The IRS has issued several consumer warnings on the fraudulent use of the IRS name or logo by scammers who are attempting to gain access to your financial information in order to steal your assets — and identity. When identity theft like this takes place over the Internet, it’s called “phishing”. I’ve discussed identity theft before, but I want to take a bit of a deeper look into phishing so you can identify these scams when they hit.
Phishing is defined as an attempt to acquire sensitive information such as user names, passwords and credit cards details by masquerading as a legitimate entity and sending you an email.
These emails will drive you to a website that looks official, but in actuality is a fake. Unwitting users put in their sensitive information and that information is transmitted directly to the scammer. Once that is done, these scammers have access to your accounts.
The key to preventing this from happening is to be aware of a few things:
- Check the email origination: Make sure the email is sent from a legitimate company. For example, if you have a bank account with CHASE, make sure any communications that you receive from the bank originate from CHASE. Many times the phishing emails you receive will originate from a strange address and not from your bank.
- Check the website: If you’ve clicked on an email link and are directed to a website, make sure that website is legitimate by double-checking the address. Again, using CHASE as an example, the web address should start with “chase.com” followed by a forward slash. For example: chase.com/user alert. Many times phising websites will have fraudulent addresses that are close to the legitimate one. For example, it may read chasse.com/user alert. Notice the difference? There is an extra “e” in the address.