From Bridget Mouchon
UWEX Family Living
educator
MONROE - Green County residents have recently been targeted in a fraudulent phone scam. The fraud attempt involved scammers calling up people and telling them they were from their own bank and that their debit card was compromised. They then asked for all of the critical debit card information so they could rectify the situation.
When internet fraudsters impersonate a business to trick you into giving out your personal information, it's called phishing. Don't reply to email, text, or pop-up messages that ask for your personal or financial information. Don't click on links within them either - even if the message seems to be from an organization you trust. It isn't. Legitimate businesses don't ask you to send sensitive information through insecure channels.
It is especially hard to make a split-second decision on the phone when it seems like an emergency. Make a point to never give personal information, like a Social Security or bank account number over the phone when someone calls you. Tell the person that you will call back at the number for the business listed in the phone book or from your files.
Examples of Phishing Messages
You open an email or text, and see a message like this:
n "We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."
n "During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."
n "Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund."
n "You've won a vacation/large gift/money. Please verify your Social Security number/bank account information to start the process of claiming your prize."
The senders are phishing for your information so they can use it to commit fraud.
How to Deal with Phishing Scams
Delete email and text messages that ask you to confirm or provide personal information (credit card and bank account numbers, Social Security numbers, passwords, etc.). Legitimate companies don't ask for this information via email, phone, or text.
The messages may appear to be from organizations you do business with - banks, for example. They might threaten to close your account or take other action if you don't respond.
Don't reply, and don't click on links or call phone numbers provided in the message, either. These messages direct you to spoof sites - sites that look real but whose purpose is to steal your information so a scammer can run up bills or commit crimes in your name.
Area codes can mislead, too. Some scammers ask you to call a phone number to update your account or access a "refund." But a local area code doesn't guarantee that the caller is local.
Action Steps
You can take steps to avoid a phishing attack. Use trusted security software and set it to update automatically. In addition, use these computer security practices;
n Don't email personal or financial information. Email is not a secure method of transmitting personal information.
n Only provide personal or financial information through an organization's website if you typed in the web address yourself and you see signals that the site is secure, like a URL that begins https (the "s" stands for secure). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
n Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call to confirm your billing address and account balances.
n Be cautious about opening attachments and downloading files from emails, regardless of who sent them. These files can contain viruses or other malware that can weaken your computer's security.
n Never give out any personal information when a "business" or "agency" calls you on the phone. Say, "I'm sorry I don't give my personal information over the phone." If you feel the need to follow up, tell the person you will get off the phone with them, and call back at the number you have on file for that business or agency.
Report Phishing Emails and
Phone Calls
Forward phishing emails to spam@uce.gov - and to the company, bank, or organization impersonated in the email. You also may report phishing email to reportphishing@antiphishing.org. The Anti-Phishing Working Group, a group of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.
If you might have been tricked by a phishing email or phone call:
n File a report with the Federal Trade Commission at www.ftc.gov/complaint.
n Visit the FTC's Identity Theft website. Victims of phishing could become victims of identity theft; there are steps you can take to minimize your risk.
UWEX Family Living
educator
MONROE - Green County residents have recently been targeted in a fraudulent phone scam. The fraud attempt involved scammers calling up people and telling them they were from their own bank and that their debit card was compromised. They then asked for all of the critical debit card information so they could rectify the situation.
When internet fraudsters impersonate a business to trick you into giving out your personal information, it's called phishing. Don't reply to email, text, or pop-up messages that ask for your personal or financial information. Don't click on links within them either - even if the message seems to be from an organization you trust. It isn't. Legitimate businesses don't ask you to send sensitive information through insecure channels.
It is especially hard to make a split-second decision on the phone when it seems like an emergency. Make a point to never give personal information, like a Social Security or bank account number over the phone when someone calls you. Tell the person that you will call back at the number for the business listed in the phone book or from your files.
Examples of Phishing Messages
You open an email or text, and see a message like this:
n "We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."
n "During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."
n "Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund."
n "You've won a vacation/large gift/money. Please verify your Social Security number/bank account information to start the process of claiming your prize."
The senders are phishing for your information so they can use it to commit fraud.
How to Deal with Phishing Scams
Delete email and text messages that ask you to confirm or provide personal information (credit card and bank account numbers, Social Security numbers, passwords, etc.). Legitimate companies don't ask for this information via email, phone, or text.
The messages may appear to be from organizations you do business with - banks, for example. They might threaten to close your account or take other action if you don't respond.
Don't reply, and don't click on links or call phone numbers provided in the message, either. These messages direct you to spoof sites - sites that look real but whose purpose is to steal your information so a scammer can run up bills or commit crimes in your name.
Area codes can mislead, too. Some scammers ask you to call a phone number to update your account or access a "refund." But a local area code doesn't guarantee that the caller is local.
Action Steps
You can take steps to avoid a phishing attack. Use trusted security software and set it to update automatically. In addition, use these computer security practices;
n Don't email personal or financial information. Email is not a secure method of transmitting personal information.
n Only provide personal or financial information through an organization's website if you typed in the web address yourself and you see signals that the site is secure, like a URL that begins https (the "s" stands for secure). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
n Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call to confirm your billing address and account balances.
n Be cautious about opening attachments and downloading files from emails, regardless of who sent them. These files can contain viruses or other malware that can weaken your computer's security.
n Never give out any personal information when a "business" or "agency" calls you on the phone. Say, "I'm sorry I don't give my personal information over the phone." If you feel the need to follow up, tell the person you will get off the phone with them, and call back at the number you have on file for that business or agency.
Report Phishing Emails and
Phone Calls
Forward phishing emails to spam@uce.gov - and to the company, bank, or organization impersonated in the email. You also may report phishing email to reportphishing@antiphishing.org. The Anti-Phishing Working Group, a group of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.
If you might have been tricked by a phishing email or phone call:
n File a report with the Federal Trade Commission at www.ftc.gov/complaint.
n Visit the FTC's Identity Theft website. Victims of phishing could become victims of identity theft; there are steps you can take to minimize your risk.
