Phishing, the use of legitimate looking e-mails that attempt to trick people in to giving out personal information, is on the rise. It's not hard to see why. Rather than digging through mounds of data looking for credit card numbers, social security numbers, and bank account info, criminals can now just send e-mails to millions of people hoping that some will be tricked in to revealing their information. All it takes is a very small percentage to make the e-mail work worth the effort.
Fortunately, consumers are taking notice of the media coverage and are more aware of phishing than ever. The bad news is that 33% of these same consumers are shopping less online because of the threat of phishing. In the short-term, this may not be a concern, but if the trend continues, online retailers are going to have a real problem on their hands.
CIO magazine offers these 3 best practices to combat phishers and reduce the numbers of people tricked.
- Use your website to educate customers about fraudulent sites.
- Make it a policy not to ask customers for personal information via e-mail.
- Have a process in place to take action against phishers when attacks occur, and to reassure customers.
I'll add one more to the list. Whenever corresponding with customers via e-mail, include a one-liner that re-iterates your company's policy that you will never ask for account information via e-mail. If customers see this message enough times then maybe they'll remember it the next time they're inclined to follow through on a request from a phishing e-mail.