FDIC Guidance on Phishing Scams

The following guidance on avoiding phishing scams is provided by FDIC.gov. The term phishing, as in fishing for confidential information, refers to a scam that encompasses fraudulently obtaining and using an individual's personal or financial information. Since January 23, 2004, criminals have been using the FDIC's name and reputation to perpetrate various "phishing" schemes. It is important to note that the FDIC will never ask for personal or confidential information in this manner.  This is how phishing works:

  • A consumer receives an e-mail which appears to originate from a financial institution, government agency, or other well-known/reputable entity.
  • The message describes an urgent reason you must "verify" or "re-submit" personal or confidential information by clicking on a link embedded in the message.
  • The provided link appears to be the Web site of the financial institution, government agency or other well-known/reputable entity, but in "phishing" scams, the Web site belongs to the fraudster/scammer.
  • Once inside the fraudulent Web site, the consumer may be asked to provide Social Security numbers, account numbers, passwords or other information used to identify the consumer, such as the maiden name of the consumer's mother or the consumer's place of birth.

When the consumer provides the information, those perpetrating the fraud can begin to access consumer accounts or assume the person's identity.

If you suspect an e-mail or Web site is fraudulent, please report this information to the real bank, company or government agency, using a phone number or e-mail address from a reliable source. Example: If your bank's Web page looks different or unusual, contact the institution directly to confirm that you haven't landed on a copycat Web site set up by criminals. Also, contact the Internet Crime Complaint Center, www.ic3.gov, a partnership between the FBI and the National White Collar Crime Center.

If you suspect that you have been a victim of identity theft, perhaps because you submitted personal information in response to a suspicious, unsolicited e-mail or you see unauthorized charges on your credit card, immediately contact your financial institution and, if necessary, close existing accounts and open new ones. Also contact the police and request a copy of any police report or case number for later reference. In addition, call the three major credit bureaus (Equifax at 800-525-6285, Experian at 888-397-3742 and TransUnion at 800-680-7289) to request that a fraud alert be placed on your credit report.