Sound Mind Investing - America's Premier Christian Financial Newsletter
Subscription Information  |  About SMI
Search:  
Home : 2007 Back Issues : Money Talk

Phishing: Beware of This Form of Identity Theft

© Sound Mind Investing | July 2007

With more people using the Internet and taking advantage of the convenience of online shopping and bill pay, there are more methods being developed to steal your personal and financial information. One of the more deceptive techniques is a scam called "Phishing". Phishers attempt to acquire your information (credit card details, passwords, etc.) through spam emails or instant messages that masquerade as legitimate companies sending you important electronic communication. In layman's terms, they send you an email that appears to be from your bank, the IRS, or some such entity, containing all the appropriate logos, mailing addresses, etc., to fool you into thinking it's legitimate. The email usually contains a link that you're supposed to click on to "verify" information relating to your account. However, the link actually takes you to a forged website where questions and input fields are set up for you to complete and submit to the imposter. Because everything looks so official, many people don't think twice about submitting their personal information.

What can you do about it? First, being informed and knowing what to look for and avoid is your main defense. Reading this small article is a good start. If you receive an email from Paypal, eBay, or any other business that isn't addressed specifically to you, then it's likely a spoof. An email addressed to your email address but not to you by name is a clear indicator of a fraudulent email. Additionally, most banks and online stores adhere to strict email policies and they'll never ask you credit card information, passwords, bank account numbers, etc. in an email. OnGuard Online has a great, easy to understand overview of what phishing is and how to combat it.

Second, you should report it. Forward the fraudulent email to the Federal Trade Commission at "spam@uce.gov" and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems. You can also report phishing emails to "reportphishing@antiphishing.org". The Anti-Phishing Working Group, a consortium of ISPs, financial institutions, security vendors, and law enforcement agencies, uses these reports to fight phishing.

Third, you can use software protection to fight it. Using anti-virus and anti-spyware software is a smart practice. Anti-virus software like Norton or McAfee does a great job protecting against computer viruses, and there are free anti-spyware tools such as Ad-aware that help thwart spyware put on your machine without your knowledge. Make sure to keep them updated.

Also, be sure you have a firewall. Windows XP has a software firewall built-in, so if you don't have a router setup in your home, make sure the Windows firewall is turned on. Or use a free software firewall like Zone Alarm. Surfing the web without any firewall engaged is playing with fire.

Finally, recent releases of both the Firefox and Internet Explorer web browsers have built-in protection against phishing. These features work by checking the sites that you browse against a list of known phishing sites. So, be sure you have those features enabled.

Taking a few small steps now to combat phony emails can pay big dividends in the long run. The Federal Trade Commission reported that, for the 4th year in a row, identity theft topped the list of consumer complaints. Being proactive now could keep you from filling out one of those complaint forms later. — Andrew Pryor, SMI Webmaster End

MESSAGE BOARDS
  • Got a question or comment about this article? Discuss it on our Message Boards.
Privacy Policy | Terms of Use | Contact Us | Site Map | Help
© 2008 Sound Mind Investing