Phishing: Don't Get Hooked by Crooks

E-mail puts you in touch with the world. Unfortunately, it can also put the underworld in touch with you.

We've all gotten those e-mails from well-known companies and financial institutions sporting the company's official logo, urging us to click on a link and go to the company's Web site immediately to verify important information. If you don't, they warn, terrible things will happen: your account will be deleted, or access will be denied, or you'll be charged a fee.

Don't click on those links! If you do, you'll be forwarded to an authentic-looking Web page that reassures you that everything will be fine if you just provide some information, such as your password or your Social Security number. The fake site will even walk you step-by-step through a procedure designed to steal your money, identity, or both.

This technique is called phishing, and it's proved to be one of the most successful types of computer crimes for one primary reason: Phishers take advantage of our trust in the companies we do business with. Here are a few tips to keep in mind the next time an official-looking e-mail from your bank, your credit-card company, or even eBay® lands in your inbox:

• Legitimate companies never send e-mails requesting any confidential information
• Company Web sites, even elaborate ones, can be very easily faked; just because a site looks official doesn't mean it is (the faked sites are called "spoofs," even though there's nothing funny about them)
• A quick phone call or e-mail to the company's financial or security office would reveal the fraud
• Treat phishing e-mails with the same care you would a virus, and delete them immediately

The Bottom Line: Never give any confidential information in response to an unsolicited e-mail, no matter how official it looks. Appearances can be deceiving and dangerous.