TIPS TO AVOID PHISHING SCAMS
While online banking and e-commerce is very safe, as a general rule, you should be careful about giving out your personal financial information over the Internet.
- Be suspicious of any email with urgent requests for personal financial information. The email may include upsetting or exciting (but false) statements to get you to react immediately and will ask for information such as usernames, passwords, credit card numbers, social security numbers, etc.
- Don't use the links in an email to get to any web page. Instead, call the company on the telephone, or log onto the website directly by typing in the Web address in your browser.
- If you need to update your information online, use the normal process you've used before, or open a new browser window and type in the website address of the legitimate company's account maintenance page.
- If a website address is unfamiliar, it's probably not real. Only use the address that you have used before, or start at your normal homepage.
- Avoid filling out forms in email messages that ask for personal financial information.
- Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser.
- Most companies require you to log in to a secure site. Look for the lock at the bottom of your browser and "https" in front of the website address.
- Take note of the header address on the website. Most legitimate sites will have a relatively short Internet address that usually depicts the business name followed by ".com," or possibly ".org." Spoof sites are more likely to have an excessively long string of characters in the header, with the legitimate business name somewhere in the string, or possibly not at all.
- Regularly log into your online accounts.
- Regularly check your bank, credit and debit card statements to make sure that there are no non-authorized transactions. If anything looks suspicious, contact your bank and all card issuers.
- Ensure that your browser is up-to-date and security patches have been applied.
- Always report fraudulent or suspicious emails. Reporting instances of spoofed websites will help get them shut down before they can do any more harm.
- If you have any doubts about an email or website, contact the legitimate company directly. Make a copy of the questionable website's URL address and, send it to the legitimate business to ask if the request is legitimate.