ML Home About Us Contact Us
Privacy and Security

What Is "Phishing"?

"Phishing" (pronounced "fishing") is the act of sending an e-mail that fraudulently represents a legitimate company and "lures" you (hence, the phishing name) into divulging personal and financial information that could then be used for identity theft.

Stay away from phishing

Your best line of defense against phishing is to not get lured. Unfortunately, thieves use creative tactics to trick you into providing your personal information. Do not reply to any e-mail that instructs you to enter any piece of personal information directly into the e-mail, such as:

  • An urgent notice that your account will be closed or suspended if you do not provide personal information
  • A survey that asks you to enter personal information
  • An urgent notice that your account has been compromised and asks you to confirm your account information
  • An e-mail that directs you to a non-secure webpage and asks you to enter your username, password or account numbers
  • An e-mail that asks you to confirm, verify, or refresh your account, credit card, or billing information

Example of a phishing e-mail

On the following example, we point out that these are fraudulent. But please note: This is not a finite and comprehensive alert list, given the ever-changing nature of phishing sites.

Review a phishing example.

What happens with a phish?

Some phishing e-mails and Web sites use sophisticated technology that can get to work on committing fraud—without your knowledge.

If you click on a link in a phishing e-mail

The link may automatically install Spyware. This software is remotely installed (through pop-ups and viruses) on any computer you're using. Like its name, it spies on you and tracks which Web sites you visit. This is helpful information to a thief. For example, if they know you visit the Merrill Lynch banking site frequently, they may send you a "spoof" (fake) Merrill Lynch e-mail.

Key logging software is another type of technology that is remotely installed on any computer you're using. This software actually logs which keys you type (e.g., typing a password into a password field). It reports this very important personal information back to the thief who installed it.

If you need to report identity theft or fraud, or if you have questions, please call us at phone 1-800-MERRILL (637-7455), or contact your Financial Advisor.