Identity thieves impersonate trustworthy sources or create fictitious reasons to contact consumers to try to get personal information -- such as Social Security numbers, birthdates, passwords, credit card or bank account information.
- Phishing is conducted by electronic communication, usually e-mail.
- Vishing is a form of phishing conducted by phone. The name comes from Voice Over Internet Protocol phishing.
- Smishing is a form of phishing conducted by text message. The name comes from Short Message Service phishing.
- Consumer is contacted saying there is a problem with an account and is asked for personal or financial information.
- Consumer feels pressured to respond urgently, give personal information, or make a purchase or donation.
- Correspondence has several misspellings and obvious grammar mistakes; it may appear to be from someone outside of the country.
Account or Order Problem: Cons impersonate banks, credit card companies, shipping companies or retailers. They contact consumers saying there is a problem with an account or purchase. They ask to verify personal or financial information to fix the problem. Beware: unsolicited e-mail and text message attachments and links can download viruses that gather personal information. Links can also connect to websites that look like the real business or organization sites, but are fake sites made to look like the real thing. Entering personal or financial information into these sites can lead to identity theft.
Purchase or Donation Solicitation: A business or charity representative solicits for financial information or an immediate investment for their product or cause -- without giving time to research the offer.
Personal Emergency: An unknown individual pleas for help regarding a personal emergency, tragedy, inheritance or financial opportunity. Their correspondence often includes instructions to forward money to them or a third-party. However, it turns out to be a fraudulent ploy to collect personal or financial information.
- Never provide personal information to an unexpected contact. If told there is a problem with an account or order, contact the bank or business at the number you know and trust to verify the problem. Don't use contact information provided by the contact.
- Don't download attachments or click on links in unexpected e-mails. Contact the business through means you know and trust.
- Research businesses and charities. Visit
to check out businesses and charities before buying and donating.
Verify charity legitimacy. Charities are normally required to register with the state they are soliciting in.
Avoid telemarketing calls. Register with the National Do Not Call Registry to avoid telemarketing calls by visiting www.DoNotCall.gov or calling 888-382-1222. This does not prevent charity or political calls.
Keep anti-virus and anti-phishing software up to date.
If victimized by a business or charity, file a BBB complaint at www.bbb.org.
Report unwanted phishing, vishing or smishing to the:
- Federal Trade Commission at www.ftc.gov.
- Internet Crime Complaint Center, at www.ic3.gov, if contacted by internet or e-mail.
If con artists are impersonating a business or organization, let the real entity know about the scam.