Phishing (fish-ing) attacks use both social engineering and technical means to steal customers' personal identity data and financial account information. Phishers use emails to lead customers to fraudulent websites designed to trick them into divulging financial information such as credit card numbers, account usernames, passwords and social security numbers. They often make it sound as if dire consequences will happen if you don't act quickly.
- Never give out personal financial information through an email or over the phone. Banks will NEVER ask you to verify personal information in an email as email is not a secure means of transmission.
- Be suspicious of any email with urgent requests for personal financial information. Phishers typically make it sound that is is urgent for you to react to the email. Phishing emails are not usually personalized, while valid messages generally are.
- Don't use links in an email to get to any web page. These links usually are directing you to a counterfeit website used to gain personal information.
- Avoid filling out forms in email messages that ask for personal financial information. You should only communicate information such as credit card numbers or account information via a secure website or over the telephone if you have called the company.
- Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser. To make sure the Website is secure check the beginning of the Web address in your browsers address bar. It should begin with "https" rather than just "http". You will also see a padlock on the bottom of your browser screen.
- Always report any suspicious emails you receive from your Bank. If you have responded to an email that you think was fraudulent, contact your Bank immediately.