"Phishing" (pronounced "fishing") is the act of sending an email that fraudulently represents a legitimate company and convinces an individual to divulge personal and financial information that could then be used for identity theft.
How does phishing occur?
Some phishing emails and web sites use sophisticated technology that work on committing fraud—without your knowledge. Opening a link in a phishing email can result in the installation of:
- spyware, which can monitor and track the web sites you visit. This provides useful personal information for a thief.
- key logging software, which logs keys you type (ex. typing a password into a password field). This confidential information is then reported back to the thief who installed the malicious software.
Example of a phishing e-mail
- On the following example, we point out that these are fraudulent. But please note: This is not a finite and comprehensive alert list, given the ever-changing nature of phishing sites.
- Review a phishing example.
Stay away from phishing
Your best line of defense against phishing is to exercise caution with any suspicious emails. Unfortunately, thieves use creative tactics to trick you into providing your personal information. Do not reply to any email that instructs you to enter any piece of personal information directly into the email, such as:
- An urgent notice that your account will be closed or suspended if you do not provide personal information
- A survey that asks you to enter personal information
- An urgent notice that your account has been compromised and asks you to confirm your account information
- An email that directs you to a non-secure webpage and asks you to enter your username, password or account numbers
- An email that asks you to confirm, verify, or refresh your account, credit card, or billing information
Other types of frauds
While email fraud is a commonly used tactic, there are other types of attempted fraud:
- Smishing: "SMShing are like phishing but sent via SMS text messages to access information.
- Vishing: "Vishing" uses the features of Voice over IP phones to steal personal and financial information.
Report any instances of phishing, smishing and vishing to firstname.lastname@example.org.
If you need to report identity theft or fraud, or if you have questions, please call us at 1.800.MERRILL (637.7455), or contact your financial advisor.