Privacy | Identity Theft | Phishing

Don't get hooked by "phishing" scams

Beware of emails asking for personal information

"We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."

"During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."

Have you received an e-mail with a similar message? It's a scam called phishing (pronounced "fishing") — and it involves Internet fraudsters who send spam, pop-up or even text messages to lure personal information from unsuspecting victims.

According to the Federal Trade Commission, the nation's consumer protection agency, phishers send a message that claims to be from a business or organization you may deal with — for example, an Internet service provider, credit union, bank or even a government agency. The message may ask you to "update," "correct," or "verify" your account information. The message may direct you to call a certain phone number or to go to a web site that looks like a legitimate organization's site, but it isn't. It's a bogus site designed to trick you into providing things like your credit card numbers, account numbers, Social Security number, passwords or other sensitive information.

Protect yourself

First, you should know that Columbus Metro will never request personal information through e-mail. We will never ask you to "verify" information in an e-mail. And we will never ask you to click on a link to a "special" web site to verify or request personal information.

To avoid becoming a victim of online crime, the FTC offers these tips:

1. If you get an e-mail or other message that asks for personal or financial information, do not reply. And don't click the link in the e-mail, either. Legitimate companies don't ask for this information via e-mail. If you are concerned about your account, contact the organization using a phone number or web address you know to be correct.

2. Area codes can mislead. Some scammers send an e-mail that appears to be from a legitimate business and ask you to call a phone number to update your account. Thanks to Voice Over Internet Protocol, or VOIP, the area code you call doesn't necessarily reflect the actual location you're calling. If you need to reach an organization you do business with, call the number on your statement.

3. Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.

4. Don't e-mail personal or financial information. E-mail is not a secure method of transmitting personal information. If you initiate a transaction and want to provide personal or financial information through a web site, look for indicators that the site is secure — either a lock icon on your browser's status bar or a URL that begins "https:".

5. Review credit card and account statements as soon as you receive them to check for unauthorized transactions. If your statement or bill is more than a few days late, call the company to confirm your billing address and account balances.

6. Be cautious about opening any attachment or downloading any files from e-mails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer's security.

7. Forward spam that is phishing for information to spam@uce.gov and to the company, bank or organization impersonated in the phishing scam. You can send such messages to Columbus Metro at cmfcu@columbusmetro.org.

8. If you believe you've been scammed, visit the FTC's Identity Theft web site at www.ftc.gov/idtheft to file a report and for steps you can take to protect yourself from identity theft.

If you have any other questions about phishing, or have a suspicious email that appears to be from Columbus Metro, email us.