Visa Inc. security professionals want to welcome National Consumer Protection Week with stronger awareness about e-mail phishing scams. In a statement to reporters and on a new, Visa-branded security website, the company's fraud researchers offered five steps to reduce the threat of identity theft and financial loss.
1. "Consider all email requests for personal or payment information to be suspicious."
Credit card issuers already know the names and personal details of their customers, the researchers explain. Banks won't use email to ask for contact information, or for help updating any lost records in a database.
2. "Be cautious about clicking on links in unsolicited email that you receive."
Even a link that appears legitimate could get re-routed to a rogue server that looks similar to a secure banking website. Instead, researchers suggest that consumers should always launch a fresh browser window and type the URL for a bank directly.
3. "Check the legitimacy of any email inquiry requesting your personal or payment information by looking up the company's phone number separately and calling to verify the request."
Crafty scam artists have learned how to pirate actual customer service email, replacing key contact information with their own return addresses and phone numbers. Researchers advise consumers to only call the customer service phone number listed on the back of a credit card.
4. "Watch for typos and bad grammar. These are warning signals that an email may be fraudulent."
Credit card issuers employ experienced marketing professionals to craft customer service messages. Unusual capitalization, foreign spelling and language that doesn't fit a bank's brand voice can all signify a phishing attempt.
5. "Use spam blockers and keep your anti-virus software up to date."
Networked spam filters can watch for phishing attacks in real-time, pulling fraudulent mail from users' inboxes before it can cause harm. Pop-up blockers and operating systems that require passwords to install new software can prevent malware from surfacing on targeted computers.