The following is an excerpt of a recent email that I sent to users at my firm regarding phishing. I'm posting it here mainly because of the pertinent links at the bottom and also in case I need to use it again:
I'm sure most of you have gotten at least one email like the following:
Below is the result of your feedback form. It was submitted by
([email protected]) on Wednesday, March 9, 2005 at 07:12:59
: Dear eBay Member,
We at eBay are sorry to inform you that we are having problems with the
billing information of your account. We would appreciate it if you would
visit our website *Link removed* and fill out the proper information that we are needing to keep you as an eBay member.
If you think you have received this email as an error, please visit our
website *Link removed* and fill out the neccesary information. That way we can make
sure that everything is up to date! Again here is the link to
our website. *Link removed* Joe Watson
eBay Billing Center
Rep ID. 32A
This type of email is sent out by individuals attempting to get you to divulge your personal information. This type of scam is called "Phishing".
Phishing is the newest wave in identity theft. This method uses various online techniques to fool you into providing financial and personal information to people waiting to take advantage of you.
Phishing uses spam, email or pop-up messages to deceive Internet users into disclosing credit card numbers, bank account information, Social Security numbers, passwords, and other sensitive information.
These e-mails appear to come from a legitimate company, usually a financial institution or credit card issuer, urging you to immediately reply with personal information so your account is not deactivated.
To increase the chances of people falling for this type of scam, they'll even use the company's logo, colors, and standard disclosure text. The e-mail usually will contain a link that takes you to a fake site made to look like the company's legitimate Web site.
Here are some clues that an email is part of a phishing scam:
* Look for misspellings and poor grammar;
* The Web site often does not have ''http://'' in the address bar at the top.
* There generally is an urgent tone or call to action. Phishing e-mails will allude to dire consequences, such as ''your account will be deactivated if you do not respond within 24 hours...''
The following websites have more good information on what phishing is and how to avoid these scams:
Your personal banking institution's website will most likely also have information for you on how to avoid these sorts of scams as well as their policies/procedures of how they contact you in the event of problems.