IQ: Consumer Education at Educators

Welcome to IQ.

IQ is a unique and powerful consumer information program for Educators members. Remar Sutton, a nationally known consumer advocate, has partnered with Educators to create IQ and to serve as your "member consumer spokesperson." Here's a message from Remar about IQ.

Fraud & Privacy Rights

 

Protecting Your Money, Personal Information, and Your Identity

Phishing and Pharming for Your Personal and Financial Information

What is phishing (pronounced fishing)? These are scams that are trying to steal your personal and financial information. Phishing has primarily been online in the form of email or pop-up messages but can also occur over the phone or through the mail.

Phishers impersonate legitimate financial institutions—banks, credit unions—and businesses. The phishers cast a wide net that's bound to find persons that do business with the impersonated financial institution or company.

Email and pop-up messages may have a link to click or a phone number to call. In the case of a link, it usually goes to a fake website that mimics a legitimate site.

"Spear-phishing" is a phishing scam that is targeted to a specific, usually small, group. These emails may contain (or seem to contain) personal or confidential information and seem to come from a trusted person such as a boss, friend, or family member.

Take the SonicWALL Phishing and Spam IQ Quiz to see how savvy you are about these scams. This test shows how hard it is to distinguish between a real and a fake message.

Here are some tips to avoid being caught by a phishing scam.

  • Reputable companies and financial institutions, like your credit union and bank, NEVER, EVER send e-mails, make phone calls or send letters asking for personal information and account number information they already have on file. Always be suspicious of any request for information that comes from an unsolicited e-mail or phone call. When you initiate the contact (online or by phone) with your bank or a reputable merchant, you may provide information to purchase merchandise or handle your account.
  • If you want to make sure this is a scam or if you think the email, phone call or letter might be genuine, simply call your financial institution, using the number on your statement or that you looked up in the phone book, and ask if they sent the email, letter, or made the phone call.
  • Never include account numbers and passwords in an email message.
  • Never call the phone number in an email or left on your answering machine. Use the phone number listed on a recent statement.
  • Report the scam to the company, using the customer service number or website address from a recent statement. You can send the actual spam to the FTC at spam@uce.gov.
  • NEVER click on links in these sorts of emails.
  • Never enter personal or financial information in a pop-up window. Some forms of phishing use a pop-up window on a legitimate site.
  • Protect your computers by using a firewall, anti-virus and anti-spyware software and spam filters.

Malicious software installed on your computer can also "phish" for your information. The malicious software may monitor a user's keystrokes looking for usernames and passwords for specific sites or the software may misdirect the user (using various techniques) to fake websites or the software may cause the user's information to be sent to a legitimate site but through a computer that can collect the user's information.

Pharming is similar to phishing but much harder to detect. It works like this. Scammers create a fake, malicious website that looks like the site of a real company. Then these criminals "hijack" your browser through malicious software on your computer or Domain Name System (DNS) poisoning and send you to the fake site.

Using a toolbar such as Netcraft, TrustWatch, or Earthlink (all work with Internet Explorer and Firefox) or the Opera browser that displays the location of the site's host can be helpful in avoiding phishing and pharming scams. Internet Explorer 7 and Firefox 2 & 3 include antiphishing features (but you must turn them on).

Want to test your Phishing knowledge? Then take the quiz: Phishing Scams — Avoid the Bait. It's from OnGuardOnline.

 

 

Prepared by Remar Sutton and Associates and licensed to Educators Credit Union. Copyright 2007. All rights reserved.


IQ links to sites provided by a variety of sources. We review sites for credibility and reliability, but IQ, of course, can't control advertising and other links on these sites. We advise ignoring pop-up ads, links to sales of products or services, and the like.