Home >> Learning Center >> Resource Center

Resource Center

Avoid Getting "Hooked" by Phishers
By Brad Place, Pinnacle's Web Administrator

Phishing isn't what people do on Percy Priest Lake. It's a high-tech scam in which trusted brands of well-known banks, online retailers, and credit card companies are highjacked and used to create bogus e-mails and websites that fool you into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc.

By sending out urgent messages that ask you to "update" or "validate" your account information, phishers are able to steal your identity and run up bills or commit crimes in your name. The worst part is that phishers are usually very, very good at tricking you - using the brand's logo or sending you to what appears to be a bonafide website of the company you know and trust.

With phishers now sending out an average of five million e-mails per month (up from 250,000 in 2004), it's important to know how to protect yourself.

Pinnacle suggests these tips to help avoid getting hooked by a phishing scam:

• If you get an e-mail or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don't ask for this information via e-mail.
• If you are concerned about your account, contact the organization in the e-mail using a telephone number you know to be genuine, or open a new Internet browser session and type in the company's correct Web address. In any case, don't cut and paste the link in the message.
• Don't e-mail personal or financial information. E-mail is not a secure method of transmitting personal information.
• Before making a transaction or providing information, look for indicators that the site is secure. Look for a lock icon on the browser's status bar or a URL for a website that begins "https:" (the "s" stands for "secure").
• Review account activity regularly. Look over credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges.
• Use anti-virus software and keep it up to date. Some phishing e-mails contain software that can harm your computer or track your activities on the Internet without your knowledge. Your operating system (i.e. Windows or Linux) may offer free software "patches" to close holes in the system that hackers or phishers could exploit.
• Be cautious about opening any attachment or downloading any files from e-mails you receive regardless of who sent them.

Report suspicious activity to the FTC. If you receive spam that is phishing for information, forward it to spam@uce.gov. If you believe you've been scammed, file your complaint at www.ftc.gov, and then visit the FTC's Identity Theft Web site at www.consumer.gov/idtheft to learn how to minimize your risk of damage from ID theft. Visit www.ftc.gov/spam to learn other ways to avoid e-mail scams and deal with deceptive spam.

How Pinnacle is fighting phishing

Last month Pinnacle's bill pay partner installed an update to its system that serves as a response to various 'phishing' scams that have become very common on the Internet.

The system combats phishing by asking bill pay users for a security word. Now when Pinnacle's bill pay clients log into online banking and choose bill pay, they are redirected to the bill pay partner's site.

On the first bill pay use after the upgrade, users are asked to create a security word for future logins. This is a one time request. Pinnacle's bill pay partner remembers the word and displays it briefly during every subsequent bill pay session. If a Pinnacle client visits a site claiming to be our bill pay site and no security word is displayed, it will be a red flag to leave the site immediately and report it to Pinnacle.

Return to the Resource Center Home Page