The number and sophistication of phishing scams sent out to consumers is continuing to increase dramatically. While online banking and e-commerce is very safe, as a general rule you should be careful about giving out your personal financial information over the Internet. The Anti-Phishing Working Group has compiled a list of recommendations that you can use to avoid becoming a victim of these scams.
1.Be suspicious of any email with urgent requests for personal financial information
2.Phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately
3.They typically ask for information such as usernames, passwords, credit card numbers, social/national security numbers, date of birth, etc.
4.Don't use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic Instead, call the company on the telephone, or log onto the website directly by typing in the Web address in your browser
5.You should only communicate information such as credit card numbers or account information via a secure website or the telephone
Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser
Managing Your Account
Your login information, especially your password, is the key to your account. To prevent unauthorised access to your account, we recommend that you never share your login information, change your login information at least every three months, and always use a complex password.
Here are tips on how to create a complex password:
Simple passwords that might be easy for others to guess (e.g., password, password1, 1234) are prohibited. Instead, try using words or phrases that have more personal meaning.
Your password must have a minimum of 8 characters. Try using more if you can. Each additional character helps.
Make sure you use at least one number or symbol (other than '&', '<' or '@', which are restricted) in your password. Not only is it required, but doing so makes your password harder to guess and harder for automatic decoders to generate.
To make it easier to remember, try replacing several letters in your password with a number or symbol that look similar; for example, use a zero instead of the letter O, and replace the letter S with a $.
Create a pass phrase. Some job boards support the use of the space bar in passwords, so you can use a complete phrase as your password.
Avoid these common password mistakes:
Words found in the dictionary are easier for others to guess. Using a random series of characters is best.
Sequences of characters and repeating characters (e.g., 123456, abcdefg, 9999) are also easier to guess. If you change your password every month from 'password1' to 'password2', 'password3', etc., someone could easily crack your code.
Never use a password that is the same as, or a variation of, your username, email address, real name, or company name.
Never use a password that is used as an example of a secure password.
Keep your password secure:
You're the only person who needs to know your password. Don't share it with anyone. If you're concerned that someone else might know your password, change it immediately.
As tempting as it might be to write your password down to help you remember it, this is very unsafe. Take a few minutes to memorise your password.
Never email anyone your password, and most importantly, never respond to an email that is asking for your password.
If you suspect that you've received a fraudulent email that is targeting one of our members websites and its members, please contact us so that we can investigate and take the appropriate action. After reporting the fraudulent email, you should delete it from your inbox.
Note: To ensure we can thoroughly investigate your reported fraud, please do not change, or retype, the subject line of the fraudulent email. Also be sure that you include the complete header information from the email. For instructions on how to display complete header information, please visit the SpamCop website.