Spoofing, similar to Phishing, is a hoax which occurs when a criminals “spoof” e-mail addresses, phone numbers or web sites to make their messages, calls or web sites appear legitimate when they are actually fraudulent. In e-mail spoofing, the sender address and other parts of the e-mail header are altered to appear as though the e-mail originated from a trusted source. In Web site spoofing, Internet sites are created as a hoax, posing as legitimate web sites in an attempt to trick users into providing sensitive information. Spoofed web sites often have similar or masked URLs and appear almost indistinguishable from the site they are spoofing, using correct branding and even copyright information.

Suspect you’ve reached a Spoofed web site? If you feel you’ve inadvertently entered sensitive or confidential information into a spoofed web site, contact Northern Trust as soon as possible to report the situation. Northern Trust will never ask clients to provide account information via e-mail or an unsecured Internet web site.

HERE ARE SOME HELPFUL TIPS FOR PROTECTING YOURSELF:

Go directly to the web site you are attempting to reach — Typing the address directly into your web browser is always a safer alternative to clicking on embedded links that may be included in spoofed e-mail messages. Type the address into your browser window and bookmark the legitimate web site for future use.
Check the URL before entering information — Spoofed web sites will often use URLs that are close to the legitimate site’s address. Check for numbers after the title, or an incorrect extension (.net verses .com or .com verses .edu). URLs may contain part of the correct domain but lead to a subdomain on a different site (amazon.spoofdomain.com verses amazon.com).
Use a login cookie — Most authentic business web sites will give you the option of remembering your User ID. While this is not appropriate for shared computers, if you are using a secure home machine, this option may actually increase your security. A spoofed website will not be able to display your saved information, thus alerting you to potential problems.
Look for the color green — Legitimate web sites, particularly financial web sites, use secure connections that may turn all or some of your browser’s address bar green (depending on which Internet browser you are using). If you remember seeing green on the bar from past visits but suddenly notice it’s missing, or it’s now red, it may be a forgery.
Examine the web site’s credentials — According to Symantec Corporation, a leading issuer of Secure Sockets Layer certifications (SSL), there are three ways to look for a website’s credentials.
— Click the closed padlock in a browser window

— Click the trust mark (such as a Norton Secured Seal)
Don’t click on links — The best way to prevent a visit to a spoofed web site is to avoid clicking on links within e-mails or questionable links that are returned from an Internet search. “Safe search” options are available from both most anti-virus software and from leading Internet search engines. Safe search options will alert you to questionable sites that should be avoided.

LEGAL, INVESTMENT AND TAX NOTICE: This information is not intended to be and should not be treated as legal advice, investment advice or tax advice and is for informational purposes only. Readers, including professionals, should under no circumstances rely upon this information as a substitute for their own research or for obtaining specific legal or tax advice from their own counsel. All information discussed herein is current only as of the date appearing in this material and is subject to change at any time without notice. This information, including any information regarding specific investment products or strategies, does not take into account the reader’s individual needs and circumstances and should not be construed as an offer, solicitation or recommendation to enter into any transaction or to utilize a specific investment product or strategy.

The Northern Trust Company | Member FDIC