Phishing (pronounced “fishing”) refers to fraudulent communications designed to deceive consumers into divulging personal, financial or account information. Phishing emails often appear to come from legitimate financial institutions or retailers. Such requests may ask for information including account numbers, passwords, user names or social security numbers.
These fraudulent emails often create a false sense of urgency intended to provoke the recipient to take immediate action; for example, phishing emails frequently instruct recipients to “validate” or “update” account information or face cancellation. In addition, marketing offers may also be used for attempted phishing.
Phishers use a variety of techniques, which may include false “From” addresses, authentic-looking logos, or Web links and graphics. These techniques mislead consumers into believing that they are dealing with a legitimate request for sensitive information.
Attachments within an email can also facilitate phishing. Do not open attachments in unfamiliar emails, as they may place programs known as “key stroke loggers” on your PC, which capture keystrokes you make (including when you logon to a site and enter your password). The data obtained can then be used to commit fraud.
In all likelihood, phishing will continue to evolve into the use of more sophisticated tactics. For this reason, it is important to always think twice before you provide any personal information.