This webpage offers a way to safeguard yourself from phishing. Phishing is an online scam that uses a replica of a familiar webpage or email address to 'spoof' or fool you into submitting personal information--they fish for information. This scam is a variation on identity theft. It is also called brand spoofing because the perpetrators disguise themselves as a well-known company (eBay, PayPal and AOL have been spoofed). A scam aimed at Citibank clients is currently making the rounds but Citibank is addressing the issue on its webpage.
Watch out for
- unsolicited email that seems to be from a trusted, familiar source but asks for sensitive personal information like your Social Security number, credit card number or a PIN
- a link in email to you, labelled as a sender known you know, that sends you to a site other than the one it's claiming to be
- a link that that routes you to a very authentic-looking but bogus replica of a legitimate website and then requests personal information
Phish Fraud
An example demonstrating these deceptive techniques.
Protect yourself
- don't respond to unsolicited emails asking for personal information--call the company directly
- when you get a link in email, before you click on it, do a mouse-over (place your mouse over the link so that it's URL displays on the bar at the bottom of your browser window) to verify where the link really goes
- many websites require that you authenticate (identify yourself with a predefined user ID and password) before asking for sensitive personal information
- when you're asked to authenticate yourself, verify that you have a secure website connection (https and the lock icon at the bottom of the webpage)
- StudentLink and EmpLink require your NetID and password before you enter sensitive data
