What is Phishing?
(phish´ing) (n.) The act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
How Phishing Works
The email directs the user to visit a website where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers—information that the legitimate organization already has. However, the website is bogus and set up only to steal the user's information.
For example, users might receive fraudulent emails supposedly from major financial institutions or online services claiming that the user's account is about to be suspended unless they click on the provided link and update their credit card information. Because it is relatively simple to make a website look like a legitimate organization's site by mimicking the HTML code, scammers count on people being tricked into thinking they are actually being contacted by the real company and are subsequently going to a legitimate site to update their account information.
By sending these emails to large groups of people, the "phisher" counts on the email being read by a percentage of people who actually have accounts with the targeted organization and will be tempted into biting on the bait.
Also Known As
Phishing is also referred to as brand spoofing or carding. The term "phishing" is a variation on "fishing," with the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.
Related Terms
Other forms: phish (v.) — to engage in phishing activities
Protect Yourself
If you receive suspicious emails or communications claiming to be from Rivertrust FCU:
- Never click links in unsolicited emails
- Do not provide personal or account information
- Forward the email to our security team
- Call us directly at our official phone number
- Visit our website directly by typing the URL in your browser