Help Prevent Identity Theft

Help Prevent Identity Theft
from Phishing Scams

What to do if you’ve responded to a phishing scam

You can do your best to prevent having your identity stolen by a phishing scam, but no method or system can guarantee total safety and security.

If you suspect that you’ve already responded to a phishing scam with personal or financial information or entered this information into a fake Web site, there may be ways you can minimize any damage.

Step 1: Report the incident
If you feel your personal information has been compromised or stolen, immediately report the circumstances to the following authorities:

• Your credit card company, if you have given your credit card information. This should be your first step. The sooner an organization knows your account may have been compromised, the easier it will be for them to help protect you.

• The company that you believe was forged. Remember to contact the organization directly, not through the e-mail message you received.

• The IFCC. The Internet Fraud Complaint Center (IFCC), a partnership between the FBI and the National White Collar Crime Center (NW3C), works worldwide with law enforcement and industry to promptly shut down phishing sites and identify the perpetrators behind the fraud.

• The Federal Trade Commission. If you believe that your personal information has been compromised or stolen, you should report the circumstances to the FTC: National Resource for Identity Theft and visit their site to learn how you can minimize any damages.

You can also report the phishing scam to the Anti-Phishing Working Group at reportphishing@antiphishing.org  and to the FTC at spam@uce.gov. To report the scam to these groups, create a new e-mail message addressed to them and attach the phishing e-mail to the new message. You can also copy the entire phishing e-mail and paste it in the new message. Do not use the “forward” option if possible, as this format may exclude information and requires more manual processing.

Step 2: Change the passwords on all your accounts
If you think you’ve responded to a phishing scam with password information or entered passwords into a phony Web site, change your passwords as soon as possible.

Step 3: Routinely review your credit card and bank statements
If you review your bank and credit card statements at least monthly, you may be able to catch the con artists and stop them before they cause significant damage.

Step 4: Use up-to-date antivirus and anti-spyware software
Some phishing e-mail may contain malicious or unwanted software that can track your activities or simply slow your computer.