All Internet users should be aware of the online scam known as "phishing" (pronounced "fishing"). Phishing involves the use of e-mail messages that appear to come from your bank or another trusted business, but are actually from imposters.

Phishing e-mails typically ask you to click a link to visit a Web site, where you're asked to enter or confirm personal financial information such as your account numbers, passwords, Social Security number or other data. Although these Web sites may appear legitimate, they are not. Thieves can collect whatever data you enter and use it to access your personal accounts.

How can I spot a phishing scam?

Look for these warning signs:

Language and tone. The message you receive may urge you to act quickly by suggesting that your account is threatened. It may say that if you fail to update, verify or confirm your personal or account information, access to your accounts will be suspended. The wording may also be sloppy and contain misspellings.

Requests for personal information. Scam e-mails typically ask for personal or account information such as:

- Account numbers
- Credit and check card numbers
- Social Security numbers
- Online banking user IDs and passwords
- Mother's maiden name
- Date of birth
- Other confidential information

Non-secure Web pages. Clever thieves can build a fake Web site that looks nearly identical to an authentic one. They can even alter the URL (the Web address) that appears in your browser window. Watch out for non-secure Web pages that ask for sensitive information (secure sites will typically display a lock in the status bar at the bottom of your browser window).

Here are some safety tips:

Be suspicious of demanding messages. Messages threatening to terminate or suspend your account without your quick response should be treated as suspicious. A legitimate bank or business should not request personal information from you over an unsecured Web site. When in doubt, call the business' customer service number (available on your account statement) to confirm the status of your account. Do not use telephone numbers found on the suspected Web site.

Always type in the URL of the Web page you need. Phishing scams rely on embedded links that take you to fake Web sites. It's safer to type your bank's Web address directly into your browser so you know you're visiting the legitimate site.

Protect your password. Don't write down sensitive personal information such as your password or Social Security number. Change your password frequently.

Keep your computer up-to-date. Haven Trust Bank recommends that you install anti-virus and firewall programs to help keep your computer safe.

If you receive suspicious e-mail that appears to come from Haven Trust Bank, please notify us immediately by forwarding the e-mail to customerservice@HavenTrustbank.com
(do not open any attachments or click any links found in the suspicious e-mail).

You may also want to forward it to the Federal Trade Commission at spam@uce.gov, or contact them at www.consumer.gov/idtheft* or 877.IDTHEFT (877.438.4338).

If you believe you have provided personal or account information in response to a fraudulent e-mail or Web site, please contact Haven Trust Bank at 678.957.5500 and contact the other financial institutions with which you have accounts.

To learn more about phishing, read the phishing brochure* provided by The Office of the Comptroller of the Currency (OCC). The OCC charters, regulates and supervises all national banks.

Some customers have recently received e-mail messages stating that "there have been a large number of identity theft attempts targeting Haven Trust Bank customers." The e-mail requests that customers confirm their identity for personal online banking by clicking a link and logging onto their accounts.

Another recent fraudulent e-mail pretends to be a "Security Center Advisory" that informs customers their account "has been randomly selected for maintenance," and that they need to click a link to verify their identity.

Yet another fraudulent e-mail states that there is a pending charge (often a quite large one) to the customer's account, and in order to decline the transaction, the customer needs to click a button or a link in the e-mail.