Internet Safety

Be Aware of Phishing and Spam Scams


What is Phishing?

Phishing is the criminal practice of trying to get people to reveal personal and/or financial information by sending unsolicited email (spam) claiming to be from banks or other companies. These emails usually claim the user's information needs to be updated and requests that they click on a link in the email, taking them to a web page to update their information.


The web page may look like the page the user normally sees for their bank (or credit card company or other business), but in fact it is a copy and the criminals are able to capture all of the personal and financial data the user enters. No legitimate company will ever send out this type of email! No matter how real the page looks, it is a phishing scam!

What is Spam?

Spam is unsolicited email, usually sent out in bulk. Virtually no legitimate company will use this method of advertising. Spam usually promises something too good to be true... a free car, TV, expensive gift card, outlandish earn from home opportunities, drugs at deeply discounted prices, and more. Even notices that you have won a lottery or someone has money for you.


Why is it called Phishing?

Years ago there was a crime which involved tricking the telephone system into providing free long distance calls. The people who did this were known as "Phone Phreaks" taking the "Ph" from phone and using it to replace the "F" in freaks. These crimes were largely committed by amateurs who used electronic boxes to emit tones that would dial a phone. As electronic crime moved into the internet and personal computer era the "Ph" substitution moved with it. When criminals send out email seeking personal financial information they are in fact "fishing" for victims. There are casting their net into the water and seeing who will bite.

Why is it called Spam?

This term comes from a skit by the Monty Python's Flying Circus television program, originated on the BBC in Great Britain. In the sketch, a restaurant serves all its food with lots of spam, and the waitress repeats the word several times in describing how much spam is in the items. When she does this, a group of Vikings in the corner start a song:

"Spam, spam, spam, spam, spam, spam, spam, spam, lovely spam! Wonderful spam!"


…Until they are told to shut up. Thus the meaning of the term is something which keeps repeating and repeating to great annoyance. It was first applied to unsolicited advertising in a part of the internet known as Usenet.


Phishing and Spam Examples and Resources


General Information about Email and Websites


  • A financial institution's webpage should never be accessed from a link provided by a third party. It should only be accessed by typing the Web site name, or URL address, into the web browser or by using a "book mark" that directs the web browser to the financial institution's website.
  • A financial institution should not be sending e-mail messages that request confidential information, such as account numbers, passwords, or PINs. Financial institution customers should be reminded to report any such requests to the institution.
  • Financial institutions should maintain current Web site certificates for secure web pages. A secure web page is one in which the internet address begins with "https." Ordinary web page addresses begin with "http." Pages in which you view or conduct financial transactions or submit personal or financial information should be secure web pages.
  • To check the certificate properties of a secure website right click in any clear (white) area of the page and then:
  • In Netscape Navigator – select "View Page Info"
  • In Microsoft Internet Explorer – select "Properties"