Phishing involves convincing consumers to divulge personal financial information on fraudulent web sites. For example, a consumer might receive an e-mail message from a phisher asking the recipient to click on a link in the e-mail to confirm account information. The web site the consumer is directed to is a fake or copy of the real web site. When the consumer enters the financial information, the phisher acquires all information needed to access the consumer’s bank account or commit other forms of identity theft.

Pharming is a similar, but more sophisticated, process. When the consumer simply opens the e-mail message, a virus installs a software program on the user’s computer. When the consumer tries to go to an official web site, the pharmer’s program redirects the browser to the pharmer’s fake version of the web site. The pharmer then learns the consumer’s financial information when that information is typed in the fake web site. Another form of pharming bypasses the e-mail message. A virus can be placed on a computer that tracks a user’s typing while on legitimate sites, thus stealing passwords and other sensitive information.

Some tips to help avoid this type of identity theft include:

• Do not use links in an e-mail message to go to a web page. Type the address directly in your browser.

• Avoid completing forms in e-mail messages that ask for personal financial information.

• Use a secure web site when submitting credit card or other financial information.

• Regularly check bank, credit card, debit card, and brokerage statements to make sure all transactions are legitimate.

If you believe you are a victim of this type of identity theft or receive this type of e-mail message, forward the e-mail message to:

• The Federal Trade Commission at spam@uce.gov
• The company that the phisher or pharmer is targeting
• The Internet Fraud Compliance Center of the FBI by filing a complaint at www.ifccfbi.gov