Allstate.com - Learn More About Allstate Insurance Company

As a current or prospective Allstate customer, you should know about spoofing and phishing emails that can put you at risk and what to look for in communications from Allstate.

What Are Spoofing Emails?

Spoofing e-mails are messages that look like they are from a legitimate sender, but the actual sender is concealed. A “spoofer” will usually spoof the “from” header. They are sometimes an attempt to get information that could lead to identity theft or other fraud. Additionally, they could download a virus, worm, other malicious program, or even spyware or web beacons onto your computer. In these cases, they are known as phishing e-mails.

What Are Phishing E-mails?

Phishing e-mails are spoofed e-mails with a fraudulent intent. Within the e-mail, which appears to be from a legitimate source, is usually a link. This link will appear to be a legitimate site for a company, but is actually a site hosted by the phisher to collect your personal information. The e-mail is typically written in an urgent or threatening manner, saying that your bank account or credit card account will be closed immediately unless you take the appropriate action. That appropriate action is usually “confirming” an account number or personal information, such as a social security number.

Phishing e-mails usually ask for one or more of the following information:

Password or PIN
Credit card validation (CCV) code
ATM/Debit or Credit Card number
Social Security number (SSN)
Bank account number

Even if you don't provide what they ask for, simply clicking the link could download software or viruses without your knowledge that will collect information about you that the phisher can then use.

What Should You Do if You Have Received a Phishing E-mail?

If you have received what you believe is a phishing e-mail, you may report it by forwarding it to spam@uce.gov. The Federal Trade Commission (FTC) may use that e-mail to pursue law enforcement actions against people who send phishing e-mail or deceptive e-mail.

If You Have Any Questions Regarding an Allstate Phishing E-mail, please contact us.

The originators of unsolicited commercial e-mails (UCE)—also known as spam, spoofed e-mails, or phishing e-mails—are constantly changing tactics to get around anti-spam or anti-spoofing measures. Here are several steps you can take that will go a long way towards minimizing the impact of UCE, whether at work or at home:

Prevention Tip 1

Do not open UCE or spam e-mails. When you read spam, usually some of the information is downloaded from the spammer’s website. Typically this information includes a “web beacon” that gathers information to tell the spammer which e-mail address has been used. For this reason, it really is best to never open UCE – and likewise, it’s also best that you do not AutoPreview your messages, which in effect opens all your mail, thus allowing web beacons to work.

Prevention Tip 2

Never respond to UCE/spam. Do not use the unsubscribe links, Opt-Out links or instructions, or “send replies to” e-mail addresses contained in UCE e-mails. Again, doing so usually only serves to verify that the sender has found an active e-mail account.

Prevention Tip 3

Set up a separate e-mail account for online activity, including shopping and other legitimate online activities. If you don’t, use extreme caution, as many commercial sites sell their e-mail lists. You may be asked if you prefer that they do not “share” your e-mail address, but the action you need to take – such as checking a small box or sending an e-mail to this effect – may be hard to find.

Prevention Tip 4

Set up rules to automatically move UCE to a separate folder. Depending on which program you use to read and write e-mails, this can be done several different ways. Check your e-mail program’s help menu to find out the proper way to do it.

Prevention Tip 5

Don’t download free applications, also known as “freeware,” such as software, games, Google search toolbars from third-party companies, weather and sports ticker toolbar add-ins. Many freeware programs contain hidden programs that can provide spammers, spoofers and phishers with personal information about you.

Prevention Tip 6

Do not respond to phishing schemes. If you receive an e-mail from a source that sounds and looks legitimate, which asks you to provide personal information through a link in the e-mail, assume it’s a phishing scheme and do not respond. Banks, credit card companies or other trusted businesses do not ask for information via e-mail. Check the company’s web site for posted alerts.

Prevention Tip 7

Keep anti-viral software up to date and use a firewall. These protective measures can help you to not inadvertently download viruses, worms or Trojan horses, which are sometimes connected to these types of messages.

Definitions Based on Webopedia.com

Virus

A program or piece of code that is loaded onto your computer without your knowledge and will quickly use all available memory and bring your system to a halt.

Worm

A special virus that can replicate itself and use memory, but cannot attach itself to other programs.

Spyware

Any software that covertly gathers user information through the user's Internet connection without his or her knowledge.

Web Beacon

An often-transparent graphic image that is placed on a Web site or in an e-mail that is used to monitor the behavior of the user visiting the Web site or sending the e-mail.

Region188x171

Allstate takes a stand on significan issues

Region188x111

REGION188XVAR

Related Materials

The Allstate Corporate Social Responsibility Report

The 2007 Allstate America's Best Drivers Report

Alert: Lottery Scam Implying an Association with Allstate

Protect Yourself from Phishing

You should know about spoofing and phishing emails.

Allstate’s Use of Credit Information to Evaluate Insurance Policies

A Better Way to Prepare and Protect America from Catastrophes

Planning for Catastrophes Is Positive Thinking Not Doing So Is a Disaster

Auto Insurance Fraud

Learn to recognize auto accident scams.