Security Information

Phishing - A High Tech Identity Theft With A Low Tech Solution

Have you ever got an email asking you to confirm your account information from a bank or a company that you have never done business with? The email looks official and it even has a link that appears to take you to the company's website. The email you have received is actually from an identity thief. These crooks are hoping people that have an account with the business will click on the link and submit their account information for verification purposes. These thieves are phishing for account information. Phishing is a sophisticated way to lure you to phony websites where you voluntarily surrender your passwords and account information to identity thieves without realizing it.

These types of emails often threaten you. You must take action within a limited time or the consequences will be dire. Some AOL customers received a phishing email stating if they did not verify their account information within 24 hours, their service would be terminated. Other phishing emails will state your account has been flagged or has a problem and the account information needs to be verified. We received an email for Pay Pal that stated our account had been flagged and we needed to verify our account information. The identity thieve was lucky. We do have an account with Pay Pal. We open the email and it appeared to be an email from Pay Pal. We click on the link and it took us to The site looked Pay Pal's website. The web page was asking for our account information for verification purposes. We knew right away it was a phony because our Pay Pal account was opened with another email address. This particular site has been shut down, but doesn't mean the identity thieve was caught. You could receive a phishing email from the same thieve tomorrow. What can you do to avoid such a trap?

First, realize reputable companies will never send you an email asking you to confirm your account information. The email will look authentic and this may cause you some concern. If this is the case, you can always call the company and ask about your account. An alternative to calling is checking your account online. Do not click on the link in the email. Log completely out of your email and open another window and type in the company's web address to verify your account.

You're probably thinking why would you want go to the trouble to close your email and open another browser window. The link in the email is a cloaked redirection link that will take you to another website that is not associated with the company. A cloak link will show you the correct web address when you move your mouse over it. If you do click on that link, the web address, or URL, will be similar to the company's address, but it will not match exactly. The website will look just like just like you expect it too look. The web page will ask for your account information. You're just one click away from submitting your account information to the identity thieve. We went to the actual Pay Pal website and, sure enough, our account was ok.

Identity thieve have been known to attach a file to a phishing email. The attachment contain a program to transmit your personal information on your hard drive to the identity thieve. You will never know the program has been installed on your computer. Never open an email attachment unless you specifically requested it and are expecting an email with an attachment. The phishing email may be from someone you know. His or her computer could be infected with a virus that sends email to everyone in his or her address book. Delete the emails with attachments without opening the email.

Finally, if you get an email that is phishing for your information, forward it to If you know how open the email headers, cut and past that information into the email to help the FCC track down these identity thieves.

George Burks of has offered a biweekly mortgage payment plan with no enrollment fees since 1999. His interest in financial topics is varied and includes identity protection. Please visit our financial library.

could not open XML input