What is phishing and how does it work?

If you receive an email asking for updates to your personal or financial information that purports to come from Rakuten, you might have been the target of "phishing" (pronounced "fishing," and also called scamming, carding, or spoofing).
Phishing is a common Internet scam where a perpetrator sends out official looking emails that appear to come from the Internet's biggest Web sites in an attempt to gather personal financial information from the recipient. Phishing scams start out by trying to contact and confuse the victim with a phony order confirmation and then move on to collecting credit card or identity information under the pretense of trying to clear up the victim's account. Phishers camouflage their emails by using actual company logos, similar email formats, and links to legitimate Web pages hosted by the legitimate company. It only takes one or two victims to make it worth the while of the scam artist.

Identifying a Phishing Scam

A diligent examination of any email can identify phishing scam relatively easily. For starters, check the email address of the sender. If the address is at an Internet service provider's address, like "@hotmail.com", "@yahoo.com", or "@gmail.com", this is most likely a phishing scam. They will also make minor adjustments to the address like: info@rakutendotcom.comAnother way to identify potential scams is to review the content of the email. Many scams are written in one language and then translated without concern for spelling or grammar. If your email has many grammar errors, or typos, it is likely you may have received a phishing email.Rakuten will also never ask you for any personal information via email for your order. This includes your social security number, tax identification number, your credit card number, your PIN, your credit card security code, your mother's maiden name, or your login ID and/or password.In addition, check the links provided in the email to see that they are linked to: http://www.rakuten.com/Rakuten will always link the content of their messages to this address, and will not issue a link via email otherwise.
Phishers will often send emails with links such as: http://www.profile-rakuten.com/Or, phishers will send a string of numbers with a suggestive link such as: http://111.222.345.678/rakuten.com/Phishers will also send an entire email as a link directing you to a Web site asking for your personal information. Rakuten will never do this, so please do not enter any information and close your browser in these instances. Should you click on one of these images, please run an anti-virus or anti-malware program afterwards to help protect your PC.

Finally, do not open any email attachments that were not requested from Rakuten by you. Rakuten will never send unsolicited attachments, so please report such emails without opening the attachment. Should you open an attachment sent to you by a scam, please run an anti-virus or anti-malware program to help protect your PC.

Reporting a Phishing Scam

If you do receive an email you believe is a phishing scam, please contact us and we will be glad to help.
You may also report it to the Federal Trade Commission by calling the FTC help line, 1-877-FTC-HELP, or forwarding the email here.

Have more questions? Submit a request


Please sign in to leave a comment.