Phishing, in short, is the attempt to trick you into giving away personal information about yourself by pretending to be a company you would ordinarily trust.
What Kind of Personal Information?
Phishers look for all kinds of information useful in stealing your identity. In particular, a phisher may be hunting for:
- Social Security Numbers
- Credit Card Numbers
- Account Numbers
- Customer IDs
- Web Site Logins
- Access Codes
Even something as simple as your address or telephone number could be useful to a phisher; information pieced together over time can be used against you. If a phisher can determine your address one day, your birthday the next, and your phone number on a third day, they could potentially open up an account of some kind in your name.
It’s important to guard all your personal information, not just the obvious stuff.
How Does Phishing Work?
Phishing usually happens one of two ways – by phone or by email.
Phishers sometimes use the phone, posing as customer service reps of your credit union, utility company, or service provider and asking for information such as account numbers or passwords. These guys may appeal to your sense of fear by threatening urgent and unpleasant consequences. Alternatively, they may appeal to your Good Samaritan side by making you think you’re doing the person a favor. Don’t fall for this act; no business should ever call to ask for your personal information.
Phishing by email works in a similar fashion. You may get an email claiming to represent your credit union or online merchant like eBay or Amazon. Usually, the email asks for some kind of account confirmation and provides a form to fill out or link to click. Again, these emails often carry a sense of urgency and dire consequences to try to get you to act rashly. Businesses should never email you to collect personal information.
What If the Business Needs that Info?
They don’t. Your credit union doesn’t need your account number – it already has it. The credit union doesn’t need your passwords, either; they already have access to your accounts. EBay, Amazon, your utilities and credit cards already have your information on file too. The only people who don’t have your info are the people who shouldn’t have it.
Phishing is a very profitable crime. Between May, 2004 and May, 2005, it’s estimated Americans alone lost $929 million dollars to phishing.
With this in mind, it’s no wonder phishing is no longer the effort of just a few guys sitting in their basements. Phishers have been linked to organized crime and other criminal organizations across the globe from Brazil to Russia to China.
No pressure, but ex-KGB agents are very interested in your checking account.