Do you use e-mail? Then you have probably received at least one message that appears to be sent from a legitimate company, government agency or other trusted entity. The sender asks that you provide bank account numbers, credit card numbers, social security numbers or other personal information either by replying to the message or by visiting a web site, linked from the message.
The messages and the sites they link to look official. Sometimes, if you look closely, you can spot a typographical or grammatical error, but not always. In fact, most of the time you would be hard pressed to find any indication that both the message and the web site are an attempt to steal your identity.
The practice of sending out look-alike e-mail messages with links to fake web sites in order to steal personal information from unsuspecting consumers is known as phishing. According to the National Consumer League (NCL), phishing is a huge problem.
In 2005, phishing scams ranked sixth in Internet complaints to NCL's Internet Fraud Watch program and the scams continue to dupe consumers. A May 2005 consumer survey by First Data found that 43 percent of respondents had received a phishing contact, and of those, five percent (approximately 4.5 million people) provided the requested personal information. Nearly half of the phishing victims, 45 percent, reported that their information was used to make an unauthorized transaction, open an account, or commit another type or identity theft.
Phishers use a variety of schemes to try to lure you into taking the bait. Many imply they are national financial institutions such as Citibank, Chase, or Bank of America. Identity thieves pick the big companies because the more customers the company has, the more likely the phisher is to hit one with the hundreds of messages sent out.
The truth is that if you have an account with one of these companies, they already have your personal information. If a legitimate company wanted to contact you about any problems, they are much more likely to contact you by mail or phone.
If you are concerned, contact the company using the contact information you have for your account, not the contact information provided in the e-mail message.
Another popular technique is to imitate the Internal Revenue Service, suggesting that you have a refund coming to you from a prior tax tear. Again, the Internal Revenue Service has all of your personal information and would be much more likely to contact you by mail.
If you receive a suspicious e-mail message, call the National Fraud Information Center at 1-800-876-7060.