Quizzes   Games   Partners   BSA Members

Select Language:

Cyber Safety Glossary


Also Known As:
Brand spoofing, Carding.

Phishing refers to the process of imitating legitimate companies in emails or creating fake Web sites designed to look like a legitimate Web site in order to entice users to share their passwords, credit card numbers, and other personal information. The perpetrator then uses the information to steal the target's identity or to sell that identity to others. Users need to be educated not to give away personal information in response to an unsolicited email.

One of the newest Phishing schemes is to send a fraudulent text message to a cell phone user. The concept is the same; someone is trying to obtain sensitive information.

How to Recognize This Threat:
Official looking and sounding messages that urge immediate action to update sensitive financial and identity information.

What Should I Do:
Avoid clicking on a link within the text of a suspect email. Avoid responding to a cell phone text message that urges immediate action or requests you to update sensitive personal information. Delete the message immediately from the Inbox, the Trash box, and/or from your cell phone. If you are concerned that the message may be real, then open your Web browser and type in the URL of the site that you wish to visit. If you have up-to-date anti-virus software, which helps guard against Pharming (see Pharming), this procedure should take you to the legitimate site. You can also call the company customer service department, using a telephone number on a bill or other paper-based documentation from that company. There are also mutual authentication technologies available that allow you to verify that the sender is legitimate and trusted.