Now that we have gone over what phishing emails are and how to identify them, you are left with the issue of what to do with them. Scam emails can be handled in a number of different ways.
First of all, never reply to the email, whether via a return email, snail mail, telephone or any other means of communication. This only serves to further engage the phisher and at best, you will never get rid of him. At worst, he may be able to glean enough personal information from you over time to steal your identity without you realizing it. If you do not wish to report the email to anyone, simply delete it.
Many companies, such as PayPal, have an email address to which you can forward a suspected spoof email, with headers. A search of the company’s contact information page should reveal this email address. Many websites use “firstname.lastname@example.org” for reporting phishing attempts carried out using their information. Typically, the company will also email you back after investigation and confirm whether the email you received was in fact a scam.
You can also report the scam email to the Internet Crime Complaint Center (IC3) in the U.S. This organization, which works with the FBI, takes complaints from people who have actually had their identities or money stolen. You may also file a complaint if you did not turn over information or money to the scammer, as it was still an attempted crime.
If you are tech-savvy, you can determine the ISP from which the email originated and report it to them. The ISP may shut down the scammer’s email account, which will not stop them altogether but will give them one less email address with which to scam. Before taking this step, you should make sure you do not recognize the originating email address. If you do, it is possible that the true owner of the address was hacked and his or her address book used to send out fraudulent emails. Contact the owner and advise him or her of the situation so that the email account’s password can be changed.
If you or someone you know has fallen prey to a phishing scam, do not delay in restricting access to your name. Immediately change passwords for your email and all websites with which you do business, especially sites that have access to your banking or credit card information. Place a fraud alert on each of the three major credit reporting bureaus, so that the scammer cannot open new lines of credit in your name. Finally, lodge a complaint with the IC3.
Click the links below for parts one and two of this series!