Every Internet user should be aware of email fraud also known as “spoof” or “phishing” and should take the necessary precautions to protect yourself and your identity.
What is Email Fraud?
Also known as spoof or phishing, fraudulent emails are those that appear to be from a well-known, reputable company but can put you and your personal information at risk. Other scams include pop-up Web pages that ask for sensitive personal information.
Fraudulent emails and phishing Web pages typically ask you to click on a link back to a
spoof web site to provide, update or confirm sensitive personal information, such as:
- Your account number
- Password/Personal Identification Number
- Social Security number
- ATM, debit or credit card information
- Bank account number
How does phishing work?
Today, online criminals put phishing to profitable use. Popular targets are users of online banking and financial services and auction sites. Phishers usually work by sending out e-mail spam to large numbers of potential victims. These emails direct the recipient to a Web page that appears to belong to their online bank, for example, but in fact captures their account information for the phisher’s use.
Typically, a phishing email will appear to come from a trustworthy company with images, logos, and links that appear to be legitimate. Often the subject line and the message are intended to alarm the recipient into taking action. A common approach is to tell the recipient that their account has been de-activated due to a problem and inform them that they must take action to re-activate their account. The email will contain what appears to be a convenient link, but it takes the recipient to a fake website set up by the scammer. Once at that page, the user enters his/her personal information, which is then captured by the fraudster. Oftentimes the fraudulent emails will also disguise or forge the sender’s email address so it appears to be legitimate.
Even clicking on the link can subject you to harmful computer viruses and identity theft.
How do scammers get my email address?
Many scammers randomly generate email addresses, purchase email lists, or obtain addresses from online auction sites, directories and other web pages.
How do I protect myself?
There’s a lot you can do to protect yourself from becoming a victim of email fraud. First and foremost, do not respond to any emails requesting sensitive personal information, such as account numbers, passwords, or Social Security numbers. Reputable companies will never ask you to verify or update this information online.
Because scam emails can be tough to distinguish from legitimate ones, call the company and ask them about the email.
It’s also important to make sure your computer is updated regularly. Check that your anti virus software is up to date and that you have installed the latest Windows (or other operating systems) updates. Also, be sure to run the most recent version of your Web browser. Using anti-spam software and spam filters for your email will provide additional protection.
How do I report suspected cases of email fraud?
To report suspected cases of fraud, you should first go to the website for the company that sent you the suspicious email and look for directions. Do not follow any links from the fraudulent email. Instead, open a new browser, and connect to the company’s website by typing in the website address (URL). If you cannot find any information on the email scam at the company’s website, you may file a complaint with the Federal Trade Commission (FTC).
If you have supplied your personal information online, you should immediately contact the three major credit bureaus and the Online Fraud Prevention Hotline and ask them to flag your accounts with a “fraud alert.”
Online Fraud Prevention Hotline (866.867.5568)
Equifax Fraud Hotline (800.525.6285)
Experian Fraud Hotline (888.397.3742)
TransUnion Fraud Hotline (800.680.7289)
You may also contact Lombard’s Customer Service department also at 800.755.2144 for any questions about our email policies.
Lombard Securities’ Email Policy
Lombard Securities will never ask clients to confirm or disclose passwords or sensitive personal or financial information to anyone in any way. Even your broker does not need access to your password, as Lombard brokers access your accounts through another service that requires a separate password that is unrelated to your password.
Be sure to immediately report any suspected fraud involving your Lombard Securities account — whether online or not — to our Customer Service department at 800.755.2144. All sensitive information exchanges about your Lombard accounts should take place over the phone, by U.S. Mail, or by identifiable express mail services. If you have any questions, please call us at 800.755.2144.