Your Life And Privacy
Most identity theft occurs the oldfashioned way: a thief snatches your wallet, goes through your mail to steal your credit card and other financial statements, or “dumpster dives” into your trash for your personal information.
Identity theft can also occur via your computer, when personal information you gave out online, such as your date of birth, address, Social Security number, telephone numbers or passwords, is used by a thief in your name. The thief can use this information to apply for a loan, credit, rent an apartment, drain your bank account, buy a flat screen TV, or to sell to other criminals for their use.
There are many online scams that can result in identity theft. One common method is called “phishing.”
Phishing is a type of email fraud. A scammer sends you a legitimate-looking email that appears to come from a well-known and trustworthy website, generally financial in nature, like a bank or PayPal or even eBay. In an attempt to gather your sensitive personal information, the fraudulent mail will contain a message urging you to click on a link to provide the information or conduct a financial transaction. For example, the email may claim that an institution is going through its customer records and wants to verify the proper spelling of your name or your address, or that PayPal wants to confirm the credit card number it has on file for you.
If you click on the link contained in the scam email, it will take you to a site that looks legitimate, just like the real site. However, any information that you transmit will go directly to the “phishers” -- the criminals whose goal is to trick you to click on links in the email to transmit your information. If you do this, any personal information you give out, like bank information, credit card numbers or passwords, will go directly to the phishers.
“Spear-phishing” is a personalized form of phishing where a specific individual is the target. In these attacks, scammers will use information they have about you to trick you into divulging your private information. For example, a spear-phisher with knowledge that you have an account at a particular bank might send you a phishing email that appears to come from this institution.
To avoid becoming a phishing victim, be cautious about all emails you receive, including those that appear trustworthy. A legitimate institution will never ask for your sensitive information via email. If you think an email might be legitimate but you aren’t sure, call the institution at a phone number you get from a trusted source, like the back of your banking card or the organization’s website.
Never click on a link in an email you are not sure about, even if you do not intend to send personal information through the site. If you click on a link in a scam email, you could end up downloading malware, like spyware or other tracking software, on your computer.