Tell a friend

EDUCATION - Know the Facts

Phishing Scams

"Phishing" is an attempt by criminals to get an unsuspecting victim to divulge personal, confidential information under the guise of a legitimate request.   Although modern phishing scams tend to use e-mail, phishing can also be done via telephone, in-person, or via the regular mail.   This section discusses "e-mail phishing," but the bottom line is the same for all types: BE EXTREMELY CAUTIOUS WHEN PROVIDING YOUR PRIVATE INFORMATION!   Also, consider enrolling with a credit monitoring service to help protect yourself in case an identity thief does obtain your information.

The scam begins when you receive a legitimate looking e-mail from a reputable company such as Washington Mutual Bank:

The e-mail makes you believe that, by clicking on the link, you will be taken to "http://www.wamu.com/ personal/welcome/ confirmusersdata.htm".   However, you would really be directed to "http:// 148.244.213.131: 4977/wa/index.htm".   This address is NOT a valid Washington Mutual site!   Rather, it will take you to a "bogus" site that mimics a real Washington Mutual site.   If you provide any personal information via this bogus site, you are most likely giving it directly to someone who will use it to steal your identity.

Another interesting aspect of this particular e-mail is the use of "white text", which is barely visible to the naked eye.   However, by "selecting" the area on the bottom of the e-mail, the text is inverted and becomes visible.   Spammers use this "white text" technique to trick the spam filters which are used to prevent unwanted e-mail.   Even though you can't see it, the spam filter reads it and is tricked into believing that it is a normal e-mail that contains a typical conversation.


Sometimes, the e-mail actually preys on your fears and claims that you may be a victim of identity theft if you DON'T "confirm" your information.   Another thing to notice is that most phishing scams originate internationally and are written by people who are not fluent in English.   As such, many times the e-mails contain misspelled words, incomplete sentences, and awkward phrases.   In this example, notice how they use the phrase "in the nearest time" instead of "immediately".

This next example is a phishing scam posing as an e-mail from eBay.   Although there are a few grammatical errors that may raise suspicions, it does seem fairly legitimate. (Note: For added security, "automatic downloading of images" was turned off for this example.)


However, if you suspect that an e-mail may be a phishing scam, you can View the Source Code of an HTML e-mail message to see where a link actually goes.   In this example, the phrase "click here" appears in the e-mail.   But, if you click on it, you will be directed to "http://dhost.info/..." instead of eBay.

Bottom Line:

  • No legitimate company would ask you to provide your personal information to them in this manner.
  • View the Source Code of an HTML e-mail message to determine where the link actually takes you.
  • Be wary of e-mails that contain misspelled words, incomplete sentences, and awkward phrases.
  • Don't give your personal information to anyone unless you trust them and have initiated the contact yourself via a telephone number or web address that you know to be valid.


For more information:

Phishing

Protect Yourself with a Credit Monitoring Service

Subscribe to our FREE e-Newsletter for updates on new phishing scams

Samspade.org To track down a suspicious IP address or host, try a free online service such as SamSpade.org.




 
 

LifeLock Save 10%
Quote of the Day
"A good reputation is more valuable than money." - Syrus (Publilius Syrus)
Tip of the Day
If you receive pre-screened credit card offers in the mail, but don't shred them after you decide you don't want to accept the offer, identity thieves could retrieve the offers for their own use without your knowledge. Call 1-888-5-OPTOUT (1-888-567-8688) to opt out of receiving these pre-screened credit card offers. The three major credit bureaus use the same toll-free number to let consumers choose to not receive pre-screened credit offers.
Today's Story
"My purse was stolen in December 1990. In February 1991, I started getting notices of bounced checks. About a year later, I received information that someone using my identity had defaulted on a number of lease agreements and bought a car. In 1997, I learned that someone had been working under my Social Security number for a number of years. A man had been arrested and used my SSN on his arrest sheet. There's a hit in the FBI computers for my SSN with a different name and gender. I can't get credit because of this situation. I was denied a mortgage loan, employment, credit cards, and medical care for my children. I've even had auto insurance denied, medical insurance and tuition assistance denied." - From a consumer complaint to the FTC, January 2, 2001
Click for your FREE credit score!
   IdentityProtection101.com: About, Disclaimer, Privacy Policy © 2004, 2005 Steve Edwards and Americorp International, Inc. Web design by Kevin