What is Phishing?

Phishing is a common online scam designed to trick you into disclosing your personal or financial information for the purpose of financial fraud or identity theft. Con artists might send millions of fraudulent e-mail messages that appear to come from Web sites you trust, like your bank or credit card company, or ISP and request that you provide personal information. While you may think you are giving your information to a valid company, instead you are providing it to a fraudster!

Here's how it works:

  1. You receive an unsolicited e-mail appearing to be from a legitimate company. A typical phishing e-mail will give you a phoney reason, such as a security breach or contest, to trick you into providing your personal information.
  2. The e-mail will often include a reason that urges you to click on a link that takes you to a fake website.
  3. That fake website will look authentic by copying the brand name and logo of the real company. This phoney site will ask you for personal information such as credit card numbers, account numbers, passwords, date of birth, driver's license number, and social insurance or social security numbers.

Why did I receive a phishing e-mail?

You received a phishing e-mail simply because your e-mail address has ended up in the hands of a fraudster.

E-mail addresses are easily obtained and shared on the Internet – just like phone numbers and mailing addresses. But, other than having your e-mail address, it is unlikely the fraudster knows anything else about you – not even your name.

So, these fraudsters need to do three things to be successful.

  1. target companies with large numbers of customers, such as Internet Service Providers like Bardstown Cable Internet.
  2. send thousands of phishing e-mails in order to reach as many of these customers as possible (many of the e-mails are also received by non-customers).
  3. write the e-mail messages in such a way as to trick people into revealing their confidential information.

Recognizing Phishing E-mails

Phishing e-mails are becoming more sophisticated and can be tricky to spot. Being able to recognize phishing e-mails can help prevent you from becoming a victim.

Here are a few phrases to look for if you think an e-mail message is a phishing scam.

"Verify your account."
Businesses should not ask you to send passwords, login names, Social Security numbers, or other personal information through e-mail.

If you receive an e-mail from Bardstown Cable Internet asking you to update your Bardstown Cable Internet Account, or password to your email do not respond, this is a phishing scam.

"If you don't respond within 48 hours, your account will be closed."
These messages convey a sense of urgency so that you'll respond immediately without thinking. Phishing e-mail message might even claim that your response is required because your account might have been compromised.

"Dear Valued Customer."
Phishing e-mail messages are usually sent out in bulk and often do not contain your first or last name.

"Click the link below to gain access to your account."
HTML-formatted messages can contain links or forms that you can fill out just as you'd fill out a form on a Web site.
The links that you are urged to click may contain all or part of a real company's name and are usually "masked," meaning that the link you see does not take you to that address but somewhere different, usually a phony Web site.

To make these phishing e-mail messages look even more legitimate, the scam artists may place a link in them that appears to go to the legitimate Web site (1), but it actually takes you to a phony scam site (2) or possibly a pop-up window that looks exactly like the official site.

These copycat sites are also called "spoofed" Web sites. Once you're at one of these spoofed sites, you might unwittingly send personal information to the con artists.

Follow these tips to help you avoid falling victim to phishing scams:

Never provide your confidential or financial information over the Internet in response to unsolicited e-mails.

Play it safe! If you don't know the source of an e-mail or if it looks suspicious, do not open it.

Be cautious! Even if you recognize a sender's e-mail address, do not rely on that alone because addresses may be faked. Pay attention to the contents of the e-mail and be careful of any embedded links. Never click on a link in an e-mail that you suspect may be fake.

Be sure! If you are unsure whether you are on a legitimate website, reopen your internet browser and type the company URL in the address bar yourself. Before you enter confidential or financial information online, check for the lock icon on your browser. Ensure the URL in the browser address bar starts with "https."

Be alert! Just because an e-mail or website appears to be from a legitimate company doesn't mean it is. Phishing schemes are designed to look real to trick users into divulging personal information for the purpose of financial fraud or identity theft.