“Phishing” (also known as carding and spoofing) is a form of social engineering, characterized by attempts to fraudulently acquire sensitive information, such as passwords, sensitive personally identifiable information or credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an e-mail or an instant message. The term “phishing” arises from the use of increasingly sophisticated lures to “fish” out users’ financial information and passwords. For more information about “phishing,” visit the Anti-Phishing Work Group Web site at http://www.antiphishing.org.

ChoicePoint does not ask consumers to verify sensitive personally identifiable information nor do we ask customers to confirm their account information via e-mail or an instant message. In particular, we do not send e-mail to consumers or customers asking them to verify this information.

If you have been a victim of phishing, we recommend that you immediately contact the Identity Theft Resource Center (ITRC), a ChoicePoint-sponsored entity, at http://www.idtheftcenter.org/alerts.shtml. Most scams, whether perpetrated by telephone or e-mail, ask you to provide either credit card account information or your Social Security number. The ITRC recommends that you never give out this information unless you initiate the call and you know that you are speaking to a true company representative. If you think you have been targeted by a scam, please forward the entire e-mail message to the ITRC at: itrc@idtheftcenter.org and the organization will forward it to the FBI for you and let you know if it is a confirmed scam.

To verify a suspected scam, the ITRC recommends the following steps:

1. Contact the company involved directly, using a customer service number you find in the phone book or that you have used in the past. Think first and act second. It is important to verify a contact through the company before responding to the e-mail. Do not even send a "do not contact me again" message.
2. Contact the FBI at www.ifccfbi.gov or your local state attorney general's office.
3. Contact the Federal Trade Commission at 877-FTC HELP or via e-mail at: spam@uce.gov
4. See the end of this page for a list of other sites that report scams.
5. Remember, URLs that begin "http" are not secure. Only those that begin "https" are secure sites to which you should send sensitive information.
6. Avoid scams that appear to use telephone numbers in the United States but are expensive out-of-country numbers. If you're not sure where a telephone number is located, use this free area code decoder: http://decoder.americom.com/cgi-bin/decoder.cgi

Other Sites That Have Scam Information Include:

(Note: These are all external Web sites and neither ChoicePoint nor the ITRC endorses or sells product items. These sites are offered as a source of information only.)

• www.crimes-of-persuasion.com - Run by a private attorney. Also a retail site.
• www.spamlaws.com/state/summary.html - Sponsored by Internet ScamBusters ™: The Spam Laws Web site lists spam-related legislation by state and by country. Unless you have a law degree, they recommend the summary of state spam laws.