Phishing is a type of deception designed to steal your personal data such as credit card numbers, passwords or account data.

Con artists might send millions of fraudulent email messages that appear to come from websites you trust, like your bank or credit card company, and request that you provide personal information.

As scam artists become more sophisticated, so do their phishing email messages and pop-up windows. They often include official-looking logos from real organizations and other identifying information taken directly from legitimate websites.

To make these phishing email messages look even more legitimate, the scam artists may place a link in them that appears to go to the legitimate website. But it actually takes you to a phoney scam site or possibly a pop-up window that looks exactly like the official site.

These copycat sites are also called "spoofed" websites. Once you're at one of these spoofed sites, you might unwittingly send personal information to the con artists.

How to tell if an email message is fraudulent

Here are a few phrases to look for if you think an email message is a phishing scam.

Verify your account
Businesses should not ask you to send passwords, login names, social insurance number or other personal information through email.

Your online account is suspended!
These messages convey a sense of urgency so that you'll respond immediately without thinking. Phishing email might even claim that your response is required because your account might have been compromised.

Dear valued customer
Phishing email messages are usually sent out in bulk and often do not contain your first or last name.

Click the link below to gain access to your account
Specially formatted messages can contain links or forms that you can fill out just as you'd fill out a form on a website.

The links that you are urged to click may contain all or part of a real company's name and are usually "masked," meaning that the link you see does not take you to that address but somewhere different, usually a phoney website.

Con artists also use Uniform Resource Locators (URLs) that resemble the name of a well-known company but are slightly altered by adding, omitting or transposing letters. For example, the URL "www.ecusolutions.com" or "www.wcecu.com" could appear instead as:

www.solutions.com
www.verify-wcecu.com

Related Links:

• Member Scam Protection Brochure
• PhoneBusters website - Run by the Ontario Provincial Police
• Reporting Economic Crime Online (RECOL) - Internations, Federal and Provincial Law Enforcement Agency Partnership