Safety Library

Tips, Tutorials, and Checklists to help manage ministry risks

Protecting Yourself from Email Crime

A person using email, aware of online scams

There’s a new group of Internet criminals “trolling” the Web for a bite from a trusting email user—and it could be you!

The next time you receive a message from your favorite online auction site or banking service, watch out. You may have received an email that looks like it came from a legitimate company, when in fact it came from a thief.

How Does It Work?

These “phishermen” try to trick you into giving away your personal information by baiting you with an email that looks like it came from a trusted company such as Citi-bank, Earthlink, eBay, or America Online.

Masked with stolen corporate logos and bogus return email addresses, these messages typically claim there’s some kind of problem with your account. To solve the problem, they encourage you to “verify” your identity or your account information by following a link to a mock version of the corporate website.

If you follow the link, you’ll see a page that uses the same look and feel as the real site. There, you’re asked to enter personal information such as your Social Security number, bank account numbers, credit card numbers, and more.

If you take the bait, the thieves will have enough of your personal information to max out your credit card or open a mortgage in your name. Aside from the immediate financial pain you’ll feel, you could spend months or years dealing with collection action, lawsuits, bankruptcy, foreclosure, or even criminal charges.

How Do I Avoid This?

Prevention is always the best medicine. Scammers are counting on you to be off your guard and trusting. Take a good, long look at a message before you take a bite. The Federal Trade Commission offers this advice:

  • Do not follow the links. If you get an email that warns you, with little or no notice, that an account of yours will be shut down unless you reconfirm your billing information, do not reply or click on the link in the email. Instead, contact the company cited in the email using a telephone number or website address you already know to be genuine—such as one you’ve used in the past or found on a billing statement.
  • Never send personal information through email. Avoid emailing personal or financial information at all. Before submitting financial information over a website, look for the “lock” icon on the browser’s status bar (located in the lower right corner of the browser window). This icon indicates that your information will be transmitted securely.
  • Review your statements. Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
  • Report it. Report suspicious activity to the FTC. If you get spam that is phishing for information, forward it to spam@uce.gov. If you believe you’ve been scammed, file your complaint. Then visit the FTC’s identity theft website to learn how to minimize your risk of damage from ID theft. Visit the FTC's spam website to learn other ways to avoid email scams and deal with deceptive spam.