all you need to know about Phishing Scam

What is phishing?

Phishing Pronounced like fishing, phishing is a term used to describe a malicious individual or group of individuals who scam users. They do so by sending e-mails or creating web pages that are designed to collect an individual's online bank, credit card, or other login information. Because these e-mails and web pages look like legitimate companies users trust them and enter their personal information.

Example of phishing e-mail

Dear Ticketgateway customer,

Your Account has been Suspended. We will ask for your password only once.
We will charge your account once per year. However, you will receive a confirmation request in about 24 hours after the make complete unsuspend process. You have 24 hours from the time you'll receive the e-mail to complete this ticketgateway request.

Note: Ignoring this message can cause ticketgateway TKO delete your account forever.

To make unsuspend process please use this link:

ticketgateway will request personal data(password;and so on) in this email.

Thank you for using ticketgateway!

This ticketgateway notice was sent to you based on your ticketgateway account preferences. If you would like to review your notification preferences for other communications, click here. If you would like to receive this email in text only, click here.

How to identify a phishing e-mail.

  1. Company - These e-mails are sent out to thousands of different e-mail addresses and often the person sending these e-mails has no idea who you are. If you have no affiliation with the company the e-mail address is supposedly coming from, it is fake. For example, if the e-mail is coming from Wells Fargo bank but you bank at a different bank.
  2. Spelling and grammar - Improper spelling and grammar are almost always a dead giveaway. Look for obvious errors.
  3. No mention of account information - If the company were sending you information regarding errors to your account, they would mention your account or username in the e-mail. In the above example, the e-mail just says "Ticketgateway customer", if this was Ticketgateway they would mention your username.
  4. Deadlines - E-mail requests an immediate response or a specific deadline. For example, in the above example, the requirement to log in and change your account information within 24 hours.
  5. Links - Although many phishing e-mails are getting better at hiding the true URL you are visiting, often these e-mails will list a URL that is not related to the company's URL. For example, in our above Ticketgateway example, "" is not an Ticketgateway URL, just a URL with an " Ticketgateway " directory. Also if you receive any emails from is not a Ticketgateway email, real email is

What to do if you are not sure if an e-mail is official.

  • Never follow any links in an e-mail. Instead of following the link in the e-mail, visit the page by manually typing the address of the company. For example, in the above example, instead of visiting the fake Ticketgateway URL, you would type: in your web browser and log in to the official website.
  • Never send any personal information through e-mail. If a company is requesting personal information about your account or is saying your account is invalid, visit the web page and log into the account as you normally would.
  • Finally, if you are still concerned about your account or are concerned about your personal information, contact the company directly, either through their e-mail address or over the phone.

Issues phishing e-mails commonly address

Below are some of the issues a phishing e-mail may inquire about to trick users.

  • Account issues, such as account or password expiring, account being hacked, account out-of-date, or account information needing to be changed.
  • Credit card or other personal information, such as credit card expiring or being stolen, incorrect social security number or other personal information, or duplicate credit card or other personal information.
  • Confirming orders, such as a request that you log in to confirm recent orders or transactions.

Common companies affected by phishing

Below is a listing of companies phishers most often try to attack.

  • Any major bank
  • Popular websites such as Amazon, Facebook, MySpace, PayPal, Ebay, Microsoft, Apple, Hotmail, YouTube, etc.
  • Government: FBI, CIA, IRS, etc.
  • Internet service providers such as AOL, Comcast, Cox, MSN, etc.
  • Casinos and lottery.
  • Online dating or community websites.

Warning about phishing emails

Phishing is an attempt to obtain your confidential information by impersonating a trusted source through email communication. Ticketgateway would like to inform you on what to do if you receive a phishing email.

  If you receive a phishing email

  • Do not reply to any phishing email,contact us directly if you like to verify the information included in the email. We do not ask for personal or financial information over email. You can email us at if you have any questions.
  • Do not click any links provided in these emails (or cut and paste them into a browser). This may download viruses to your computer. Do not confirm your email address to phishing emails.
  • Do not open any attachments.If you receive an attachment you are not expecting, delete attachment. If you do not recognize the "from" email address. Please report the suspicious email to
  • Do not enter your personal information or passwords on an untrusted emails or forms.
  • Report any suspicious messages that claim to be from or contain a suspicious attachment or link to
  • Delete the message.
  • Only trust email's which are coming from

Example of false TicketGateway's E-mails. Click here

  If you responded to a phishing email

  • Contact your financial institution.Report the content of your email and your actions to the security or fraud department.

It is critical that you:

  • Change the passwords to all online accounts that may have been compromised.
  • On TicketGateway, you can log into your account and click on “My account” you can then change your email address or password.
  • Report the message to the Federal Trade Commission at or through their online form and to any organization impersonated in the email. You can also report the message to the Anti-Phishing Working Group at, a group of Internet Service Providers, security vendors, financial institutions, and law enforcement agencies dedicated to fighting phishing.

Please ensure the following before logging in

  • URL address on the address bar of your internet browser begins with "https"; the letter 's' at the end of "https" means 'secured'.
  • Look for the padlock symbol either in the address bar or the status bar (mostly in the address bar) but not within the web page display area. Verify the security certificate by clicking on the padlock.
  • The address bar has turned to green indicating that the site is secured with an SSL Certificate that meets the Extended Validation Standard.(Available in IE 7.0 and above, Mozilla Firefox 3.1 and above, Opera 9.5 and above, Safari 3.5 and above, Google chrome).
  • Do not enter login or other sensitive information in any pop up window.

Beware of Phishing attacks

  • Phishing is a fraudulent attempt, usually made through email, phone calls, SMS etc seeking your personal and confidential information.
  • TicketGateway or any of its representative never sends you email/SMS or calls you over phone to get your personal information, password or one time SMS (high security) password. Any such e-mail/SMS or phone call is an attempt to fraudulently withdraw money from your account through Internet Banking. Never respond to such email/SMS or phone call. Please report immediately on if you receive any such email/SMS or Phone call. Immediately change your passwords if you have accidentally revealed your credentials.