|
Identity Theft Phishing Scams Abound
By Ira Wilsker, APCUG Director; Columnist,
The Examiner, Beaumont, TX; Radio & TV Show Host
Web Sites:
http://www.websensesecuritylabs.com/alerts
http://www.antiphishing.org
I have been busy compiling information so I can complete my 1040 for this year. I have also been actively searching for bargains on eBay, typically paying for my purchases utilizing my PayPal account. I frequently use the online bill paying service offered by my credit union. Much to my chagrin, according to a series of emails I received, my eBay account is being suspended, as well as my PayPal account, or somehow I added another email address to my PayPal account that I did not recognize.
I did receive some good news by e-mail from tax-refunds@irs.gov; I have an unclaimed refund at the IRS! Here is what that good news e-mail says:
“Subject: Refund notice;
You filed your tax return and you're expecting a refund. You have just one question and you want the answer now - Where's My Refund? Access this secure Web site to find out if the IRS received your return and whether your refund was processed and sent to you.**New program enhancements** allow you to begin a refund trace online if you have not received your check within 28 days from the original IRS mailing date. Some of you will also be able to correct or change your mailing address within this application if your check was returned to us as undelivered by the U.S. Postal Service. "Where's My Refund?" will prompt you when these features are available for your situation. To get to your refund status, you'll need to provide the following information as shown on your return: *Your first and last name* Your Social Security Number (or IRS Individual Taxpayer Identification Number) *Your Credit Card Information (for the successful complete <sic> of the process).*”
It seemed too good to be true; all I needed to do was to connect to the government Web site listed in the e-mail, GovBenefits.gov, enter my name, social security number, e-mail address, credit card number and expiration date, CVV2 security code on the back of my credit card, and my ATM PIN number, and within 28 days an unexpected $571 tax refund will be deposited to my account. I think that is just wonderful.
I am very concerned that my eBay privileges may be compromised, as there have been some discrepancies in my eBay account, so claimed an e-mail I received from eBay. All I need to do to is verify and reactivate my eBay account by clicking on the link in the e-mail, entering my username and password, and then verifying my identity with either my PayPal address or password, or reentering my credit card number, security code, and expiration date. That is quick and simple, so I will do it to preserve my eBay account.
I buy a lot of “stuff” on eBay, and pay for it from my PayPal account. I was shocked when I received that e-mail from PayPal verifying that I had added another e-mail address to my PayPal account. I did not recognize that e-mail address, so I clicked on the PayPal link in the e-mail, and entered my PayPal e-mail address, password, credit card number, expiration date, and security code. Now that I have verified my identity to PayPal, I can safely remove that unknown e-mail address from my PayPal account.
In another recent e-mail from the National Credit Union Administration (NCUA), I was utterly shocked to learn that my credit union account and ATM card would be suspended within five days due to suspicious activity unless I connected to the Web site listed and confirmed my identity, and reauthorized my account. In a panic, I immediately did so, entering my account number, ATM card number, PIN number, and the routing number from one of my checks. A reassuring “Thank You” from the Web site relieved me of the anxiety I had about my credit union account, and now I feel better.
All of the e-mails above are real, but my responses to those e-mails are not. These types of e-mails present a very real and growing threat to our financial privacy and security. They are representative of a rapidly growing and dangerous trend of “phishing,” a popular method of identity theft. By simply responding to the e-mails by clicking on the authentic looking link, the user is directed to an authentic looking but counterfeit Web site which solicits the victims’ personal information. Once that information is entered, it has been documented that credit cards can be illicitly charged within seconds, and bank accounts drained via the use of the ATM and PIN numbers.
The Anti Phishing Work Group (www.antiphishing.org) is a trade group with over 2000 members, including the major credit card companies, banks, credit unions, eBay, and financial service companies, who tracks phishing attacks. The most recent figures available as I type this indicate that in the month of November 2005, there were 16,882 individual phishing attacks, each possibly consisting of millions of fraudulent e-mails sent to people like us. The rate of phishing attacks, and the number of phishing e-mails has doubled since November 2004, and the numbers still appear to be increasing as it has become an easy method to defraud victims out of their money. These attacks connected to 4630 fraudulent Web sites, triple the number for the same month in the previous year. The scam sites are short lived, being shutdown either forcibly, or voluntarily, within an average of 5.5 days, with some being active for as long as 30 days. Eighty percent of phishing scams illicitly use the name of just six legitimate companies, such as PayPal and eBay, and the other 20 percent of scams misrepresent 87 companies. While the majority of these Web sites are hosted in the US, they are actually owned and operated predominately by foreign nationals, often in Eastern Europe, and southeast and central Asia. Criminal prosecutions and recovery of lost money are scarce, making it a high gain/low risk crime, which helps account for its rapid and malicious spread.
A comprehensive list of current phishing scams, predominantly directed against the customers of major financial institutions may be found at:-www.websensesecuritylabs.com/alerts. Some of the most recent listed financial institutions targeted are Greater Texas Federal Credit Union, Day Air Credit Union, First Bank, The Farmers Bank, Town North Bank, and many others.
As users start to implement updated software of various types, phishing may become more difficult. Newer versions of e-mail programs, such as Outlook, Mailwasher, Eudora, and others show if a link redirects to another address, other than the one listed. The new version of Internet Explorer offers an anti-phishing option which will check Internet addresses against suspicious or known phishing sites. Trend Micro’s PC-Cillin Internet Security Suite 2006 offers an anti-phishing toolbar for Internet Explorer that shows if a link is being redirected to a suspicious site. Recent versions of the Firefox browser offer some protection against phishing by indicating the real, rather than the apparent Web address in the address bar, which should notify the user of a potential scam. In order to bypass many of the new protections offered, some phishers are registering close variations of legitimate domain names in an attempt to trick users into accepting their false authenticity. Another trick is “pharming,” which illicitly redirects correct Internet addresses to bogus Web sites for the purpose of tricking the victim into entering sensitive data.
Never click on a link in an e-mail warning about some dire financial risk or reward, as reputable agencies will not utilize that tactic in the event of a problem. A quick call to a known 800 number to verify any such problem will quickly indicate that the e-mail is bogus. Better safe than sorry.
The Editorial Committee of the Association of Personal Computer User Groups (APCUG), an international organization of which CFCS is a member, brings this article to you.
Author: Ira Wilsker, APCUG Director; Columnist,
The Examiner, Beaumont, TX; Radio & TV Show Host
Jump Article
Date: 04 / 2006
...return to top
|
