Debt Consolidation Depot
Debt Consolidation & Financial Information Resource Center
June 1, 2004
Phishing is a technique that criminals use to commit identity theft
and fraud. CreditGUARD of America, a non-profit credit counseling agency,
explains how to spot phishing and protect yourself from identity theft.
(PRWEB) -- Identity theft is something most people think will never happen
to them. However, this type of crime is steadily growing and is wreaking
havoc on credit and banking industries. In the last five years, the Federal
Trade Commission (FTC) estimates more than 27 million American adults have
been victimized by identity theft criminals.*
During January to December 2003, Internet related fraud accounted for 55% of
all identity theft complaints.**
What is Phishing?
Phishing is a general term for criminals that use online technology (emails
and websites) to “mask” themselves as legitimate businesses, financial
institutions, and/or government agencies, giving consumers enough comfort
level to disclose bank accounts, credit card information, or other personal
data (social security numbers, usernames and passwords). These criminals,
known as phishers, then steal your identity to make unauthorized purchases,
open new credit accounts, and/or spread computer viruses. Incidents of this
type of identity theft are getting worse. During the first quarter of 2004,
law enforcement authorities, businesses and consumers saw a significant
increase in the use of phishing.
How Do Phishers Trick Consumers into Giving Their Personal Data?
Phisher will create a phishing email that on the surface will appear to come
from a legitimate business, financial institution, or government agency.
Then the identity thief will spam (mass email) thousands of consumers’ email
addresses. What these criminals count on is that some of these targeted
consumers have existing relationships with the legitimate entity.
What do these phishing emails look like? These criminals are very clever,
oftentimes cutting and pasting the logos, content and company information
from the legitimate entity into the email. The phisher will insert false
statements to create a sense of urgency with a corresponding link so the
consumer can go and “fix” the problem. Here are some of the false statements
identity thieves are using:***
* “Our company has decided to test for free the security of the email
services that you use…Hoping you have understood that we are doing all these
for your own safety…we suggest you access the following form.”
* “…we have detected a slight error in your information…update and verify
your information by clicking the link below…if your account information is
not updated within 48 hours then your ability to use your [company account
will be restricted.”
* “During our regular update and verification of the [type of account, we
could not verify your current information…as a result your access to use our
services has been limited…To update your account information and start using
our services please click on the link below”
If the consumer clicks on the link in the phishing email, it will take them
to a dummy website where consumers are encouraged to fill out a form,
putting bank accounts, credit card information, or other personal data into
the hands of the identity thief. This fake website can look exactly like the
legitimate business, financial institution, or government agency they’re
mimicking. The phisher will put logos, content and company information from
the legitimate entity into the dummy website.
The clever identity thieves use technology to expose browser vulnerabilities
and mask the URL (Uniform Resource Locator) to resemble the domain of the
legitimate company.
How to Protect Yourself From Identity Theft
There are many ways consumers can protect themselves from phishing and other
types of identity theft. The Department of Justice recommends that consumers
use three basic rules when dealing with questionable emails and websites:
Stop, Look and Call.****
* Stop – Phishers include false statements to deliberately upset or excite
you. The identity theft is counting on the fact that you will react to the
email on impulse, click on the link and give them your personal data. Resist
your impulse to click and take the time to examine the email more closely.
* Look – Examine the email and take a moment to consider if the contents
make sense. Be suspicious of any email encouraging you to give out your bank
accounts, credit card information, or other personal data.
* Call – If you think the email may be legitimate, take the time to look up
the company’s phone number and call to verify the email’s contents. Do not
call the phone number in the email because it may be false. Instead, call
the toll-free customer service number on the back of the card or your
account statement.
Additionally, you should sign up for a credit monitoring service to notify
you when someone accesses your credit report and/or tries to open new lines
of credit. CreditGUARD of America has created the Coach Credit Scout
(http://www.creditguardcoach.com) to monitor your credit report 24 hours a
day, 365 days of the year. When signing up for the CreditGUARD Coach (which
provides you valuable credit analysis and step-by-step instructions on how
to improve your credit), you receive a 30-day free trial of Coach Credit
Scout.
If you suspect that you have fallen for a phishing scheme, you should
immediately file an online complaint with the Internet Crime Complaint
Center (http://www.ic3.gov). For further instructions on what to do if your
identity has been stolen, visit the FTC National Center for ID Theft
(http://www.consumer.gov/idtheft/).
CreditGUARD of America is a non-profit credit counseling agency that assists
consumers through debt counseling and financial education. Please visit our
web site at www.creditguard.org or call 1-800-867-0406 for a free
consultation with a certified credit counselor.
* Federal Trade Commission – Identity Theft Survey Report. Incidence of
Identity Theft. Sept. 2003. Synovate (http://www.ftc.gov/os/2003/09/synovatereport.pdf)
** National and State Trends in Fraud & Identity Theft: January – December
2003. Executive Summary. 22 Jan. 2004. Federal Trade Commission (http://www.consumer.gov/sentinel/pubs/Top10Fraud2003.pdf)
*** Phishing Archive. Last Update 25 May 2004. Anti-Phishing Working Group
(http://www.antiphishing.org/phishing_archive.htm)
**** Special Report on Phishing. What Should Internet Users Do About
Phishing Schemes? Department of Justice: Criminal Division (http://www.usdoj.gov/criminal/fraud/Phishing.pdf)
© 2004 DebtConslidationDepot.com