HomeE-mailIf a Phisher Catches You

If a Phisher Catches You

Do the following immediately:

  1. Save the phishing email so that you can send it to the reporting authorities (see below).
  2. Change your passwords immediately.
     If you think you've responded to a phishing scam with password information or entered passwords into a phony Web site, change the passwords on all of your online accounts as soon as possible, starting with those related to financial institutions, credit cards and business transactions. If you need to change your Unity password, see the Unity Password Change Tool.
  3. Report the incident to:
    • The company from whom the email appears to come.
      The company will likely want to know if its name is being used fraudulently, and you may find scam and spoof reporting links on its Web site. Or you can contact them by telephone, email or mail, not by using the link in the phishing email you received. The sooner the company knows your account may have been compromised, the easier it will be for them to help protect you.
    • Federal Trade Commission (FTC)
    • Local authorities
      Depending on where you live, local authorities may also accept Internet phishing scam reports.
    • FTC: Identity Theft Site
      Learn how you can minimize any damages or send a message to them at spam@uce.gov.
    • The Internet Crime Complaint Center
      This partnership between the FBI, the National White Collar Crime Center, and the Bureau pf Justice Assistance is working worldwide with law enforcement and industry to promptly shut down phishing sites and identify the perpetrators behind them.
    • The Anti-Phishing Working Group
      This group is building a database of common scams to help inform people of the risks.

    When reporting to these groups, do not use the "forward" option in your email software, as this format may exclude information and requires more manual processing. Instead, create a new email addressed to the group(s) and do one of the following:

    • Attach the phishing email to your new message or
    • Copy the phishing email, including its entire original text and header information, and paste it into your new message.

  4. Continue to monitor your credit card, business and bank statements (paper and online).
    This is especially important after you think you've been scammed. Review them at least monthly so that you can quickly spot and report unauthorized transactions and minimize damage.

Go to the Phishing main page.

View Similar Pages:

Orig. Posted: Mon, 03/30/2009 - 09:11 — cawalker.ncsu.edu  Last Modified: Thu, 06/25/2009 - 10:06