Teach a man how to phish, and you feed him your identity

Phishing is a new form of identity theft that frequently occurs on the web.  The term refers to baiting techniques implemented by a criminal to fish personal information out of an unsuspecting user.  The purpose is to use this information to commit identity theft and other types of fraud.  

How Phishing Works

Phishing typically originates via email or a fraudulent website.  More often than not, the design will resemble well known, trusted companies, financial institutions or government services.  This makes it much easier for a criminal to persuade a user out of sensitive information, such as bank account information or usernames and passwords. 

In most cases, a phishing scam originating from an email will contain false statements intended to alarm the recipient.  The sender may give the impression that the recipient is at the immediate risk of having their bank, credit card or financial accounts compromised.  Other phishing attempts may falsely state that the recipient's credit card was declined or is being used by another individual. 

One live example of phishing revolved around a mass email campaign that occurred in the summer of 2004.  The messages advised consumers of a prominent Canadian institution to provide their personal information because of technical difficulties.  Of course, these emails were not distributed nor authorized by that particular financial institution. 

A phishing email can also promise a gift or other incentives to recipients.  While the message may appear rewarding, the purpose remains the same: to persuade the unknowing into disclosing personal and financial data to aid in the act of identity theft. 

Criminals who distribute phishing emails rely on the hope that some of their recipients may actually have a relationship with the legitimate business they are portraying.  However, a recipient is much more likely to respond if the email appears to come from a trusted source, whether there is a relationship or not. 

Unfortunately, individuals who respond to these emails are putting their assets and financial information at risk.  An identity thief can use this data to access active accounts to withdraw funds or buy expensive items and services.  They can also use the information to open up new accounts in the victim's name and remain under the radar by supplying a different address.  The worst part of all, recipients may not realize for some time that they have just become a victim of identity theft.   

How to Combat Phishing Schemes

Being that this crime has evolved so rapidly, Canada's Department of Public Safety has teamed up with the United States Department of Justice to warn internet users about phishing.  Here are three steps they recommend when being approached with this scam:

1. Recognize it: The popularity of phishing has made this scheme easier to detect.  A user should never respond to or click on any links in an email from a sender requesting sensitive information. 

2.  Report it: If you have taken the bait of a phishing scam, it is very important to contact your credit card company or financial institution right away.  You should also report this crime to your local police department.  This will provide you with documentation that may need to be displayed to an institution to help prove your case.

3. Prevent it: Phishing can be prevented by learning the routine practice of your credit card company or financial institution.  In most instances, they will never ask you to confirm such sensitive information via email.  By understanding how these companies operate, you can stop schemers in their tracks and save yourself from identity theft.      


Log in or sign up to comment.

Post a comment

Log in or sign up to comment.
In 2003, more than 10 million Americans fell victim to identity theft.

Identity theft costs business and individuals $53 billion dollars annually

In 2003, Americans spent 300 million hours resolving issues related to identity theft.

70% of all identity theft cases are perpetrated by a co-worker or employee of an affiliated business.