PRESS RELEASE FOR IMMEDIATE RELEASE
Contact: Lori Sitler or Janice Fitzsimons
Phone: (302) 577-8314
Pager: (302) 247-1132
Date: December 15, 2004
DON’T GO “PHISH”!
Caution Advised as Scammers Become More Sophisticated
(Wilmington, DE): The next time you get an email from your bank, you had better be sure it IS from your bank! “Phishing” is a form of an on-line identity theft scheme in which the scammer, claiming to be a legitimate company - often a bank or other well recognized and trusted business- attempts to trick a recipient into “verifying” their personal and financial information such as credit card numbers, account numbers and usernames, passwords or social security numbers.
A recent report from an industry association, the Anti-Phishing Working Group (APWG) identified a 100% growth rate in “phishing” sites from September to October, 2004 alone and an increase in the sophistication and quality of these fake emails. Attorney General Jane Brady urges heightened caution when Delaware consumers are responding to email requests for personal information from seemingly legitimate businesses.
“Most troubling to me is the fact that these emails often assure the recipient that the reason for needing to verify account information is to safeguard the account from identity thieves! Consumers will often recognize the logo of the bank or other business in the email and assume that the request is from a legitimate source,” said Attorney General Brady. According to the APWG, brands that have been targeted by “phishers” include: Citibank, SunTrust, eBay, MSN, Wells Fargo, Verison, Sovereign Bank, Pay pal, Bank One, Washington Mutual, VISA, MBNA, and the FDIC.
The APWG, focused on eliminating the identity theft and fraud that result from the growing problem of “phishing”, estimates that scammers are able to convince up to 5% of recipients to respond to the bogus emails. Since the incidents of “phishing” emails has grown exponentially in the past year and is a global phenomenon, the pool of potential victims is on the rise. TowerGroup, a leading advisory research firm focused on the global financial services industry, recently estimated that fraud losses from email “phishing” will total $137 million globally in 2004.
Attorney General Brady offers the following tips, compiled from advice offered by the Federal Trade Commission (FTC) and the financial services industry:
· Never provide personal or financial information to unsolicited email web site requests. Legitimate businesses don’t ask for this information via email. If in doubt, you should contact the business directly.
· Type web addresses into browsers – don’t click on a link provided in an unsolicited email.
· Change your passwords and PINS regularly.
· Review credit card statements monthly to determine if there are any unauthorized charges.
· Regularly monitor your credit reports through the 3 major credit bureaus.
· Keep anti-virus and anti-spam software up to date.
· Be cautious about opening attachments or downloading files, especially from unknown sources.
· If you receive a “phishing” email, forward it to the FTC at email@example.com . Several of the financial institutions and businesses which have been targets of “phishers” also welcome reports of bogus emails posing as their company for their own fraud prevention activities.
If you have provided personal or financial information in response to a “phishing” email:
· Visit the Attorney General’s website at attorneygeneral.delaware.gov/ and print a copy of the ID Theft Victim Kit which will provide you with a step by step guide on what to do if you are a victim and will help you report and document the incident.
· Immediately contact the financial institution or business to make a report and request assistance. The company may be able to “red flag” your account with a fraud alert caution, or close the account and re-issue it using new account numbers and passwords.
· Contact the fraud department of one of the three major credit bureaus to report suspected identity theft. The credit bureau you contact will share your report with the other two agencies.
· File a police report.
· File a complaint with the FTC at www.ftc.gov or by calling 1-877-FTC-HELP (1-877-382-4357) TTY line for the hearing impaired: 1-866-653-4261