Phishing scams: Don’t take the bait! – National Consumers League

“Phishing” is when identity thieves try to trick you into providing your personal information by pretending to be someone they’re not. A phishing scam involves sending spam or pop-up messages to lure credit card numbers, Social Security numbers, passwords, or other sensitive information from Internet users.In phishing scams, ID thieves trick people into providing their Social Security numbers, financial account numbers, PINs, mothers’ maiden names, and other personal information by pretending to be someone they’re not. Follow this advice from NCL, and read our brochure about phishing, to avoid falling victim.

  • Watch out for “phishy” emails. The most common form of phishing is emails pretending to be from a legitimate retailer, bank, organization, or government agency. The sender asks to “confirm” your personal information for some made-up reason: your account is about to be closed, an order for something has been placed in your name, or your information has been lost because of a computer problem. Another tactic phishers use is to say they’re from the fraud departments of well-known companies and ask to verify your information because they suspect you may be a victim of identity theft! In one case, a phisher claimed to be from a state lottery commission and requested people’s banking information to deposit their “winnings” in their accounts.
  • Don’t click on links in emails asking for your personal information. They may lead you to fake versions of legitimate Web sites, where criminals hope you’ll hand over your personal information.
  • Never enter your information in pop-up screens. They may be planted on legitimate Web sites by identity thieves.
  • Beware of “pharming,” con artists secretly planting programs in your computer to hijack your browser and take you to phishing sites, even when you type in the Web address yourself!
  • Keep malicious messages and programs that could be used by phishers out of your computer with a spam filter, up-to-date anti-virus and anti-spyware software, and a strong firewall.

For more tips about phishing, go to