Consumers worldwide are learning quickly not to give out their information over the phone. They’re getting wary of even verifying last four digits of their Social Security number at the bank, or giving a credit card number out loud with anyone around. But even if you keep all of your personal information quiet, it’s surprisingly easy to slip up on the Internet and get yourself into trouble. How do you know when you’re dealing with a legitimate company, or a professional scam artist?

If you’re not familiar with the term, “phishing” is one way that scammers fraudulently try to obtain your personal information, including access to your accounts or credit cards. Internet-savvy con artists pose as a particular company then send emails out to a whole list of addresses, often with no knowledge of whether those recipients actually have accounts with that company or not. They usually tell you that they need you to verify some information, then use whatever details you give them at your expense.

While you don’t need to be paranoid about every financial or credit-related email that crosses your inbox, you should be skeptical about anything unexpected until you verify its legitimacy. Following are some red flags to watch out for, and a few ways to find out whether an email is authentic.

Some of the basics of identifying phishing attacks have been covered in earlier Tech Beat articles, such as how to check email addresses on potential phishing messages, and the Web addresses they direct you to. Visit redwoodtech.org and search for “phishing” for further information.

Surprisingly, the quickest, easiest and often overlooked things to watch for in suspicious emails include writing quality and accuracy of the company name. Some of the fraudulent emails I’ve seen concerning the credit union I work for haven’t even gotten our name right. You may also receive phishing emails with major spelling errors, even messages obviously written by someone without full grasp of the English language. With many scams attempting to direct personal information to foreign countries, this can be an obvious tip-off.

Keep in mind how each company normally communicates with you – if you’ve never received email from them before, a sudden email message might be odd. You may receive newsletters and general information from time to time, but anything requesting personal information from you is suspect. Think back and determine whether you’ve ever given your email address to this organization. Do you have an established email relationship with them? If not, you may want to hold back on submitting information online.

Whenever asked for sensitive information, stop and ask yourself whether this company should already have this on file. You generally provide your financial institution and credit card companies with things like your Social Security number, birth date, and address – there should be very little reason for them to ever request this from you again, least of all in an unexpected email. Entering an account number to log can be understandable, but usually not your entire credit card number. If a company you do business with is requesting standard information from you online, this sounds “phishy.”

If you don’t even have an existing relationship with the company, do not accept an unexpected email as proof that a credit card or account is out there with your name on it. If it’s a well-known organization, visit their website to find contact information (or look them up in the phone book) and ask whether the email is legitimate. Don’t necessarily trust the contact information provided in the email. If you’ve never heard of the company before, there’s a possibility that the entire outfit is fictional. Always search the Internet for their website – anyone who’s emailing you ought to have an Internet presence. It’s pretty weird if they don’t. Also search for the company name and “scam” (i.e. “U.S. Bank scam”) or include clips of information from the email, like “verify account information” or “online account locked.” There are many scam sites that log reports from users across the globe; if someone has already reported what you’ve received as a phishing attempt, this may help alert you to the problem.

The bottom line is of course to always use caution where your credit and finances are concerned. Keep an eye on your credit reports and account statements, even if you think everything is OK. Even when you’ve done everything right, it’s hard to be completely safe. Keeping tabs on your accounts helps you identify unexpected and/or fraudulent transactions before it’s too late to dispute them.

# # #

Christi Coffman is a Marketing Assistant with Coast Central Credit Union, specializing in web design. She is a member of the Redwood Technology Consortium (www.redwoodtech.org).

Copyright 2009, Eureka Times-Standard Newspaper. The print version of this article first appeared in the 11/12/09 edition of the Times Standard.