The email messages (and websites) look official enough that they deceive many people into believing that they are legitimate. Believing that these emails are legitimate, unsuspecting people often respond to the email's requests for their credit card numbers, passwords, account information, or other personal information.
Never respond to requests for personal information via email. Legitimate organizations will never ask for passwords, credit card numbers, or other personal information in an email. If you receive an email requesting this kind of information, DO NOT RESPOND, DO NOT REPLY, DO NOT CLICK ON LINKS OR IMAGES, and DO NOT OPEN ANY ATTACHMENTS with the message. If you think the email is legitimate, contact the company through their official contacts to confirm. Updating your systems with good security software can help defend data, users, systems, and companies from a wide range of risks.
Remember that the IFCC never requests money or credit card numbers, passwords, account information, or other personal information.