Phishing is a form of fraud that primarily uses email to trick people into releasing sensitive information such as passwords and personal details. Tracking down these fraudsters begins with public cooperation, and it is up to you to report phishing activity as the first essential element of any anti-fraud action. Many people, however, do not fully understand phishing and might not know how to report phishing activities when discovered. To report phishing, you must be able to recognize phishing attempts and know which government agency is responsible for anti-phishing efforts.
Identification must be the first step in any effort to report phishing. This is no simple task. These emails often appear to come from trusted businesses or organizations such as banks. They often include logos or similar advertising images and seem to be genuine. Phishing emails can be most easily identified by their contents.
Usually, these emails will ask for confirmation of details for one reason or another. Most often, there is an element of urgency because of some emergency such as a computer error or a supposed breach of security. They typically will provide a link that seems to lead to the business’s website, but this also is counterfeit. After logging onto this fake page, the victim might provide any requested information such as credit card numbers, passwords or personal details used for identification.
Businesses use confirmation details when a customer initiates contact. Genuine businesses do not request identification when initiating the contact. Any unsolicited email requesting personal information is likely to be fraudulent. It is up to you to report phishing or suspected phishing communications to the appropriate agencies and organizations.
Governmental bodies are able to pursue any criminal investigations regarding phishing. For instance, in the United States, members of the public are able to report phishing to the U.S. Computer Emergency Readiness Team. In most jurisdictions, local or national law enforcement officials also are able to handle complaints either by investigating them directly or by passing the information on to the relevant agency. A simple online search will provide contact details for the authorities in your region, or you can call your local police to find out where to report a phishing attempt.
The impersonated business or agency also should be contacted and informed of any suspected phishing activity. Of course, no contact details on the suspect email should be used to report phishing, because these details almost certainly are fraudulent. Previous correspondence such as a bill or statement should have a contact number or email address, and a quick online search usually will produce a point of contact for the business. Similarly, if you are unsure whether an email is genuine or fraudulent, you can use this method to query the email and learn whether it is real.