Phishing attacks use spoofed emails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, data suggests that phishers are able to convince up to 5% of recipients to respond to them. As a result of these scams, an increasing number of consumers are suffering credit card fraud, identity theft, and financial loss.

Email spoofers are commonly trying to get the following information.

• Passwords or PIN numbers
• Credit Card Numbers or CCV codes (the 3-5 digits on the back of the card)
• ATM/Debit or Credit Card information
• Social Security Number
• Banking information (account number, routing number)

Always remember these basic tips when opening ANY email that is asking you to provide information

• No reputable financial institution will ever ask you for banking information via email
• Never respond to an email from a source you are not 100 percent sure of, when in doubt, call them.
• Never be afraid to call the company. If they want your information they should be able to take it over the phone
• Always check the authenticity of a website before you provide any of your personal information. You can do so by following the information below
• Never Click on a link in a suspicious email. You will often be taken to a website that looks real but isn't.
• Spoofed Email will often have a sense of urgency ("Your account will be closed" etc). They may also contain strange words or misspelled words to help then avoid SPAM software.

The vast majority of websites that are targeted are in the financial markets, followed by a few major online retailers.

• Citibank (Learn about email spoofs)
• US Bank (Email fraud information)
• Ebay (Privacy Information)
• Paypal (Protect Yourself from Fraudulent Emails)
• AOL (Privacy Policy)
• Suntrust Bank (important information about fraudulent email scams)
• Earthlink (Email Phising Alert)
• Wells Fargo (Fake Emails and Web Sites)
• Bank of America (Privacy Policy)

Unlike phishing attacks that hijack the brand of established e-commerce or financial institutions, these sites are posing as generic ecommerce sites. The user believes they are ordering legitimate products or applying for a legitimate mortgage. The most common fraud-based sites seen during July were fake loan scams, mortgage frauds, online pharmacy frauds, and fake online banking institutions.

• Truste (search for Truste seal holders)
  • TRUSTe is an independent, nonprofit organization dedicated to enabling individuals and organizations to establish trusting relationships. Founded by the EFF (Electronic Frontier Foundation)
• Thawte
  • Thawte is the second largest Certification Authority and provides a large number of the SSL certificates used on the e-commerce sites.
• Verisign
  • Verisign is the largest provider of SSL certificates and authority signing on the Internet.
• Better Business Bureau Online
  • The Better Business Bureau has authenticated almost 20,000 online retailers through their "BBBonline Seal" program. Consumers can search for companies on BBBOnLine's Consumer Safe Shopping Site.

• Antiphising.org
• Get Net Wise Internet Safety