Protect yourself online, don't get caught by phishers
In this report
An improving picture
New threats are insidious
Talk the talk
State of the Net 2008
Don't get caught by phishers
Get real-world advice from others about choosing a new computer, printer, peripherals, etc.

September 2008
send to a friend printable version
Don’t get caught by phishers
Image of an e-mail from Chase
DON'T BITE   This actual Chase e-mail links to a log-in page for the recipient's account; so do many phishing attacks.
Of all the Internet risks, phishing has been the toughest to thwart because it’s often almost impossible for a consumer to tell a phony e-mail from a legitimate one. That’s why the Federal Trade Commission says you shouldn’t click on links in an unsolicited e-mail to access a financial account. Yet most respondents to our survey don’t follow that advice, partly because they’re tempted by offers like this one that Chase Online recently sent account holders. (In a recent spam study, security software maker McAfee found phishing attacks that used Chase’s name to be the most prevalent type worldwide; a Chase spokesperson told us that the e-mail shown was genuine.) The e-mail contained the recipient’s name and part of his account number, but a prominent link took us to an insecure page where we could log in by entering a user ID and password.

If this e-mail had been fake, it could have been used to steal the recipient’s credit-card number, savings account, or identity. Unless you’re absolutely sure of the source of such an e-mail, access your account only on your own directly through a browser or call the company at a phone number you’ve verified.