Account hijacking is a form of identity theft, one of the fastest-growing types of consumer fraud. Identity theft is when someone uses your personal identifying information (e.g., name, address, social security number, financial institution account number, username or password) to commit fraud.
In account hijacking, the criminal uses phishing (tricking you into giving out your information) or hacking (breaking into your computer) to get your personal information. They then use this information to access current financial accounts or create fraudulent new accounts. A recent study estimated that nearly two million Internet users in the U.S. experienced this form of fraud in 2003.
Check financial institution web sites for alerts: Some financial institutions place alerts on their web sites with examples of spoofed (phishing) emails and subject lines. They also provide toll-free numbers and email addresses for reporting identify theft, links to the Federal Trade Commission and other agencies, and advice for preventing and reacting to account hijacking. Check your financial institutions’ sites for this information.
Do not respond to emails from financial institutions with personal information: Phishing attacks send email to a large number of people, hoping that some of them will have accounts at the spoofed financial institution and respond with their personal information. Reputable financial institutions will not ask for your personal information by email.