Privacy Nonprofit Releases Five Rules to Detect and Avoid Phishing Scams
FRANCISCO, June 29 /PRNewswire/ — One of the more sinister and
increasingly prevalent methods of identity theft is the practice of
“spoofing” or “phishing,” involving the sending of e-mails that mirror
the appearance of a popular Web site or company in an attempt to commit
identity theft. Phisher e-mails claim to be sent by a legitimate
company and ask consumers to reply with personal information, such as
their credit card number, social security number and account password.
A June 2004 survey of 6,300 consumers conducted by the privacy nonprofit TRUSTe and the Ponemon Institute revealed that 76 percent of consumers consider identity theft their number one privacy concern.
response to the sharp increase in e-mail phishing, TRUSTe today
released five rules to help consumers detect and avoid phishing scams:
Be suspicious of urgent demands for information. Often spoofed e-mails
will make some form of urgent request. For example, the e-mail will
claim that your account will be terminated if you fail to confirm your
2. Look for misspelled words or
grammatical errors in the message and/or hyperlink. Blatant misspelled
words and/or grammatical errors are common in spoof e-mail scams.
Avoid e-mailing personal and financial information. Before submitting
financial or account information to a Web site, look for a third-party
privacy seal to ensure that the transaction is secure. Also avoid
volunteering private information like passwords or a personal social
4. Be watchful of general greetings. Many
spoof e-mails begin with a general greeting such as “Welcome eBay User”
rather than directly addressing the registered user by name.
Contact the company directly. If you have any doubts about an e-mail or
Web site, open a new browser and visit the company directly to verify
Web site. Don't be afraid to call customer service about an e-mail.
addition, TRUSTe encourages consumers to choose Web sites for online
commerce carefully. “Consumers should make purchases only from
companies that take identity threats seriously. We advise that
consumers work with companies that have taken steps to correct any
challenging situations and demonstrated their support by countering
cybercriminals engaged in phishing activities,” said Fran Maier,
president and executive director, TRUSTe.[ Privacy Digest]