There's a popular type of Internet piracy called "phishing." It's pronounced "fishing," and that's exactly what these thieves are doing: "fishing" for your personal financial information. What they want are account numbers, passwords, Social Security numbers, and other confidential information that they can use to steal from your checking account or run up bills on your credit cards.

In the worst case, you could find yourself a victim of identity theft. With the sensitive information obtained from a successful phishing scam, these thieves can take out loans or obtain credit cards and even driver's licenses in your name. They can do damage to your financial history and personal reputation that can take years to unravel. But if you understand how phishing works and how to protect yourself, you can help stop this crime.

    Here's how phishing works:
  • In a typical case, you'll receive an email or phone call that appears to come from a reputable company that you recognize and do business with, such as your financial institution.
  • The email / caller will probably warn you of a serious problem that requires your immediate attention. The email / caller will then encourage you to click on a button to go to the institution's website or ask you to confirm certain information.
  • You will most likely be asked to update your account information or to provide information for verification purposes.

If you provide the requested information, you may find yourself the victim of identity theft.

    How to avoid phishing scams and protect yourself:
  • Review the sender’s email address to confirm it is not forged. Specifically look at the domain name. For example, all emails from APGFCU will have the senders name followed by the domain name ""
  • Never provide your personal information in response to an unsolicited request. Emails, Phone Calls, and internet pages used by phishers may look exactly like the real thing.
  • If you believe the contact may be legitimate, contact the financial institution yourself. The key is that you should be the one to initiate the contact, using contact information that you have verified yourself.
  • Never provide your password over the phone or in response to an unsolicited internet request. A financial institution would never ask you to verify your account information online.
  • Review account statements regularly to ensure all charges are correct. If your account statement is late in arriving, call your financial institution to find out why. If your financial institution offers electronic account access, periodically review activity online to catch suspicious activity.
    You can report "phishing" or "spoofed" e-mails to the following groups:
  • Forward the email to the Federal Trade Commission at
  • Forward the email to the "abuse" email address at the company that is being spoofed
  • When forwarding spoofed messages, always include the entire original email with its original header information intact
  • Notify the Internet Fraud Complaint Center of the FBI by filing a complaint on their website: