AFSAEF Provides Do's and Don'ts to Deal with 'Phishing'

AFSAEF Provides Do's and Don'ts to Deal with 'Phishing'

WASHINGTON, Dec. 6 /PRNewswire/ -- It's easy to see why some consumers are duped by email known as "phishing," where a sender claiming to be a legitimate (and often well-known) business tries to entice recipients of the email to provide private information needed to access financial accounts. Those who respond usually end up with unauthorized transactions on whichever accounts were comprised.

"Phishing, also known as 'spoofing,' is essentially an electronic form of identity theft," says Susie Irvine, president and chief executive officer of the American Financial Services Association Education Foundation (AFSAEF). "A consumer's best defense is to become familiar with common characteristics of these offers so they'll be able to spot them when they turn up in their computers' inboxes." Among these characteristics:

* A sense of urgency -- typically, the email will refer to some dire
action, such as closing your account or charging you a fee, if you
don't respond.

* Obvious spelling and grammar errors -- these help the emails avoid
computer spam filters.

* Input fields that ask for sensitive personal information -- such as
account numbers or passwords, credit card numbers, PIN number, mother's
maiden name or Social Security Number.

* Lack of a personal salutation -- the email does not address you by
name.

AFSAEF also offers these "Do's" and "Don'ts" regarding phishing:

Don't respond to any unsolicited emails or pop-up messages that ask for
personal or financial information. Legitimate companies do not ask for
this information via email.

Don't assume an email message with an authentic business logo is
authentic itself. In many cases, the email is HTML-based and is coded to
hijack the actual graphics of the site being spoofed.

Don't be lax in keeping your computer's anti-virus software up to date.

Do treat all email requests for financial or personal information with
suspicion. Visit the business' Web site to obtain a legitimate phone
number or email address, then contact the business to verify that the
email is genuine.

Do contact your financial institution immediately if you unknowingly
supplied personal or financial information.

Do forward "phishing" emails, with their original header information, to
the following groups:

* The company that is being spoofed. Check the company's Web site to see
if it has an "abuse" email address.

* The Federal Trade Commission at spam@uce.com

* The Anti-Phishing Working Group at reportphishing@antiphising.com

Founded in 1990 and based in Washington, D.C., AFSAEF's mission is to help consumers realize the benefits of responsible money management, understand the credit process and seek help if credit problems occur. It is affiliated with the American Financial Services Association, a national trade association for financial services firms providing credit to consumers and small businesses.


Source: American Financial Services Association Education Foundation

CONTACT: Lynne Strang of the American Financial Services Association
Education Foundation, +1-202-296-5544, ext. 613

Web site: http://www.afsaef.org/


-------
Profile: intent