Don’t Get ‘Phished’ !
The term ‘phishing’ refers to a set of techniques that malicious entities use to trick unsuspecting users into revealing personal information such as social security numbers, bank account information, credit card numbers, passwords, PIN numbers, etc. A malicious entity may then use such information to commit theft and/or fraudulent activity. Most phishing attempts begin with a large-distribution email message (may or may not be to a targeted list) and a subsequent follow-on mechanism to actually capture the personal information; such follow-on mechanisms include “false-front” web sites, false email addresses, HTML-email exploit code, malicious code email attachments, and others.
Putnam 1st Mercantile Bank will never request account or sign-on information from you via email ! Let us know if you receive an email requesting this type of information.
The 'Phished': Lessons Learned for Consumers
Consumers avoided falling victim to ‘phishing’ attacks by following suggestions such as the following:
- Do not reply or click on the link in a suspicious e-mail that warns you, with little notice, that an account of yours will be shut down unless you confirm your billing information. Instead, contact the company cited in the e-mail using an authentic telephone number or [website address] other form of communication that you are sure is genuine.
- Before submitting financial information through a website, look for the locked padlock on the browser’s status bar or look for ” https ://” at the beginning of the web address in your browser’s address window. The presence of a padlock and the https :// does not guarantee that the website is legitimate or secure. However, the absence of either the padlock or the https:// does indicate that the website is not secure .
- Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
- Report suspicious activity to the FTC. Send the actual phishing e-mail to firstname.lastname@example.org. If you believe you have been defrauded, file your complaint at http://www.ftc.gov , and then visit the FTC’s Identity Theft website at http://www.ftc.gov/idtheft to learn how to minimize the financial damage from identity theft.
- For additional guidance on how to avoid falling victim to these attacks, visit the Federal Trade Commission’s (FTC) consumer help site at http://www.consumer.gov .