What is a “Phishing” scam?

“Phishing” is an e-mail scam that attempts to trick consumers into revealing personal information - such as their credit or check card account numbers, checking account information, Social Security numbers, or banking account passwords - through fake Web sites or in a reply e-mail.

Typically the e-mails and Web sites use familiar logos and slick graphics to deceive consumers into thinking the sender or Web site owner is a government agency or a company they know.

Sometimes the phisher urges intended victims to “confirm” account information that has been “stolen” or “lost.”

Other times the phisher entices victims to reveal personal information by telling them they have won a special prize or earned an exciting reward.

Spotting a Phish

Spotting fraudulent emails is not always easy since criminals who use them are becoming more sophisticated when creating them.

If you receive a suspicious e-mail and suspect it could be fraudulent, please contact us immediately to verify the e-mail is genuine. While phishing e-mails can be quite sophisticated in appearance, the following features are often indicators. An e-mail could be a scam if it:

• Asks you to provide personal information such as your bank account number, an account password, credit card number, PIN number, mother's maiden name, or Social Security number.
   
• Fails to address you by your name.
   
• Warns that your account will be shut down unless you reconfirm your financial information.
   
• Warns that you have been the victim of fraud.
   
• Has spelling or grammatical errors.

How to Stay Safe

• Keep your computer software up-to-date. This includes your Web browser, virus scan software and firewall as well as other applications.
   
• Be cautious. View any e-mail request for financial information or other personal data with suspicion. Do not reply to the e-mail and do not respond by clicking on a link within the e-mail message.
   
• Don’t open e-mails or attachments from unknown sources. Be suspicious of any unexpected e-mail attachments even if they appear to be from someone you know.
   
• Go directly to the company website by opening a new browser window and type the web address.
   
• Report suspicious activity to the Internet Crime Complaint Center, a partnership between the FBI and the National White Collar Crime Center.
   
• If you have responded to an email, contact your bank immediately so they can protect your account and your identity. 
   
• Contact the actual business that allegedly sent the e-mail to verify if it is genuine. Call a phone number or visit a Web site that you know to be legitimate, such as those provided on your monthly statements.
   
• Do NOT send personal information (e.g. credit or debit card number, Social Security number, online passwords or PIN) in response to an e-mail request from anyone or any entity.
   
• Review your statements. Check your monthly statements to verify all transactions.
   
• Always log off the web site after you have submitted an application or concluded a secure online session (such as Online Banking).
   
• Be careful and selective before providing your e-mail address to a questionable Web site. Providing your e-mail address makes you more likely to receive fraudulent e-mails.
   

  For more information on phishing, visit the following: Federal Deposit Insurance Corporation, Federal Trade Commission, the Anti-Phishing Working Group, the National Consumers League,  the OCC Consumer Protection News and the OCC Consumer Complaints and Assistance Web site.