In a typical case, you’ll receive an e-mail that appears to come from a reputable company that you recognize and do business with, such as your financial institution. The e-mail will probably warn you of a serious problem that requires your immediate attention. The e-mail will then encourage you to click on a button to go to the institution’s web site. In a phishing scam, you could be redirected to a phony Web site that may look exactly like the real thing.
In either case, you may be asked to update your account information or to provide information for verification purposes: your Social Security number, your account number, your password, or the information you use to verify your identity when speaking to a real financial institution, such as your mother’s maiden name or your place of birth. If you provide the requested information, you may find yourself the victim of identity theft.
Similar in nature to e-mail phishing, pharming seeks to obtain personal information by directing users to spoofed Web sites where their information is captured, usually from a legitimate–looking form.
Rather than being spammed with malicious and mischievous e-mail, pharming ‘poisons’ a DNS server by infusing false information into the server, resulting in a user’s request being redirected elsewhere. Your browser will show you are at the correct Web site, which makes pharming a bit more serious and more difficult to detect.
To file a complaint or to get free information on consumer issues, visit www.ftc.gov or call toll-free, 1-877-FTC-HELP.