What Is Phishing?

Creating a fraudulent replica of an existing Web page to fool a user into submitting personal, financial, or password data. —phish v. —phisher n.

Don’t Take the Bait!

If you receive an unexpected email saying your account information must be verified for any reason at all—you have been targeted in a phishing scam.

Lassen County Federal Credit Union will never contact you in this manner, nor would any other legitimate financial institution. Below are suggestions to help you avoid getting hooked by a phishing scam:

  • If you get an email or pop-up message that asks for personal or financial information, do not reply. And do not click on the link in the message. Legitimate companies do not ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address yourself. In any case, do not cut and paste the link from the message into your Internet browser. Phishers can make links that look like they go to one site, but actually send you to a different site.
  • Use anti-virus software and a firewall, and keep them up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.
  • Do not email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a website URL that begins with “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons.
  • Review credit card and bank account statements as soon as you receive them and check for unauthorized charges.
  • Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization being impersonated in the phishing email. Most organizations have information on their websites about where to report problems.

You can learn about other ways to avoid email scams and deal with deceptive spam at ftc.gov/spam.