Learn how to protect yourself online from those attempting to gather your personal information to use for criminal purposes.

“Phishing” means using emails that look like legitimate communications from reputable businesses in order to steal credit card numbers, login IDs, passwords, and personal account data. Phishing may also be used to infect your computer with viruses and malware.

These fraudulent emails often use fear to trigger you to action, such as telling you that if you do not respond, you will lose access to your account or telling you that your account has been hacked and you need to action to remedy it. Do not be taken in by this! Know that legitimate companies do not use email to alert you to problems like this.

Be suspicious if an email asks you to provide valuable information about yourself or to “verify” information that you previously provided when you established your online account. Above all, do not click on any links provided in the email. These links will direct you to “spoofed” websites that look very legitimate but are, in fact, copycats, and any information you provide will be likely be misused.

Be alert to phishing scams on your cell phone as well. Recently, many iPhone users received a pop-up warning text that a third party application had crashed their operating system and were given a phone number to call support, where they were asked for credit card information in order to pay to fix the problem.

How to protect yourself from phishing:

• If you have any suspicions about an unsolicited email, just hit the delete key. Do not open any attachments, and do not click on any of the links in the email.
• Even if you believe the email is legitimate, do not click on the provided link. Access the company’s website directly by typing a known address into the URL or doing your own online search.
• If you are in doubt about the legitimacy of the email, you can always call the company’s customer service number to ask if they sent it. Make sure you use a legitimate phone number and not the one provided in the email.
• Examine the URL in the address bar of the website. A secure address will include a closed padlock icon as well as a URL that begins with “https” instead of just “http.” If you see words in the address like “verify,” “account process,” or “update,” beware! This is not a legitimate website!
• Keep your computer software current with the latest security updates. While most operating systems will prompt you to update when new software is available and may even download the update, it will not be installed automatically. You must do it yourself.

If you think you have been phished:

• Tell the company right away, and if necessary to protect your finances or other sensitive information, close the account.
• Change your passwords for any accounts that may have been compromised.
• Report the suspicious email within your email program by selecting the appropriate menu option.
• Monitor your accounts for fraudulent activity. You may also wish to place a fraud alert on your credit report.