No. of Recommendations: 3
"Phishing" (ph instead of f) is the use of emails that spoof a financial institution in hopes of getting personal information or account information so the perpetrator could hijack your bank account(s).

- Never use the link in an email to a financial institution. If you are concerned about an email from a financial institution, use your browser and type in the URL yourself or use a "favorites" shortcut you had generated and you know is good to get to the company's web site. The problem with links in emails is that it is very easy to construct a link that says one thing and takes you to a different web site, or make use of certain URL features that most people might not be aware of (e.g., specifying is syntactically the use of "" as the id to log on to "", so just seeing a recognized domain name might not be enough to know where the URL is really going).

- Never reveal account information or any personal information to any party where you did not initiate contact. If it is really important, get the party's name, phone number, and company, and then call that company's number that you know from a good source, such as from the phone book or from a web site (that you accessed, not from a web site directed to by an email), to call back and ask for that party's extension.

Phishing has gotten more sophisticated; it is often hard to tell a spoofed email from a real one. Sometimes it helps if one knows what to look for in the "source code" (HTML code) of the message, but even this can be deceiving because a web site might be set up with a similar name that one might mistaken for the real site (e.g., or instead of, or instead of

Of the emails claiming to be from maybe a couple dozen different organizations claiming that there is a problem with my account or there are new security procedures, only two proved to be valid, but I didn't trust the emails but connected directly to their web sites using known URLs and, as soon as I was logged on, their sites identified the situation.

I don't even follow Vanguard's emailed URLs to my account statements--I don't know how long it will be before some nefarious person decides to spoof them and send out an email the day before Vanguard emails their notices but with the links taking a person to an out-of-country site.
Print the post  


When Life Gives You Lemons
We all have had hardships and made poor decisions. The important thing is how we respond and grow. Read the story of a Fool who started from nothing, and looks to gain everything.
Contact Us
Contact Customer Service and other Fool departments here.
Work for Fools?
Winner of the Washingtonian great places to work, and Glassdoor #1 Company to Work For 2015! Have access to all of TMF's online and email products for FREE, and be paid for your contributions to TMF! Click the link and start your Fool career.