|
|
DFFCU will never solicit personal, private information via email,
asking you to confirm or update your account information. |
What is "phishing"?
Phishing, pronounced "fishing", is the use of email and fraudulent Web sites to trick recipients into disclosing personal financial information that will be used for identity theft. The email usually contains a link directing the recipient to a spoofed Web site where they are then asked to update personal information such as credit card numbers, Social Security numbers, account names, passwords, and addresses. When users respond with the requested information, attackers can use it to gain access to the accounts.
How does phishing work?
Phishing, or email fraud, is accomplished through numerous emails messages. The emails appear to come from Web sites that the recipient is familiar with like legitimate banks or credit unions. The message may state a breach of security or a new operating system as a reason to "confirm" an account holder's personal information. Anyone with an email address is at risk of being phished.
Tips to avoid phishing attacks:
- Ignore unsolicited emails that asks you to submit personal information.
- Never use links embedded in an email. Because phishing scams use deceptive links, it is safer to type in the Web site address (URL) to reach the site that you want to visit.
- Be cautious about opening attachments or downloading files from email messages.
- Never send personal information via email.
- Delete all suspicious emails from your inbox.
- Look for a closed padlock at the bottom of your browser window, or a URL that begins with “https”--the “s” stands for secure.
- Validate the authenticity of the SSL certificate; double-click the "lock" icon to view the certificate.
- Keep your Internet browser and operating system up-to-date with the latest security patches and updates.
- Use anti-virus software and ensure that it is updated regularly.
- Report suspicious activity to the FTC at www.ftc.gov
|
