You've got mail! You open it up and it's an important e-mail from your bank requesting you to verify a purchase made with your debit or credit card. It instructs you to click on a link below if you did not make this purchase. You know you didn't make the purchase, so of course you're going to contest it. You click on the link and follow the instructions to provide your name, card number, expiration date, PIN and the three digit code on the signature panel. You assume that the problem is solved! Why would your bank need all that information? Shouldn't they already have it?

You've been phished. 

What is it? Phishing is a form of Internet fraud that aims to steal valuable personal and financial information such as debit or credit cards, social security numbers, Access IDs and Passwords.

How is it done? Phishing is accomplished by the following means:

• The creation of unsolicited e-mails claiming to be from legitimate companies you may or may not do business with.
• The e-mail asks you to click on a link that will bring you to a fake website that resembles the authentic site.
• You are asked to provide valuable information about yourself or to "verify" information you've previously provided to obtain the service.
• You may be threatened that a specific service will be terminated or restricted if you do not respond to their e-mail.

Prevention Tips - Do's and Don'ts:

• Do not give out personal or financial information via an e-mail request. Peoples Trust Company will never ask our customers to provide, update or verify any personal or financial information through an e-mail request or a pop up window. Please report suspicious or phishing e-mails to Peoples Trust Company by calling 1-800-479-2196 or 1-802-524-2196.
• Do not use the links in an e-mail to get to a bank or businesses Web page. Do your own typing. Type the web address you have on file for them directly into the web address bar.
• Do not respond to the e-mail request. It could harm your computer through viruses or malware.
• Do not be tricked into thinking the e-mail request is legitimate. Investigate by directly contacting the bank or business through information you already have for them.
• Do be suspicious of any e-mail that requests personal or financial information from you. Question why you are being asked. Wouldn't the bank you do business with already have this information?
• Do install a firewall and antivirus software on your computer. Be sure to keep both updated.
• Do report if you suspect that you have responded to a phishing e-mail. Be specific on what information was included in the response e.g. card number, account information, name etc.
• Do report suspicious e-mails to the bank or business that was forged. You may also want to:
  • Forward the e-mail to reportphishing@antiphishing.org
  • Forward the e-mail to the Federal Trade Commission at spam@uce.gov.

What to do if you've been Phished:

• Locate the phishing e-mail and forward to the appropriate bank or business.
• Make a list of the personal or financial information you gave out.
• Determine who you need to contact to report the loss of this information.
• Contact your bank immediately if you have given out bank account information like your debit card, credit card, PIN, Access ID, Password or Checking Account information.
• Change your Passwords if you've given out your Online Banking credentials.

• If you have given out personal identifying information such as your name, Social Security Number, address or date of birth, contact one the three major credit reporting agencies to request that a fraud alert be placed on your credit file.

• Equifax 800-525-6285 www.equifax.com
• Experian 888-397-3742 www.experian.com
• TransUnion 800-680-7289 www.transunion.com