Phishing: Reduce Identity Theft

by Michael Organ

"Phishing" is a powerful weapon used by technology-savvy identity thieves to steal a victim’s account information and then their money. The weapon takes the form of phishing emails, which are sent out by the millions every day over the Internet. Every year, more than 9 million Americans--young, middle-aged, and elderly--are victims of identity theft.

The annual cost of identity theft in 2007 was $49.3 billion, according to The Privacy Rights Clearinghouse. And while many consumers are now careful to avoid identity theft by shredding paper account statements before throwing them in the garbage, phishing emails could represent a far greater threat.

Here's how phishing works:

A potential victim receives an email from what looks like a well-respected company. (Phishers often spoof the identity of larger companies, such as Visa, eBay, and PayPal, not because the thieves know that you have an account with them, but because there is a good chance that you do.)

The phishing email will generally alert you to some "questionable activity" surrounding your account, and then "as a precaution", you are prompted to click on a link that is supposed to take you to the spoofed company's official website where you can update your security information. This is usually followed by a claim that if you do not comply, your account will be deactivated or canceled.

However, this link in the phishing email will usually route you to a Trojan horse website with similar logos and seemingly official information, to make you believe it is real. Once at the Trojan horse website, you are prompted to enter your user name and password. At that point, you have generally compromised yourself, your information, and if you're unfortunate enough, your finances.

Companies like eBay and PayPal work hard to combat this phishing threat. PayPal, for example, dedicates several website pages to information about phishing and what to do if you are concerned about the legitimacy of an email. If you are uncertain about the validity of an email, PayPal urges you to “Forward the entire email to spoof@paypal.com; do not alter the subject line or forward the message as an attachment; and delete the suspicious email from your email account. We’ll send you an email response to let you know if the email is indeed fraudulent In the meantime, don’t click on any links or download any attachments within the suspicious account.

Educate other computer users to recognize email attempts to steal their identity.
Help other computer users install and use antivirus, anti-spyware, and firewall software and show them how to update them regularly.
Report phishing emails.

After receiving your identity theft alert, reputable companies will try to shut down the phishing site almost immediately. To assist with that effort, forward the entire phishing email to the spoofed company's security team.

Here's how to reach some of those security teams:

PayPal: spoof@paypal.com

eBay: spoof@ebay.com

American Express: Anti.Phishing.Team@aexp.com

To learn more: The Anti-Phishing Working Group and OnGuard Online provide further information on how you can prevent phishing and identity theft.


Home > How to Make a Difference in 15 Minutes > Phishing: Reduce Identity Theft
	Phishing: Reduce Identity Theft by Michael Organ "Phishing" is a powerful weapon used by technology-savvy identity thieves to steal a victim’s account information and then their money. The weapon takes the form of phishing emails, which are sent out by the millions every day over the Internet. Every year, more than 9 million Americans--young, middle-aged, and elderly--are victims of identity theft. The annual cost of identity theft in 2007 was $49.3 billion, according to The Privacy Rights Clearinghouse. And while many consumers are now careful to avoid identity theft by shredding paper account statements before throwing them in the garbage, phishing emails could represent a far greater threat. Here's how phishing works: A potential victim receives an email from what looks like a well-respected company. (Phishers often spoof the identity of larger companies, such as Visa, eBay, and PayPal, not because the thieves know that you have an account with them, but because there is a good chance that you do.) The phishing email will generally alert you to some "questionable activity" surrounding your account, and then "as a precaution", you are prompted to click on a link that is supposed to take you to the spoofed company's official website where you can update your security information. This is usually followed by a claim that if you do not comply, your account will be deactivated or canceled. However, this link in the phishing email will usually route you to a Trojan horse website with similar logos and seemingly official information, to make you believe it is real. Once at the Trojan horse website, you are prompted to enter your user name and password. At that point, you have generally compromised yourself, your information, and if you're unfortunate enough, your finances. Companies like eBay and PayPal work hard to combat this phishing threat. PayPal, for example, dedicates several website pages to information about phishing and what to do if you are concerned about the legitimacy of an email. If you are uncertain about the validity of an email, PayPal urges you to “Forward the entire email to spoof@paypal.com; do not alter the subject line or forward the message as an attachment; and delete the suspicious email from your email account. We’ll send you an email response to let you know if the email is indeed fraudulent In the meantime, don’t click on any links or download any attachments within the suspicious account. Educate other computer users to recognize email attempts to steal their identity. Help other computer users install and use antivirus, anti-spyware, and firewall software and show them how to update them regularly. Report phishing emails. After receiving your identity theft alert, reputable companies will try to shut down the phishing site almost immediately. To assist with that effort, forward the entire phishing email to the spoofed company's security team. Here's how to reach some of those security teams: PayPal: spoof@paypal.com eBay: spoof@ebay.com American Express: Anti.Phishing.Team@aexp.com To learn more: The Anti-Phishing Working Group and OnGuard Online provide further information on how you can prevent phishing and identity theft.	Remove Yourself from Junk Mail Lists Phishing: Reduce Identity Theft Promote Reading: Share Books Share "The Drunk Driving Poem" Avoid Antifreeze Poisoning more volunteer ideas ... Guide "Aged-Out" Foster Care Teens to Become Productive Adults Donate Cord Blood Prevent Teen Suicide: Distribute Yellow Ribbon Cards Reduce Global Warming more volunteer ideas ... Save Sea Turtles and Sea Turtle Habitats Save Vanishing Wetlands Turn Deforestation Into Reforestation Improve Children's Dental Health Cultivate Music Appreciation Among Children more volunteer ideas ...
Home Make a Difference in 15 minutes in a few hours on a volunteer vacation Volunteer Opportunities animal welfare helping children community development environmental protection health & safety poverty & homelessness Motivate Yourself Promote Volunteerism donate corporate citizenship Press Room About Charity Guide
	Terms of Use.Copyright © 2005-11 Charity Guide