Data Breach & Incident Response
Related Resources l
EV SSL Certificates I
Sample Phishing Notification Page
In an effort to aid brand owners in protecting their brand and domains from
exploits, OTA has created sample text a brand owner might include on their web
site once they have taken down a deceptive or infringing web site. Doing
so can provide users a "teachable moment" provide prescriptive advice and
confidence that you have eliminated a potential threat. Support your
brand, OTA recommends this as a best practice and if preferable to getting a page not found or other error.
Such pages are recommended to be part of a domain defense strategy
and online incident response plan. Visit back for more information and
Special thanks to the Digital Phish Net, APWG, Internet Identity, Microsoft and OTA
members for their input.
For additional efforts visit the Anti-Phishing Working Group (APWG)
You have been
redirected to this page because the site you clicked on has been
identified as a deceptive web site. As part of our commitment
to online safety and consumer protection, we have removed this page
from the internet.
What is Phishing?
Phishing attacks use spoofed e-mails and fraudulent websites to
fool recipients into revealing personal information. By using trusted
brands of well-known companies such as financial institutions, online
retailers, ISPs and credit card companies, phishers attempt to dupe
innocent consumers into revealing their personal information. Phishing
schemes are typically delivered via forged e-mail, purporting to come
from trusted brands and often attempt to install malicious software on
your computer without consent.
Who are these Phishers?
They are criminals and organized crime syndicates who are trying to steal your personal information in
order to use it for their financial gain. This often results in
unauthorized credit card charges, ATM transactions, account transfers,
or new account creations using YOUR identity!
NEVER reveal personal information to an
unverified recipient. This includes:
- Login names and passwords
- Credit card numbers
- PIN numbers
- Bank account numbers
- Mother's maiden name
- Social Security number
- Date of birth
Protect yourself from Phishers! Don't get
- Never respond to requests for personal information via e-mail.
- If the e-mail looks "phishy" call the company that claims to
have sent you the e-mail to verify its authenticity. Look up the
phone number on your own and do not trust any numbers supplied by
the e-mail without verifying them.
- Never trust hyperlinks in e-mails. Visit websites by typing the
URL into your address bar.
- Review your credit card and bank statements for any unusual
transactions. Report them immediately if you find any unauthorized
- Report suspected abuses of your personal information to the
- Do not use the same passwords on multiple sites.
Creating Strong Passwords
Use strong passwords for all web sites, requiring
frequent changes. A strong password should appear to be a random string
of characters meeting the following criteria:
- Make it lengthy. Each character increases the protection that it
provides many times over.
- Your passwords should be 8 or more characters in length.
- Combine letters, numbers, and symbols. The greater variety of
characters, the harder it is to guess.
- Use the entire keyboard, not just the most common characters.
Symbols typed by holding down the "Shift" key and typing a number
are very common in passwords.
- Your password will be much stronger if you choose from all the
symbols on the keyboard, including punctuation marks not on the
upper row of the keyboard, and any symbols unique to your language.
To report phishing sites
If you encounter other phishing web sites report them using tools
within your internet browser solutions which offers dynamic phishing
protection. To report to law enforcement
Crime Complaint Center) and the FTC
(Federal Trade Commission) consumer identity theft web site
Monitor your Credit Report
We recommend you monitor your credit report annually.
Credit reports are available at no-charge annual from the three leading
credit reporting agencies including Equifax, Experian and TransUnion.
The only FTC authorized site is
Look for the Green Address Bar
When banking or purchasing online, look for sites which display the
"Green Address Bar", now supported by all leading browsers and over
4,000 leading ecommerce sites. Such sites meet the standards for
qualifying for Extended Validation Secure Site Server Certificates.
When you see Green you can be assured the site is who the state they are
and meet this new standard. For more information visit
EV Cert Resources
Learn more about Phishing
Thanks to input from the Digital Phish Net, US Chamber of Commerce and Microsoft
Corporation for their input.