Don’t Get ‘Phished’ ! 


The term ‘phishing’ refers to a set of techniques that malicious entities use to trick unsuspecting users into revealing personal information such as social security numbers, bank account information, credit card numbers, passwords, PIN numbers, etc. A malicious entity may then use such information to commit theft and/or fraudulent activity. Most phishing attempts begin with a large-distribution email message (may or may not be to a targeted list) and a subsequent follow-on mechanism to actually capture the personal information; such follow-on mechanisms include “false-front” web sites, false email addresses, HTML-email exploit code, malicious code email attachments, and others.

Putnam 1st Mercantile Bank will never request account or sign-on information from you via email ! Let us know if you receive an email requesting this type of information.

The 'Phished': Lessons Learned for Consumers

Consumers avoided falling victim to ‘phishing’ attacks by following suggestions such as the following:

  1. Do not reply or click on the link in a suspicious e-mail that warns you, with little notice, that an account of yours will be shut down unless you confirm your billing information. Instead, contact the company cited in the e-mail using an authentic telephone number or [website address] other form of communication that you are sure is genuine.
  2. Before submitting financial information through a website, look for the locked padlock on the browser’s status bar or look for ” https ://” at the beginning of the web address in your browser’s address window. The presence of a padlock and the https :// does not guarantee that the website is legitimate or secure. However, the absence of either the padlock or the https:// does indicate that the website is not secure .
  3. Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
  4. Report suspicious activity to the FTC. Send the actual phishing e-mail to If you believe you have been defrauded, file your complaint at , and then visit the FTC’s Identity Theft website at to learn how to minimize the financial damage from identity theft.
  5. For additional guidance on how to avoid falling victim to these attacks, visit the Federal Trade Commission’s (FTC) consumer help site at .