Phishing refers to the deceptive practice of sending an email that appears to be legitimate from a reputable source. It may contain real information, including a company logo and branding, or even personal information gleaned from social media. These emails urge you to take action – e.g., click on a link, open an attachment or respond to a message. Phishing can lead to fraud and to malware infection.
Phishing attempts typically:
- Pretend to be from banks and other financial institutions that process payments or individuals with an offer that’s "too good to be true"
- Appear convincing due to copycat logos, fonts and other graphic elements
- Include a link to an illegitimate webpage where you’ll be asked to enter your personal or account information. Phishing attacks may also occur over the phone.
Malware is malicious software that is installed on your computer, smartphone and other devices without your authorization. Malware typically collects information about you — the passwords you use, the websites you visit — simply by watching you type or surf the Web. Malware may also take over your computer and send emails you didn’t write or spread computer viruses.
Malware is typically installed through:
- Websites that attack computers with out-of-date operating systems or antivirus software
- Links in pop-up ads
- Shareware and other downloadable software
- Deceptive security software offers
- Links in phishing emails
Computers with malware may:
- Operates slowly
- Be inundated by pop-ups
- Redirect users to URLs different from those entered
- Include unknown toolbars and icons
- Displays out-of-the-blue error messages
If your clients suspect their computer has been infected with malware, they should take the necessary steps to remove the unwanted software from their computer.
Identity theft involves the impersonation of an individual through the fraudulent use of their personal and account information — e.g., driver’s license, Social Security number, bank account and other numbers, as well as usernames and passwords.
Identity thieves obtain information in a number of ways:
- From the trash
- By stealing mail, purses and other personal items
- By copying credit card or other information during a transaction
- Through phishing attacks
- By submitting false address changes
More information on identity theft and protecting your clients’ identity can be found at these websites:
- U.S. Postal Inspection Service: https://postalinspectors.uspis.gov
- The Federal Trade Commission: http://www.consumer.ftc.gov/topics/privacy-identity
- The Federal Deposit Insurance Company: https://www.fdic.gov/consumers
Learn more about fraud and how you can spot it at OnGuardOnline.gov.