Consumer Protection Division
(208) 334-2424 or
Toll-free at (800) 432-3545

Media Contact: Bob Cooper
(208) 334-4112

Date: February 10, 2004


Do not respond to e–mails requesting private financial information

(Boise) - Idahoans should not reply to e–mails requesting passwords, credit card or personal account information, Attorney General Lawrence Wasden said.

"This is an illegal attempt to obtain private financial information and to steal your identity also known as 'phishing,'" Attorney General Wasden said. "Legitimate companies do not send e–mails requesting personal financial information," Attorney General Wasden warned.

The Attorney General's Consumer Protection Unit is receiving calls and e–mails primarily concerning three phishing scams.

The most common phishing scam is an e–mail message that appears to be from a bank, Internet service provider, or other legitimate company with which the recipient does business. Paypal, Visa, Citibank, and Earthlink are common examples. These e–mails look like they were sent from the company's e–mail system, and they use well-recognized logos and copycat graphics to appear legitimate. They typically contain an urgent request for credit or bank account information to prevent fraudulent transactions or to update, maintain, or prevent suspension of, the account.

"Do not be fooled, legitimate companies do not request sensitive information of this kind by e–mail," Attorney General Wasden said. "If you receive one of these e–mails, do not reply to the link contained in the e–mail. Go to the companies website and forward the suspicious e–mail directly to the business or entity which purportedly sent it."

The second type of scam is a phony Federal Deposit Insurance Corporation (FDIC) e–mail being sent to citizens in Idaho and around the nation. The e–mail states, due to suspected violations of the USA PATRIOT Act in the recipient's bank account, the FDIC has suspended deposit insurance on the bank account at the direction of Department of Homeland Security Secretary Tom Ridge, and in cooperation with other federal and state government agencies. This e–mail is nothing more than a deliberate attempt to steal citizen's personal identity.

Similarly, a phone scam has been reported to the Attorney General's Office. Callers have falsely told consumers they are employees of the Social Security Administration and requested social security and bank account numbers. Unauthorized withdrawals were subsequently made from the consumers' bank accounts.

The third e–mail scam is designed to alarm recipients into submitting their personal financial information to avoid a highly objectionable transaction. The most recently reported example of this phishing scam is an e–mail thanking the recipient for an order for child pornography. The e–mail asks the recipient to provide financial information to decline the charges if the order was made in error.

"Identity thieves frequently pose as representatives of a trusted company or governmental agency. And, sometimes, they make no effort at all to camouflage the fact that they are crooks - they try to scare consumers into thinking they will be considered criminals, too, if they do not undo a phony deal," Attorney General Wasden said. "No matter how someone goes about phishing for your personal and financial information, you should never provide passwords, credit card or social security numbers, or other highly personal information to anyone who contacts you whether the request comes by phone or e–mail."

"I encourage consumers to search the Internet for useful information on phishing in order to stay informed on evolving forms of the crime. Those who believe they may be victims of identity theft should immediately contact their local law enforcement agency, as well as the major credit reporting agencies," Wasden said.

- End -

File a Consumer Complaint St. Luke's Antitrust Case Other Consumer Topics Protect Yourself from Identity Theft Consumer Manuals Consumer Alerts Information on the National Do Not Call List Idaho Gasoline Issues