Friday, November 9, 2007

Don't Let Someone Phish For your Virtual Wallet!

So you get an Email claiming to be from Ebay saying that someone is trying to fraudulently use your account and that you need to click on a link to an online form and reput your information.

Watch out! The fraud may be coming from the Email itself, where you will go to a phony online form that is NOT from Ebay and you will be entering personal, sensitive information such as Social Security Numbers, Credit Card numbers, or checking account numbers. Once those are submitted, someone then has your information and you could be a victim of identity theft!

This act is called "Phishing"--which means "a scam by which an e-mail user is duped into revealing personal or confidential information which the scammer can use illicitly" (Meriam-Webster Online Dictionary).

How can you protect yourself?

First of all--ask if email is an appropriate place to solicit funds? Government entities like the IRS cannot legally contact you by Email. Companies like Ebay and AOL have certain procedures on how to handle fraud that will not arrive to you as a normal Email. Charities usually use regular paper mail. In general, in most cases, you will be notified by other means than Email such as secure mail or a phone line.

Second of all--PAY ATTENTION to the URL of the form! Even if the email you receive may tell you to go to www.ebay.com, take your mouse on that link and look at the URL listed below your browser to see if it really takes you to the site it claims. Most often the forms will have a completely different web address.

When and if you do receive such a Email, forward it to your Internet Service Provider (AOL, Comcast, etc.) Notifying them about such Emails will allow the companies to add the author to their Spam filter, as well as forward it to appropriate police or other security entities.

In general, if you receive Emails such as these, treat them as Spam. Delete them immediately. If there are issues related to your account, etc. the company will contact you by other means.

For more information on Phishing, go to:

How Stuff Works: Phishing: http://money.howstuffworks.com/phishing.htm

Article: Why Phishing Works: http://repositories.cdlib.org/iber/xlab/XL06-013/