April 29, 2005

New Anti Phishing Legislation Brewing in Congress

Finally, Congress is set to toughen the penalties for fraud committed by person's who "phish" for information and gain it from unsuspecting consumers. Patrick Leahy, Vermont's senior lawmaker, has introduced legislation allowing for up for five years in prison and a $250,000 fine for anyone convicted of a phishing or online scam.

Posted at 10:02 PM | Comments (0)

March 08, 2005

Ebay Phishing Scams Continue

Another report of a phishing scam meant to steal user data targeting users of Ebay.

The email reads:

Dear eBay Member,
We recently noticed one or more attempts to log in to your eBay account from a foreign IP address and we have reasons to believe that your account was used by a third party without your authorization. If you recently accessed your account while traveling, the unusual login attempts may have been initiated by you

The login attempt was made from:
IP address: 172.25.210.66
ISP Host: cache-66.proxy.aol.com

By now, we used many techniques to verify the accuracy of the information our users provide us when they register on the Site. However, because user verification on the Internet is difficult, eBay cannot and does not confirm each user's purported identity. Thus, we have established an offline verification system to help you evaluate with who you are dealing with.

And, of course, there is a phony link that directs you to a site that is not Ebay that urges you to enter your personal information.

BE VIGILANT and make sure your friends and family members know to never respond to this type of email!

Posted at 04:12 PM | Comments (0)

February 14, 2005

New Phishing Scam Targets Charter One Bank Customers

Today a random email popped up in our email box targeting Charter One customers. The hyperlink, of course, doesn't go to Charter One website, but to IP address 140.111.126.4.

Below is the email being sent (with all links removed)
--------------------------------------------------------------

Dear Charter One Bank customer,

We recently reviewed your account, and suspect that your Charter One Bank Internet Banking accountmay have been
accessed by an unauthorized third party.
Protecting the security of your account and of the Washington Mutual network is our primary concern. Therefore, as a
preventative measure, we have temporarily limited access to sensitive account features.

To restore your account access, please take the following steps to ensure that your account has not been compromised:

1. Login to your Charter One Bank Internet Banking account. In case you are not enrolled for Internet Banking, you will
have to fill in all the required information, including your name and you account number.

2. Review your recent account history for any unauthorized withdrawals or deposits, and check you account profile to
make sure not changes have been made. If any unauthorized activity has taken place on your account, report this to
Charter One Bank staff immediately.

To get started, please click the link below:

http://www.charterone.com/home/ [ ** the link redirected to a different website to "phish" for customer info. They hyperlink appeared to lead to charterone.com, but the underlink HTTP code directed you to another IP].

We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of
the entire Charter One Bank system. Thank you for attention to this matter.

Sincerely,

Charter One Bank Team

Posted at 12:29 PM

February 08, 2005

Ebay Users Are Latest "Phishing Scam" Target

Seems like a day doesn't go by that a new phishing scam is discovered. It usually always involves trolling for personal information by tricking the consumer into revealing their account number, password, or financial information.

E-bay looking "spoof sites" designed to gain access to customer's paypal accounts have been reported to authorities in the last few weeks. The URL used is www.ro.paypal.com -- which is similar to the official paypal website (www.paypal.com).

Remember to never click on links via email to visit any website where you enter sensitive passwords or sites that contain financial information. Always type the URL yourself in a new browser window after closing all others.

It's also an excellent idea to run a daily virus scan as well as a spyware scan.

Posted at 09:46 PM | Comments (0)

Security Flaw in Web Browsers Open Danger to Phishing Scams

Microsoft's Internet Explorer has long been criticized as having many flaws that allow hackers to exploit and take over victim's computers. Now, other browers are vulnerable to attack and, oddly enough, Microsoft's IE is non vulnerable to the newest method of attack, which exploits browers that allow International Domain Names (IDN). IDN domains allow special characters within the domain name.

For more information, check out this security alert from Security Labs:
http://www.websensesecuritylabs.com/alerts/alert.php?AlertID=128

Posted at 09:41 PM

November 05, 2004

EWeek Reports on New Phishing Attack

Accoring to EWeek.com, "a new phishing attach is utilizing a vulnerability in Internet Explorer....to hide its true source."

Man, how many times to we have to worry about security problems from Microsoft's browser. The threat that phishing scams and identity theft pose to the American public (and beyond) is incomprehensible. I don't believe there has ever been a time where the threat is poised to grow exponentially while the potential victims remain uninformed.

