Saturday November 7 2009
Information and Technology Services
ITUAITUA :: Information Technology User Advocate at the University of Michigan
Your Rights & Responsibilities
Spam
File Sharing
E-Mail Groups & Listservs
Copyright
Viruses
Identity Theft
Scams
Network Security
ITUA Home
 ITUA

Phishing

Don't Get Hooked!

Also known as "carding," this is an advanced form of forged e-mail (spoofing).

An Internet scammer sends you a forged e-mail message that appears to be from a legitimate business, such as AOL, Microsoft, or a financial institution. The message states there is a problem with your account and directs you to a website in order to resolve the issue. While the website looks exactly like the real company's website, it is a forgery that the scammer controls. Information you submit—such as a password, an account number or credit card number—is sent to the scammer, and you are redirected to the legitimate website. You don't suspect a thing, but the scammer now has the information to become you when interacting with that company—your identity has been stolen.

To combat this con, the Federal Trade Commission has developed guidelines to avoid getting hooked.

Another excellent resource is the Anti-Phishing Working Group (APWG), an industry association focused on eliminating identity theft and fraud resulting from the growing problem of phishing and forged e-mail. Membership includes qualified financial institutions, online retailers, ISPs, the law enforcement community, and solutions providers.

Also see Forged E-Mail and Scams.