Phishing Fraud involves the sending of fraudulent emails or making telephone calls to a person which will cause the recipient to respond to the email or phone call with personal data. This personal data usually involves soliciting Credit or Debit Card numbers and their associated PINs, User IDs and Passwords for access to On-line Payment Systems, and other helpfull information when planning to steal someone's ID or to use this info for fraudulent Credit or Debit Card transactions, or fraudulent On-Line Transactions using IDs and Passwords.
A typical email will purportedly be from your bank, credit card issuer, or an on-line payment system. They will tell you that something has changed, or they have discovered someone trying to use your ID for a transaction, or that they want you to verify a transaction that you have made. They will then ask you to enter all of your security info so that they can verify that you are the one that did whatever they are saying that you did.
The Information requested via the email or telephone will usually include most of the following:
- Card Number
- Expiration Date
- Three digit number from the back of the card (CVV#)
- User ID
- Mother's Maiden Name
- Your Name
- Your Social Security Number
- Your Address
- etc., etc.
Once you provide this info, the person sending you the fraudulent email or the fradulent phone call has all the information they need to use your card for their transactions or to make all kinds of on-line transactions.
Treat all of the above information with great care and only provide it when you have initiated the transaction. Do not ever give this information to someone who calls or emails you and starts asking questions about this confidential information.
If someone calls you requesting this kind of personal information - do not give it to them. Ask them who they are representiing and if you have a relationship with the card company or the financial institution they say they are representing then hang up with them and call the number on the back of that card or call the financial institution using the number that you usually use when talking to them. You need to initiate any transactions over the telephone by calling a number that you know goes to the card issuer or the financial institution.
The same thing is true for phishing emails. Do not respond to a phishing email. If you need to test the validity of an email do not go to the site that they provide or enter any personal information that they request. You need to initiate any response that you feel is required by going to the website or email address that you would normally use to contact the company in question and initiate the appropriate action to see if the email you received is valid.
Be Alert - Be Careful - Recognize that once a fraudster has your personal information they can use it to assume your identity and conduct business as if they were you.