The word "Phishing" is used to describe a type of identity theft by which scammers use fake Web sites and e-mails to fish for valuable personal information from consumers. The FBI also is calling it the most troubling scam on the web. Even the FDIC's good name was used fraudulently in a phishing scheme. Don't Take the Bait.
In the typical phishing scam, you receive an e-mail supposedly from a company or financial institution you may do business with or from a government agency. The e-mail describes a reason you must "verify" or "re-submit" confidential information such as bank account and credit card numbers, Social Security numbers, passwords and personal identification numbers (PINs) using a return e-mail, a form on a linked Web site, or a pop-up message with the name and even the logo of the company or government agency.
Perhaps you're told that your bank account information has been lost or stolen or that limits may be imposed on your account unless you provide additional details. If you comply, the thieves hiding behind the seemingly legitimate Web site or e-mail can use the information to make unauthorized withdrawals from your bank account, pay for online purchases using your credit card, or even sell your personal information to other thieves.
"These thieves are very good at convincing you that you are receiving a legitimate message or using a Web site from a trusted source," says Michael Benardo, a manager in the FDIC's Technology Supervision Branch.
While federal and state laws and industry practices generally limit dollar losses for unauthorized transfers from accounts, if an ID thief uses your name to commit fraud you are likely to spend sometimes hundreds or thousands of dollars correcting your credit files or otherwise defending yourself. Therefore, it's very important to be on guard against phishing scams and other types of Internet fraud.