Phishing and Spoofing
Two new risks to add to your computer vocabulary are "phishing" (pronounced fishing) and "spoofing".
These terms refer to ID-Theft scams being used to target bank customers. Phishing involves sending emails that purport to be from a bank to its customers asking for personal information such as Social Security and account numbers. The term "phising" comes from the fact that Internet scammers are using increasingly sophisticated lures as they "fish" for users' financial information and password data. The most common ploy is to copy the Web page code from a major site and use that code to set-up a replica page that appears to be a part of the company's site. (This is why "phishing" is also called "spoofing".)
Since "phishing" relies on deceiving customers, there is no software to protect fully either the bank or the customer.
The following information will assist you in keeping your ID information secure:
  • Beware of email messages that ask for "confirmation" or otherwise seek to have you divulge information that the bank should already know. If you receive an unexpected email saying your account will be shut down unless you confirm your account information, do not reply or click any links in the email body.
  • Never divulge personal account data or Social Security numbers over the Internet. The bank will never ask for such information in that manner.
  • Report any suspicious email to the bank - but not via the Internet site being referenced in the email.
  • If you are uncertain about information in an email, contact the company through an address or telephone number you know to be genuine.
  • If you unknowingly supply personal or financial information, contact your bank and credit card company immediately.
  • Suspicious email should be filed with the Iowa State Attorney General's Office or through the FTC at www.ftc.gov.