Gone Fishing . . . Rrrrrr: Gone Phishing
Don't get caught!
Phishing - general UPDATE: The following is a Phishing Scam I received from "Citi Bank". |
|
![]() |
What is phishing?
Phishing (pronounced "fishing") is a type of online identity theft. It uses email and fraudulent websites that are designed to steal your personal data or information such as credit card numbers, passwords, account data, or other information. Con artists might send millions of fraudulent email messages with links to fraudulent websites that appear to come from websites you trust, like your bank or credit card company, and request that you provide personal information. Criminals can use this information for many different types of fraud, such as to steal money from your account, to open new accounts in your name, or to obtain official documents using your identity. For more information about phishing scams, see Email and web scams: How to help protect yourself. |
![]() |
What should I do if I receive an email phishing scam?
If you think you've received a phishing scam, delete the email message. Do not click any links in the message. |
![]() |
How do I report a possible phishing scam?
You can also use Microsoft tools to report a suspected phishing scam.
|
![]() |
What should I do if I think I've responded to a phishing scam?
Take these steps to minimize any damage if you suspect that you've responded to a phishing scam with personal or financial information or entered this information into a fake website.
For more information, see What to do if you've responded to a phishing scam. |
![]() |
How do scammers get my email address or know which bank I use?
Criminals who send out phishing scams (often called "phishers") send out millions of messages to randomly generated email addresses. They fake or "spoof" popular companies in order to fool the largest number of people. For more information, see How do spammers get my email address? |
Recognize phishing scams |
|
![]() |
Can an email message that contains a company's official logo be a phishing scam?
Yes. Phishing scams often use the official logos of the companies they're trying to spoof. If you think an email message is a phishing scam, delete it, or type the web addresses directly into your browser, or use your personal bookmarks. |
![]() |
Can I tell if an email message is a phishing scam just by reading it?
Not necessarily. Phishing email messages often include official-looking logos from real organizations and other identifying information taken directly from legitimate websites. They might also contain phrases like:
For more information, see Can you spot the 6 signs of a scam?. |
![]() |
I received an email message (although it was not sent to my correct email address) that requests banking information. Is that a phishing scam?
Any email message that requests banking information is probably a phishing scam. Most legitimate banks will not request this information by email. If you receive a message to an email address that is not the one you use to log in to your bank account, this is probably a phishing scam. |
![]() |
I received an email message telling me I'd won the Microsoft Lottery. Is this a phishing scam?
Yes, this is a type of phishing scam known as "advance fee fraud." To learn more, see You have not won the Microsoft Lottery. |
Prevent ID theft from phishing scams |
|
![]() |
What can I do to help prevent identity theft from phishing scams?
You can do the following to help protect yourself from phishing scams:
|
![]() |
What Microsoft email programs can help protect me from phishing scams?
Most Microsoft email programs come with built-in anti-phishing detection. This detection helps prevent fraudulent email messages from reaching you in the first place. Anti-phishing detection automatically deletes the email message or moves it to the junk folder depending on the degree of probability that it is a fraudulent message. If a message is moved to the junk folder, your email program notifies you of the threat. The following programs include anti-phishing detection: |
![]() |
How can Internet Explorer help protect me from phishing scams?
Internet Explorer includes the SmartScreen Filter, which can help protect you from web fraud and personal data theft. To learn more, see SmartScreen Filter: frequently asked questions. |
![]() |
What is the SmartScreen Filter?
The Microsoft SmartScreen Filter is a feature of Internet Explorer 7 and Internet Explorer 8. It's designed to help protect you from fraudulent websites that try to steal your personal information. While you surf the Internet, SmartScreen Filter analyzes pages and determines if they have any characteristics that might be suspicious. If it finds suspicious web pages, it shows a yellow warning and advises you to proceed with caution. If the site matches an updated list of reported phishing sites, SmartScreen Filter notifies you with a red flag that it has blocked the site for your safety. To learn more, read SmartScreen Filter: frequently asked questions. |
![]() |
What does it mean when a website is flagged yellow and "suspicious"?
A suspicious website has some of the typical characteristics of phishing websites, but it is not on the list of reported phishing websites. The website might be legitimate, but you should be cautious about entering any personal or financial information unless you are certain that the site is trustworthy. To learn more, read SmartScreen Filter: frequently asked questions. |
![]() |
What does it mean when a website is blocked and flagged in red as a reported phishing website?
A reported phishing website has been confirmed by reputable sources as fraudulent and has been reported to Microsoft. We recommend that you do not give any information to such websites. |