Phishing: What is it and what can you do to protect yourself?

The phrase "Phishing" refers to the scam of where a criminal "Fishes" for valuable personal information. Phishing involves a criminal or malicious group sending out fake e-mails that claim to be from a person's bank, credit card company or anyone who has an account with the person that requires financial information. The thieves (posing as your bank or credit card company or some legitimate business that you do financial transactions with) claim that they need you account information in some way from X reason (They could claim a number of things. Most notably either that the institution has new standards that require you to update your account or possibly that they need you to validate a recent transaction by entering your user name and password into a website) The criminals provide you with a link in the e-mail that they say you need to click. Usually it looks like a legitimate link or they say click here. In both cases the link is masked. The link provided takes you to a fake website where an unsuspecting victim enters his information. Now the criminals have all the information they need to run wild with the victim's account and credit rating.

Now for how you can prevent this from happening to you

First, be VERY suspicious of ANY e-mail, no matter how legitimate it looks, that asks for ANY of you personal information, no matter how insignificant. Sometimes criminals start small and when you respond to their small requests (phone number, address, etc) they ask for more.

Next, right click on any link provided in the e-mail and click properties. If it does not go to your institution's website or provides a link through IP address (Ex. 176.431.491.781) it's most likely a phishing scam

Finally, call the institution that the e-mail claims to be from and validate the claims. DO NOT call any numbers provided on the e-mail. Call the institution in numbers provided in the phone book or on statements from the company. If the claims are true, the customer assistants at the companies should be able to validate them.