“For Your Immediate Attention! Dont Lose Your Account! Update Immediately!”

Bob opened the email and was confronted by the logo of one of his major credit card companies. He had been carrying the card for some time, and had used it for a lot of online purchases.

Understandably he was concerned with the message under the logo: “Due to online identity theft, we need to verify that the information in your account is accurate, or we will be required by the FTC to suspend it”.

Below was an itemized list of the information he was required to verify: his old account number, name, address, telephone number, social security number, and mothers maiden name. The also wanted him to change the password to his account.

Panicked, Bob hit the reply button and started filling in the information. He didnt want to lose that account. He had set up several online accounts using that credit card number, and used it to buy and sell in online auctions…


“Phishing” is a technique used by identity thieves to stampede people into giving out their credit information online. The scam has been around for awhile, and, unlike Bob, most people are aware that they should never:

* Be intimidated by a message found in an “authentic looking” email

* Reply by giving vital information to the “phishers”

* Open up any links contained within the email, which can download “criminalware” onto their computer.

We all know these facts intellectually, but when confronted by an intimidating message, many of us react emotionally, not rationally. Maybe Im more easily intimidated than most, but Ive found myself opening an email and feeling compelled to fill out the information the message demands.

I have to confess an incident that occurred when I almost did that very thing. In my own defense, however, I have to say that it happened before Id ever heard the term “phishing”. Fortunately I became suspicious before hitting the “Send” button.

But I almost did it. I almost sent it off and thereby hanged myself.


Although the public is becoming savvier to this scam, the “phishermen” must be experiencing success because the Anti-Phishing Working Group, http://www.antiphishing.org/ reports that phishing incidents are on the upswing.

They list 28,571 consumer reported incidents in June 2006, almost double the reported numbers in June 2005.

More suckers are being “phished” than ever before, and as every honest fisherman knows, there is no bag limit on suckers.


Of course, the best thing to do when asked for vital information by someone purporting to be a legitimate credit card company or other institution is to call the company on the telephone and ask if the email in question does indeed come from them. Then, if it has, go to that site to change your information.