Internet phishing (pronounced fishing) is when someone sends an e-mail to a victim acting as if they are the victim’s bank, credit card company, Paypal, or other financial institution. The e-mail will tell the recipient that their account has been compromised in some way and the victim needs to click on a link to verify they own the account, or they need to click a link and validate their username and password or they may even request the victim’s personal information such as date of birth and social security number.

It’s important to know that if a bank has an issue with a bank account, they will not ask the customer to provide private information via e-mail (or over the phone). They may ask for the last four digits of the social security number, on file, but they should not be asking for personal information or even asking the customer to log in or send them the username and password. Links in e-mail can be hovered over with a mouse and a small pop-up box shows the real link. They may make it look real, because it is easy to make it look legitimate. Hovering over the link (never click it first) usually shows a long and mysterious link. Don’t click on it. Even if it looks like a legitimate link, it is better to pick up the phone and call the bank directly (do not use the phone number from the phishing e-mail) to speak with a representative or go to the bank in person to verify the situation.

The purpose of internet phishing is to steal personal information leading to identity theft. This problem is increasing on a daily basis and is very hard to reverse. It is fine to stay safe and double check. Financial institutions are happy to answer questions about legitimacy and participate in keeping customers safe.