Phishing e-mail messages are designed to steal your identity. They ask for personal data, or direct you to Web sites or phone numbers to call where they ask you to provide personal data.

Phishing e-mail messages take a number of forms:
* They might appear to come from your bank or financial institution, a company you regularly do business with, such as Microsoft, or from your social networking site.
* They might appear to be from someone you know. Spear phishing is a targeted form of phishing in which an e-mail message might look like it comes from your employer, or from a colleague who might send an e-mail message to everyone in the company, such as the head of human resources or IT.
* They might ask you to make a phone call. Phone phishing scams direct you to call a customer support phone number. A person or an audio response unit waits to take your account number, personal identification number, password, or other valuable personal data. The phone phisher might claim that your account will be closed or other problems could occur if you don’t respond.
* They might include official-looking logos and other identifying information taken directly from legitimate Web sites, and they might include convincing details about your personal information that scammers found on your social networking pages.
* They might include links to spoofed Web sites where you are asked to enter personal information.

Here are a few phrases to look for if you think an e-mail message is a phishing scam.

“Verify your account.”
Businesses should not ask you to send passwords, login names, Social Security numbers, or other personal information through e-mail.
If you receive an e-mail message from Microsoft asking you to update your credit card information, do not respond: this is a phishing scam.

“You have won the lottery.”
The lottery scam is a common phishing scam known as advanced fee fraud. One of the most common forms of advanced fee fraud is a message that claims that you have won a large sum of money, or that a person will pay you a large sum of money for little or no work on your part. The lottery scam often includes references to big companies, such as Microsoft. There is no Microsoft lottery.

“If you don’t respond within 48 hours, your account will be closed.”
These messages convey a sense of urgency so that you’ll respond immediately without thinking. A phishing e-mail message might even claim that your response is required because your account might have been compromised.

Share on Facebook

Phishing is a type of deception designed to steal your valuable personal data, such as credit card numbers, Windows Live IDs, other account data and passwords, or other information. It is also known as identity theft, and is a type of social engineering.

You might see a phishing scam:
* In e-mail messages, even if they appear to be from a coworker or someone you know.
* On your social networking Web site.
* On a fake Web site that accepts donations for charity.
* On Web sites that spoof your familiar sites but that use slightly different Web addresses, so you won’t notice.
* In your instant message program.
* On your cell phone or other mobile device.

Often phishing scams rely on links in e-mail messages, on Web sites, or in instant messages that seem to come from a service that you trust, like your bank, credit card company, or social networking site.

Tip: To see updated examples of popular phishing scams or to report a possible phishing scam, visit the Anti-Phishing Working Group Archive.

The purpose of social engineering is usually to secretly install spyware or other malicious software or to trick you into handing over your passwords or other sensitive financial or personal information.

Share on Facebook