Division of Consumer Affairs officials issued warnings on phishing emails seeking to obtain personal information, which can often appear to be legitimate.

Some of the most common phishing emails include false Facebook notifications and warnings of unauthorized transactions on your account. However, once a viewer clicks the box to read further information, they are taken to a different site.

“Understand that fraudsters will use whatever means at their disposal to dupe an unsuspecting person into surrendering their personal information,” Gary Cordell, Commerce and Insurance Consumer Affairs director,said in a prepared statement. “We even have seen emails claiming to be from the New York Division of Unemployment Assistance, stating that the recipient of the email is required to supply information related to a former employee after clicking on a link.”

Some phishing emails threaten a dire consequence if you don’t respond and even direct you to a legitimate-looking website. However, the purpose of the site is to convince recipients of the email to divulge personal information.


Consumer Affairs offers these tips to help you avoid getting hooked by a phishing scam:

-Do not reply to email or pop-up messages that ask for personal or financial information, and do not click on links in the message.

-Do not cut and paste a link from the message into your Web browser; phishers can make links look like they go one place when they actually send you to a different site (hovering your mouse pointer over the link can help you uncover the real address).

-If you need to reach an organization you do business with, call the number of your financial institution on the back of your card, not the number listed on an email. And you always have the option of visiting the business in person.

-Use anti-virus and anti-spyware software, as well as a firewall, and update them regularly.

-Do not email personal or financial information.

-Be cautious about opening any attachment or downloading any files from emails that you receive, regardless of who sent them.

-Forward phishing emails to [email protected]and to the company (in the Facebook example, the address would be [email protected]), bank or organization impersonated in the email.