Phishing is in the news again. Get used to the word. You will start seeing it a lot. Simply stated, phishing is any attempt to gain access to your confidential and/or financial information, including such things as account numbers, credit card numbers and security codes, passwords, and so forth, under the guise of being a legitimate business. Phishing is never legitimate, and almost always an attempt to steal money from you in one form or another.
Here is the latest version.
In a Consumer Alert issued on February 26, 2014, the Attorney General issued a warning about a company that has been scamming customers nationwide. Reports are now coming in that the scam hit Washington consumers. The company, posing as a public utility, is e-mailing invoices for utility services provided to you. The invoices include notices that the bill is “due upon receipt” or “past due.”
Consumers are invited to view their latest invoice by clicking a link. The link, of course, will not provide you access to your invoice. Instead, it downloads a malicious malware or spyware that can interrupt the normal function of your computer, or mine your financial or other sensitive information.
The e-mails include such things as account numbers, billing dates, and the amount of charges supposedly due, or past due.
While phishing scams appear in a large variety based on the creativity of the thieves behind them, they share certain characteristics:
(a) Someone will contact you, usually by telephone or e-mail, claiming to be a representative of some legitimate vendor or service provider.
(b) They may give you information to boost your confidence that you are dealing with a legitimate party.
(c) They will need a little information from you to: (i) confirm that they are talking to an authorized party, or (ii) to enable them to log into their database, or (iii) any other excuse they devise to persuade you to give them information.
(d) If this is being done electronically, they will ask you to click a link in their e-mail to open your file, or account, or statement, or other information. Once you click the link, you embed in your computer malware or spyware that harms your computer or enables them to gain information held on your computer.
(d) Once you have trusted them a little, they may ask for more sensitive information, such as your credit card number, security code, Social Security Number, password, or any other confidential information they happen to need to complete the scam.
(e) Once they have your information, the theft is virtually completed.
If you receive such calls, refuse to give information to the caller, and hang up. If the contact comes electronically, immediately delete the e-mail. DO NOT CLICK ANY LINKS IN THE E-MAIL.
If you have questions about your account with a vendor or service provider, contact the vendor or service provider directly.
For additional information, you may contact this firm, or visit the Attorney General’s website at: http://www.atg.wa.gov/InternetSafety.aspx.