Did you recently get your first credit card or a bank account of your own? Have you used the Internet to make a purchase, check your email or download music?
If you answered "yes" to either one of these questions, you're at risk for online identity theft scams--especially phishing. Phishers are con artists who email you pretending to be a legitimate business, ask for your personal information and ultimately steal your identity. Read on to learn how to fend off phishers and keep your identity secure.
Beware of "Urgent" Email Messages
Many phishing scams land in your email's inbox disguised as a business such as iTunes, PayPal, eBay or a bank. The emails say that you must immediately verify your identity for security reasons and demand that you follow a link to a website to do so.Though the website may look a lot like a real company's, it's a trick to get you to enter credit card numbers, bank account information and/or your Social Security number. Scammers use this information to empty bank accounts, purchase cars and download music, among other things.
So take time to read your emails closely. If a message sounds urgent or threatening, contact the sender by phone, snail mail or a website you're sure is secure. Do not click the link in the email.
Demand Personal Greetings
Though they can make their way to your inbox, phishers' emails are rarely addressed to you by name. Anyone you do business with should not begin a letter with a generic greeting such as "Dear customer." Insist that email writers show they know who you are before you even think about trusting them.Know Good Business Practices
Any reputable business will not request personal information such as credit card numbers, bank account information, PIN codes or Social Security numbers through email. If you need to update your account information, do it in person or through a secure website, not in response to an unsolicited email.Check The Spelling
While they're growing more sophisticated by the minute, many phishers struggle with spelling and grammar. If an email requesting personal information has misspelled words or simply doesn't sound professional, chances are it's a scam.Update Your Web Browser
New security patches for your Web browser can help you recognize fraudulent websites, such as those that phishers encourage you to visit. Once you've downloaded a security patch, if you click a link claiming to lead to your bank's website, you'll be alerted if that link leads anywhere but your bank. This way, you'll know when it's not safe to enter your account number or PIN.As an extra security measure, install a Web browser toolbar that fights spam and scams. For example, EarthLink's free toolbar with ScamBlocker lets you know when you're about to visit a website that EarthLink has identified as a phishing scam.
Stay Current
First and foremost, make sure you request a free credit report each year from one of the three credit reporting bureaus (Experian, Equifax or TransUnion). Consider registering for news alerts or listservs about Internet scams, too.Also read up on the latest trends in phishing and identity theft. On the Web, the Department of Justice and the Federal Bureau of Investigation are good places to start.
Act Fast If You've Been Scammed
If you think you may have given personal information to an Internet scammer, you need to take action quickly. Alert the police, the Federal Trade Commission's identity theft hotline (1-877-438-4338) and your banks and credit cards. If possible, change your account numbers and PINs. Also contact one of the three credit reporting bureaus to request a free credit report and place a fraud alert on your account.If possible, forward a copy of the fraudulent email to the company its sender is imitating. That way, the company can help prevent phishers from targeting you--and others--in the future.