How to Help Avoid Phishing Scams
1. Be suspicious of any e-mail or other message containing an urgent request for your personal information.
Phishing scams typically include upsetting or exciting (but false) statements to encourage victims to act immediately. They typically ask for information like screen names or other usernames and passwords, credit card numbers, Social Security numbers and more.
2. Even if you think a request for information may be legitimate, don’t click the links in the e-mail to visit a Web site.
Sometimes links can be disguised to look like they’re taking you to a real site, when they’re actually taking you to a scam site. Instead of clicking a link, type the Web site’s address by hand to ensure that you go to the company or organization’s real site.
If the request for information is coming from a company or organization with whom you have a relationship, call them directly to confirm whether they actually need the information and, if so, whether you can provide it over the telephone.
3. Be extremely careful if you share personal or financial information online.
It is recommended that you never provide sensitive information via e-mail or instant message. Providing this information via Web site is acceptable only if you are certain that the site is legitimate, and the site is secured (see below for additional info).
4. If you submit information to a Web site, make sure the site is secure.
Look for the “lock” icon on the status bar at the bottom of your browser window. The lock icon typically appears in the lower right-hand corner of the browser window. In addition, check the beginning of the URL or Web address – if it starts with “https://,” rather than just “http://,” you’re on a secure server.
5. Review credit card and other account statements regularly.
If you see anything suspicious, contact your banks and all your credit card issuers immediately. If your statement is late by more than two or three days, call your credit card company or bank to confirm your billing address and account balances.
6. Keep your operating system and Web browser up to date.
To update your Windows® operating system and your Internet Explorer® browser, go to windowsupdate.microsoft.com. Follow the instructions there to check for updates, then download and install any critical updates.
7. Install and run anti-virus software and update it frequently.
Use any one of many commercially available anti-virus programs.
No matter which anti-virus program you use, make sure you keep it up-to-date, or it will provide less and less protection over time. Instructions for updating your software should be included in your program’s manual or help area. You can also check the program manufacturer’s Web site for instructions.
8. Run Spyware Protection software regularly.
9. Run firewall software on your computer.
A firewall is your computer’s first line of defense against harmful attacks from the Internet. If you have a broadband connection, use firewall software to hide your computer from hackers and help protect it from destructive computer trojans and worms. Firewall Guide
10. Report any phishing scams you receive to the following organizations.
- Report e-mail phishing scams to your email provider.
- Forward the scam e-mail to the company featured in the e-mail if it is a legitimate company.
- Forward the entire e-mail to the Federal Trade Commission at Spam@uce.gov.