email from your bank, Ebay, or Paypal, saying that you needed to confirm or update your information or that your account has been suspended, and with it a link is conveniently provided. If you click on the link, you are taken to a page with a number of fields asking for account information, passwords, your Social Security number and other identifying information. Here's one I received last week.



Most of you probably know by now that this is a scam. And to be honest, I never thought anyone actually took these seriously. After all, my bank would not ask me to submit information they already have. However, after doing some research, I found that thousands of people have been hit by identity thieves after responding to these requests for information.

The term for this method of harvesting information for identity theft is called phishing. Phishing scammers will claim to be from a financial institution in an effort to trick people into surrendering important identifying information. The website will look legitimate, and with the proper Java script commands, they can alter the web address in the address bar. By spamming enough people, these scammers will reach a percentage of people who have accounts at these institutions and will be all too willing to provide the requested information. Obviously, the best way to avoid the scam is not to respond at all, and be suspicious of any "company" that requests this information in an email. The Federal Trade Commission has a list of suggestions here. If you are concerned that there might be a problem with your account, type in your bank's url yourself before logging in or call your bank directly.

There are organizations that are set up to help combat phishing like Antiphishing.org and PhishTank.