Phishing scams are popular methods of identity theft, they work pretty well and identity thieves use a lot of creativity and put a good amount of effort towards leading victims into their traps to collect their personal information. Here are some sample paragraphs from the emails you would typically get in an email phishing scam:

Once the unsuspecting victim follows these directions they’re very likely to end up at a spoofed website where they voluntarily provide credit card numbers, bank account information, social security numbers, passwords and other sensitive information. This is the basic premise of a phishing scam. The thieves send emails and pop up messages claiming to be from legitimate businesses and financial institutions that you may actually deal with.

Often these emails are written so well that they are able to give the victim a sense of urgency to act quickly and take action. Also they often stress the point that there are consequences to not following their directions, such as: “your account will be closed” or “your membership will be indefinitely suspended” or “you run the risk of having fraudulent charges run on your account” etc.

Email phishing scams

If an email asks that you validate, update or confirm by following a link they provide, the best thing you can do is ignore and delete the message. Do not click on any of the links they provide in the email. If you really have a concern about your account, then call your credit card company, or banking institution by finding their number in the back of your cards or your paper statements and verify with them if there is in fact something wrong with your account. However, you need to know now that legitimate companies never ask for this information over email or phone. They already have it and if it were a case of fraud they would automatically freeze the account and notify you of it.

Phone phishing scams:

You may get an email that has a number rather than a link where you call to do the verification. The person to answer the phone may even sound like an operator from a particular institution by giving you a formal greeting. You must pay attention to the number that’s provided. Normally financial institutions provide numbers that begin with 1-800, 1-877, 1-888 and 1-866. These are toll free numbers. They’re free for you to call, but it usually costs the merchants a lot of money to have. So this is a give away if the number provided does not start with one of these area codes.

Also if you get contacted via phone, look at your caller ID and take notice of the number displayed, if it does not start with one of the above area codes, then more than likely you’re not talking to a legitimate source. Whether you are asked to call or get a call at home, having one of the above area codes displayed does not necessarily guarantee that you’re talking to a legitimate source, it may still be a phone phishing scam. Savvy thieves and hackers can also spoof phone numbers if they have access to sophisticated equipment. What you need to take away from this is that you should never provide any kind of sensitive or personal information over the phone or email, no matter who seems to be asking for it.

Other things you should do to avoid phishing scams

Use firewall, anti-virus and anti-spyware -
If you access the internet a lot and you do open every piece of email you receive then you must be equipped with the proper protection. Anti-virus and firewall software can protect you from inadvertently accepting and downloading malicious software on your computer system. A firewall increases your transparency on the internet, making it harder for scanning software to find you and blocking all communications from unauthorized sources. If you have a broadband connection, it is particularly important to run a firewall. Spyware software is specifically designed to stop spyware programs like keyloggers and pop up windows that run silently as background processes and record your activities while you’re online.

Never send personal information over email -
Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; skilled hackers and phishing scam artists are able to forge security icons.

Be on the alert with your statements -
Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.

Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer’s security.

Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.

If you believe you’re a victim of a phishing scam, visit the FTC’s Identity Theft website at www.ftc.gov/idtheft. Victims of phishing scams can become victims of identity theft very easily. While you can’t entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk. If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report so set up fraud alerts as soon as possible.

To learn other ways to avoid email scams and deal with deceptive spam visit ftc.gov/spam.