Fishing: rod, reel, bait, picnic basket and a sunny, lazy day
Phishing: illegal act to fraudulently obtain sensitive information
Just recently, our bureau received an alert from GSA’s Office of Charge Card Management to inform our cardholders of a new phishing scam involving another government agency’s employee. Cardholders must be constantly vigilant of the types of activities that are being used to fraudulently obtain information.
Phishing is any type of trick used to deceive cardholders into giving personal information: their social security number, charge card number, banking information, passwords, etc. Emails that convey the need for urgent or immediate action often come from what appears to be a legitimate bank address. The email could have a link that the individual is asked to click to verify account information or provide an 800 number to call. Recipients should never click on the link. It could take them to what might appear as a legitimate site, but will actually go to the scammer. Cardholders should never call the 800 number given in the email but rather call the 800 number on the back of their charge card. Cardholders should always be suspicious of telephone calls requesting verification of any information on their charge card.
Our charge card vendor advises us that they would never:
- address an email to “Dear Cardmember”. If it is truly valid, the recipient’s name would be used.
- ask for passwords or request to update personal information via unsolicited emails or telephone calls.
Our bank has also assured us that when cardholders are contacted by the bank, bank employees will properly identify themselves and will not ask for account related information until proper identification occurs.
Individuals who feel they may have received a phishing email from what appears to be from the bank are asked to forward it to the bank for investigation.
In our bureau, the IT Security Department is also notified when these types of activities occur.
By educating and keeping cardholders informed of phishing techniques, perhaps we can reduce the number of individuals who might become victims of phishing and they can spend their time fishing!
The contents of this message are mine personally and do not reflect any position of the Government or my agency.