You are here: Information Center >> Internet >> Privacy and Security on the Internet >> Phishing

Phishing

"Phishing" for an individual's personal financial information has become a widespread Internet scam. The "phisher" uses e-mail and pop-up messages that look absolutely authentic to deceive consumers into giving out bank account information, Social Security numbers, credit card numbers, personal passwords or other sensitive information.

Typically, the person receives a "form" that looks exactly like one that would be prepared by their Internet service or another reputable company. However, ISPs and reputable companies have policies in place that prohibit asking for sensitive information over the Internet or via e-mail.

TIP: For information on how to avoid phishing scams and to see examples of illegitimate e-mails, go to www.microsoft.com/athome/security/e-mail/phishing.mspx.

How do I know if an e-mail is legitimate or a phishing scam?

You have no way of knowing, so do not respond if the author is unknown to you. E-mails with attachments are especially suspect and should be deleted immediately.

How do I report suspicious e-mails and pop-ups?

Forward e-mails that appear to be "phishing" for information to spam@uce.gov.

TIP: If you did give out information, file your complaint at www.ftc.gov. Since there is a high probability that you have become a victim of identity theft, go to the FTC's Identity Theft Web site at www.ftc.gov/bcp/edu/microsites/idtheft/ to learn how to minimize the damage.