Save 10%  | Use Code: SAVE10 | Exclusions Apply

Email Phishing

Overview - What is Phishing?

Phishing (pronounced "fishing") is a type of malicious communication intended to trick consumers into revealing sensitive information such as personal or financial information such as social security numbers, bank accounts, credit cards or even passwords. Email is the most common tool used for phishing due to the low cost, ability to falsify the sender information, ability to send to large groups at once, and the potential for immediate response. Other modes of phishing that would be fraudsters have also used are browser pop-up windows, physical mailing and phone calls. Phishing emails often appear to come from legitimate companies such as banks, insurance companies, retailers or commonly used services. Varying techniques are used such as false "from" addresses, the use of identical branding such as banners or logos, or links and images designed to mimic the authentic style. This fraudulent communication is often an attempt to instill a false sense of urgency that is designed to provoke the recipient into taking immediate action. For example, they may say that the account has already been compromised and action is needed to prevent further damage or that the recipient needs to "update" or "validate" information to continue the service.

How to Contact about Fraudulent Emails

If you receive an email that seems suspicious or that you feel could be fraudulent, immediately forward it to [email protected] Do not remove the original subject line, or change the email in any way when you forward it to us. Please note that any submissions to this email address will result in an auto-generated reply to notify you that we have received your email. If we find it to be fraudulent, we will immediately take the appropriate steps.

If you suspect that you have already been the victim of a phishing attack, immediately change all your passwords and continue to monitor activity on those accounts.

We Protect Your Privacy and Personal Information

We take your privacy very seriously. In the event that our name is used in efforts to fraudulently obtain personal information or financial gain, we will work aggressively to halt those efforts. Additionally, it is important to know that we never send emails asking customers to provide their personal information, password, social security number, account numbers or other potentially sensitive information via email response.

How You Can Take Initiative To Protect Your Vital Information

One thing to be aware of is a common theme amongst phishing attacks: a false sense of urgency, which is intended to get you to take action immediately before you have time to assess the the situation properly. Don't fall for it! Before taking any action, consider carefully the whether the company or individual in question would have legitimately sent the request and why. If you are in doubt as to whether or not an email is legitimate, do not respond to it or click any links contained in the email even if it looks genuine. If you are worried that an account or service truly is in immediate danger, a safe alternative is to use your own contact information, or a 3rd party to obtain it and call the company yourself and ask if the request is legitimate. It is important not to use the information provided in the email when validating the request, as it may be another level of deception.

In all likelihood, phishing attacks will continue to become more sophisticated. For this reason, it is important to always think twice before you provide any sensitive information.

Fraud Protection Center

How Thieves Snatch Your Identity

To understand the concept of identity theft, it helps to understand what exactly the thief is trying to accomplish when doing so. Imagine all of the things you can do as an can open lines of credit, sometimes more than you could feasibly pay back yourself, you could make large and unnecessary purchases or you could obtain access to places and things that people with a criminal record could not. You most likely choose not to do those things because you know your limits or you are a responsible person with no criminal intentions. Now imagine that, upon stealing your information, someone can for all intents and purposes become you and make those choices on your behalf. You can see why a thief may want to use your credibility to their advantage. The amount of damage a thief can inflict in a very short amount of time can be astronomical. By the time you realize something has even gone amiss, the thief could be long gone with purchases made and services gained under your name and with potentially no consequence to themselves.

How Does Identity Theft Happen?

The following are a couple examples of how identity theft can occur. These are not the only ways thieves use to steal your information, but we've selected two very common tactics.

Dumpster Diving

Though it may sound strange, dumpster diving is serious. People could be lurking in your neighborhood, waiting for the opportunity to steal your sensitive information. Here is how this tactic works:

Imagine yourself sitting down to watch your favorite television show. A commercial comes on so you decide it's time to go through your mail and pay some bills. You write your checks, throw away the extra documents, take the trash out to the curb and go back to your show feeling that the task is complete. While you sleep, unbeknownst to you someone starts rifling through your trash finding those extra documents you threw away which could contain valuable pieces of information they can use to live large at your expense. They discover a wealth of information that can be used for fraudulent purposes: your name, address, phone number, utility service account numbers, credit card numbers, or even your Social Security number.

Protecting yourself from dumpster diving is not as hard as it may seem. One simple, effective way to thwart this kind of attack is to shred the documents before you throw them away. Another option is obscuring sensitive information with a permanent marker.

Information Highway Robbery

Your Internet Service Provider (ISP) sends you an urgent message requesting that you update the information they have on file (such as your name, credit card number, bank account number, etc.) by replying to the message or going to a specific web site. At first glance the message looks legitimate. The logos and graphics look genuine and the wording sounds official, giving you a sense of security. They want you to trust them. However, neither the message nor the web site you are taken to are from your ISP. They belong to a criminal who uses that false sense of security to have you willingly provide your information and use it to steal your identity.

Preserve Your Identity

There are few worse feelings than realizing you have been stolen from, it violates your sense of trust and security. By following these few simple guidelines you can avoid the issue all together, and save yourself the pain and hassle of dealing with the fallout:

  • Do not give out your Social Security number to people or companies that you don't know. Before disclosing any personal information, verify to the best of your ability that the party making the request is truly who they say they are. Find out why the information requested is required, and how it will be used.
  • Do not carry your birth certificate, passport, cards that display your Social Security number or unneeded credit cards in your wallet or purse, except when necessary.
  • Do not hold on to unneeded documents with personally identifiable information or account numbers. For example; credit card receipts, billing statements, or pre-approved credit offers should be shredded before you discard them.
  • Keep your personal information in a safe place at home or work such as a safe or lockbox.
  • Create a new, unique password and PIN for each account. Avoid using easily discovered information such as mother's maiden name, your date birth, or the last four digits of your Social Security number. Always use passwords on your banking and brokerage accounts.
  • Get a copy of credit report from the big three credit reporting agencies (Equifax, Experian and Transunion) at least once a year. Review these credit reports for any suspicious activity like new accounts or unwanted activity on existing accounts.