"Phishing" (ph instead of f) is the use of emails that spoof a financial institution in hopes of getting personal information or account information so the perpetrator could hijack your bank account(s).- Never use the link in an email to a financial institution. If you are concerned about an email from a financial institution, use your browser and type in the URL yourself or use a "favorites" shortcut you had generated and you know is good to get to the company's web site. The problem with links in emails is that it is very easy to construct a link that says one thing and takes you to a different web site, or make use of certain URL features that most people might not be aware of (e.g., specifying email@example.com is syntactically the use of "somewhere.com" as the id to log on to "someplace.com", so just seeing a recognized domain name might not be enough to know where the URL is really going).- Never reveal account information or any personal information to any party where you did not initiate contact. If it is really important, get the party's name, phone number, and company, and then call that company's number that you know from a good source, such as from the phone book or from a web site (that you accessed, not from a web site directed to by an email), to call back and ask for that party's extension.Phishing has gotten more sophisticated; it is often hard to tell a spoofed email from a real one. Sometimes it helps if one knows what to look for in the "source code" (HTML code) of the message, but even this can be deceiving because a web site might be set up with a similar name that one might mistaken for the real site (e.g., paypall.com or paypal.org instead of paypal.com, or keybank.com instead of key.com).Of the emails claiming to be from maybe a couple dozen different organizations claiming that there is a problem with my account or there are new security procedures, only two proved to be valid, but I didn't trust the emails but connected directly to their web sites using known URLs and, as soon as I was logged on, their sites identified the situation.I don't even follow Vanguard's emailed URLs to my account statements--I don't know how long it will be before some nefarious person decides to spoof them and send out an email the day before Vanguard emails their notices but with the links taking a person to an out-of-country site.
Best Of |
Favorites & Replies |
Start a New Board |
My Fool |
BATS data provided in real-time. NYSE, NASDAQ and NYSEMKT data delayed 15 minutes.
Real-Time prices provided by BATS. Market data provided by Interactive Data.
Company fundamental data provided by Morningstar. Earnings Estimates, Analyst Ra