Sunday, February 15, 2015

Phishing Scams: It's that time of year again

It's tax time again and while some of you may be expecting a refund, many of us may not be expecting fraudsters trying to use the IRS to get personal information. It is at this vulnerable time that online intruders try to play on taxpayers' anxieties by using the IRS to victimize them.

Ploys and sinister strategies abound, but the most commonly repeated offense is the use of government looking emails sent to unsuspecting taxpayers asking them to login to a site and fix an account problem. While this isn't only limited to taxes and the IRS, now is the perfect time to learn how to avoid being conned.

The first thing you should know is that any institution - financial or governmental - will never email you a request to logon to an account. It violates privacy laws and contradicts what these institutions should be in the business of doing - protecting customers. That being said, you should and must familiarize yourselves with phishing scams used to trick consumers into offering their private info. Secondly, never click on any link within the email unless you know with absolute certainty that it is legitimate. And I'll repeat: Any email from a government or financial agency asking you to login to your account is not legitimate.

What is a phishing scam? It's when online intruders send false emails to consumers pretending to be a business. The purpose of the email is to con you into giving up personal account information.
Examples of phishing emails will include statements to login to your account and verify your identity or personal information, or to confirm a suspicious transaction.

If you receive an official looking email asking you to login to an account, follow these steps:

1.  Do not reply to the email. While some security experts suggest you delete the email, it's a bad call. Businesses will ask you to forward the email to their online security team for review. Don't click on any links or call any of the provided phone numbers either.

2.  If the email claims to be from the government, visit the directory and find the contact information of that specific agency. Call and ask questions, but most importantly, explain the reason behind your phone call and ask for a confirmation. Visit for the complete list. If the email purports to be from your financial institution, call them from the numbers you have on hand, as opposed to anything listed on the email.

3.  Forward any tax related fraudulent emails to the IRS.

How to avoid receiving phishing emails:

1.  Keep your computer virus scanners updated and current.

2.  Don't email or text your personal information to anyone, unless it's encrypted or password protected.

3.  Review credit card and bank statements periodically to identify any suspicious activity.

4.  Be careful clicking on any links or attachments in emails regardless of who sent them.

5.  Only login to banks and credit card accounts that have an https internet address. The "s" stands for security and while it's not an absolute protection against online fraud, it does serve a purpose in protecting consumers against some vicious internet attacks.

No comments:

Post a Comment