Here are a few of the tips the Federal Trade Commission suggests to help avoid getting hooked by a phishing scam:
- If you get an email or pop-up message that asks for personal or financial information, do not reply. And don't click on the link in the message either. Legitimate companies don't ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company's correct Web address yourself. In any case, don't cut and paste the link from the message into your Internet browser -- phishers can make links look like they go to one place, but they actually send you to a different site.
- Don't email personal or financial information. Email is not a secure method of transmitting personal information.
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer's security.
- Forward spam that is phishing for information to firstname.lastname@example.org and to the company, bank or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.
- If you believe you've been scammed, file your complaint at ftc.gov, and then visit the FTC's Identity Theft website at www.consumer.gov/idtheft. Victims of phishing can become victims of identity theft.