"Phishing," the latest craze among online evil-doers, has
nothing to do with sitting at the end of a dock on a sunny
afternoon dangling a worm to entice hungry catfish.
But, if you take their bait, this new breed of online con
artist will hook you, reel you in, and take you for every
dollar you have... or worse.
"Phishing" describes a combination of techniques used by
cyber crooks to bait people into giving up sensitive
personal data such as credit card numbers, social security
numbers, bank account numbers, dates of birth and more.
Their techniques work so well that, according to
FraudWatchInternational.com, "phishing" rates as the
fastest growing scam on the Internet.
Here's the basic pattern for a "phishing" scam...
You receive a very official email that appears to originate
from a legitimate source, such as a bank, eBay, PayPal,
a major retailer, or some other well known entity.
In the email it tells you that something bad is about to
happen unless you act quickly.
Typically it tells you that your account is about to get
closed, that someone appears to have stolen your identity,
or even that someone opened a fraudulent account using your
name.
In order to help straighten everything out, you need to
click a link in the email and provide some basic account
information so they can verify your identity and then give
you additional details so you can help get everything
cleared up.
Once you give up your information... it's all over but the
crying!
After getting your information, these cyber-bandits can
empty your bank accounts, deplete your PayPal accounts, run
up your credit card balances, open new credit accounts,
assume your identity and much worse.
An especially disturbing new variation of this scam
specifically targets online business owners and affiliate
marketers.
In this con, the scammer's email informs you that they've
just sent $1,219.43 (or a similar big but believable
amount) in affiliate commissions to you via PayPal.
They need you to log into your PayPal account to verify
receipt of the money and then email them back to confirm
you got it.
Since you're so excited at the possibility of an unexpected
pay day, you click the link to go to PayPal, log in, and
BANG! They have your PayPal login information and can empty
your account.
This new "phishing" style scam works extremely well for 2
basic reasons.
First, by exploiting your sense of urgency created by fear
or greed, crooks get you to click the link and give them
your information without thinking.
Second, the scammers use a variety of cloaking and spoofing
techniques to make their emails and websites appear totally
legitimate, making it extremely hard to spot a fake website,
especially when they've first whipped you into an emotional
frenzy.
The good news, however, is that you can protect yourself
relatively easily against this type of cyber-crime with
basic software and common sense.
Most of these scams get delivered to you via Spam
(unsolicited email), so a good spam blocker will cut down
on many of them even making it to your inbox.
If you receive an email that looks legitimate and you want
to respond, Stop - Wait - Think!
Verify all phone numbers with a physical phone book or
online phone directory like www.Verizon.com or
www.ATT.com/directory/ before calling.
Look for spelling and grammatical errors that make it look
like someone who doesn't speak English or your native
language very well wrote it.
Never click the link provided in the email, but go directly
to the website by typing in the main address of the site
yourself (example: www.paypal.com or www.ebay.com).
Forward the email to the main email address of the website
(example: support@paypal.com) or call the customer service
number on the main website you typed in yourself and ask if
it is in fact legitimate.
Above all remember this:
Your bank, credit card company, PayPal, eBay and anyone
else you deal with online already knows your account
number, username, password or any other account specific
information.
They don't need to email you for ANY reason to ask you to
confirm your information -- so NEVER respond to email
requests for your account or personal details.
Jim Edwards
nothing to do with sitting at the end of a dock on a sunny
afternoon dangling a worm to entice hungry catfish.
But, if you take their bait, this new breed of online con
artist will hook you, reel you in, and take you for every
dollar you have... or worse.
"Phishing" describes a combination of techniques used by
cyber crooks to bait people into giving up sensitive
personal data such as credit card numbers, social security
numbers, bank account numbers, dates of birth and more.
Their techniques work so well that, according to
FraudWatchInternational.com, "phishing" rates as the
fastest growing scam on the Internet.
Here's the basic pattern for a "phishing" scam...
You receive a very official email that appears to originate
from a legitimate source, such as a bank, eBay, PayPal,
a major retailer, or some other well known entity.
In the email it tells you that something bad is about to
happen unless you act quickly.
Typically it tells you that your account is about to get
closed, that someone appears to have stolen your identity,
or even that someone opened a fraudulent account using your
name.
In order to help straighten everything out, you need to
click a link in the email and provide some basic account
information so they can verify your identity and then give
you additional details so you can help get everything
cleared up.
Once you give up your information... it's all over but the
crying!
After getting your information, these cyber-bandits can
empty your bank accounts, deplete your PayPal accounts, run
up your credit card balances, open new credit accounts,
assume your identity and much worse.
An especially disturbing new variation of this scam
specifically targets online business owners and affiliate
marketers.
In this con, the scammer's email informs you that they've
just sent $1,219.43 (or a similar big but believable
amount) in affiliate commissions to you via PayPal.
They need you to log into your PayPal account to verify
receipt of the money and then email them back to confirm
you got it.
Since you're so excited at the possibility of an unexpected
pay day, you click the link to go to PayPal, log in, and
BANG! They have your PayPal login information and can empty
your account.
This new "phishing" style scam works extremely well for 2
basic reasons.
First, by exploiting your sense of urgency created by fear
or greed, crooks get you to click the link and give them
your information without thinking.
Second, the scammers use a variety of cloaking and spoofing
techniques to make their emails and websites appear totally
legitimate, making it extremely hard to spot a fake website,
especially when they've first whipped you into an emotional
frenzy.
The good news, however, is that you can protect yourself
relatively easily against this type of cyber-crime with
basic software and common sense.
Most of these scams get delivered to you via Spam
(unsolicited email), so a good spam blocker will cut down
on many of them even making it to your inbox.
If you receive an email that looks legitimate and you want
to respond, Stop - Wait - Think!
Verify all phone numbers with a physical phone book or
online phone directory like www.Verizon.com or
www.ATT.com/directory/ before calling.
Look for spelling and grammatical errors that make it look
like someone who doesn't speak English or your native
language very well wrote it.
Never click the link provided in the email, but go directly
to the website by typing in the main address of the site
yourself (example: www.paypal.com or www.ebay.com).
Forward the email to the main email address of the website
(example: support@paypal.com) or call the customer service
number on the main website you typed in yourself and ask if
it is in fact legitimate.
Above all remember this:
Your bank, credit card company, PayPal, eBay and anyone
else you deal with online already knows your account
number, username, password or any other account specific
information.
They don't need to email you for ANY reason to ask you to
confirm your information -- so NEVER respond to email
requests for your account or personal details.
Jim Edwards