In 2003, the Federal Trade Commission (FTC) released the Identity Theft Survey Report, which indicated that many victims expressed that they would have benefited a great deal if they had better awareness of the potential for identity theft. Although phishing remains prevalent, many consumers have become sophisticated enough to identify fraudulent emails. Nevertheless, more advanced scams, such as spear phishing and pharming schemes, may still lure a consumer to provide personal information.
Banks, credit issuers, and other businesses have made efforts to educate their customers about the potential for phishing schemes and other fraudulent scams. Most businesses do not request personal information from their customers through email messages, and so almost all emails that request this information are illicit. Consumers who receive any suspicious correspondence requesting personal information should contact the business that apparently sent the request.
Several businesses and law enforcement agencies have joined the Anti-Phishing Working Group (APWG), which has been formed to eliminate the threat of phishing scams. Both the APWG and the FTC offer several suggestions in addition to those summarized above.
- Use anti-virus software and a firewall, and keep both up-to-date.
- Do not use email to send personal or account information.
- Review credit card and bank accounts as soon as they are received.
- Regularly log on to online accounts.
- Be cautious about opening any attachment or downloading any files from emails.
- Forward phishing emails to the appropriate authorities, including the following email addresses: firstname.lastname@example.org (FTC); email@example.com (APWG).
- File a complaint with the FTC. More information is available online at http://www.consumer.gov/idtheft/.