With more and more broadband "always on" modems connected to the Internet, phishing dangers, scams and identity theft will rise if people do not protect themselves adequately with firewalls, virus protection, spyware scanners and the like. But, the companies products we use, such as Microsoft, must do its part to totally secure the products they make.

If they do not, phishing is a practice that will continue and identity theft will grow and become a worse problem.

Posted at 03:33 PM | Comments (2)

October 26, 2004

New Email Targets Suntrust Bank Customers in Identity Theft / Phishing Scam

The email scams continue to "phish" for identity information and bank account data. The latest targets Suntrust Bank Customers and looks like it is actually from SunTrust, although it isn't.

The phishing email claims that identity theft is on the rise and to protect yourself you must "verify" your customer information. A link to what looks like the Suntrust website is included in the email, but the website is actually phony and controlled by scam artists attempting to steal consumer information.

Suntrust has warned its customers to never click on an email to verify account information. The bank, like many, would contact customers via US Mail to communicate phishing and identity theft issues.

Posted at 04:37 PM | Comments (0)

October 21, 2004

Latest Phishing Scam Targets Citibank Customers

The latest phishing scam designed to steal bank account login information is directed at Citibank Customers. The email circulating around the Internet looks something like this:

Dear Citibank Customer,

When signing on to Citibank Online, you or somebody else have made several login attempts and reached your daily attempt limit. As an additional security measure your access to Online Banking has been limited. This Web security measure does not affect your access to phone banking or ATM banking.

Please sign on and verify your information here. You will be able to attempt signing on to Citibank Online within twenty-four hours after you verify your information. (You do not have to change your Password at this time.)

Remember to report any unsolicited attempt to access your personal financial information to you bank and the Federal Trade Commission.

The best rule of advice to avoid a phishing scam and protect yourself from identity theft is to never "verify" information from an email.

Posted at 10:56 AM | Comments (0)

October 07, 2004

Why Is Identity Theft Growing So Fast?

Why are cases of identity theft continuing to grow? The answer is simple: Identity theft, phishing scams, and other computer crimes offer high gain and low risk compared to other ways to commit criminal acts.

For identity theft, it's possible to steal someone's financial information via a computer without their knowledge. Now, let's face it, if you steal someone's car or thier pockebook, or even their valuable jewelry, they will know very quickly.

With identity theft, the first crime is taking the information and the second crime is using that information to steal money. With other types of theft, such as auto theft, the criminal doesn't have the luxury of stealing a car and then selling it again before someone realizes what has taken place.

Identity theft is actually "high gain" because the criminal that has taken someone's identity to open financial or credit account can purchase different items many times over and over. It's more bang for the buck.

Surely the future will bring us to fingerprint or retina scans to verify ourselves one day and this won't be possible. Of course, the downside is, that will be the full realization of big brother.

In the meantime, education is the answer. We must educate our friends, family, and co-workers to the dangers of phishing and teach them to never respond to requests for personal information online (or by telephone for that matter).

Posted at 07:30 PM | Comments (0)

Attempted Phishing Scam Imitating Suntrust Bank

Last night I recieved an email "claiming" to be from Suntrust Bank. The scary part about the newest phishing and identity theft scams is that they are sending out emails claiming to be your legitimate financial institution and that in order to protect you from both ID Theft and Phishing Scams, you must "verify" your customer information.

I mean, the very thing you should never do, is enter your name, social security #, bank acct #, or anything person to ANYONE who sends you an email asking you to reply either by email or by "clicking" on a link.

Many times these "links" you click on have the actual legitimate website URL "displayed" in the email, but it actually directs you to a different website (sometimes with a simialar URL) where the dummy site actually looks like the real thing.

Beware, beware! We have to be on guard about these scams. Those of us who are knowledgeable about such things should preach to our friends and family and make sure they don't fall victim to these insidious criminals!

Posted at 07:21 PM | Comments (0)

October 06, 2004

Security Bank of Georgia Warns Consumers of Phishing Scams

The Security Bank of Georgia, located in Macon, has placed a warning to consumers on its website about Email Fraud & Identity Theft. The bank warns that identity theft is one of the "fastest crimes" in the United States of America and that "phishing" or "spoofing" endagers customers by tricking them into revealing information such as bank account numbers, social security numbers, etc.

Consumers in the Macon, Warner Robins, Perry, and Gray Georgia area should be aware of this risk.

For more information visit the Security Bank consumer alert.

Posted at 07:51 PM

Federal Trade Commission Offers Advice on Phishing Scams

The Federal Trade Commission has issued a consumer alert on "how to not get hooked by a phishing scam." The FTC defines "phishing" as "a high-tech scam that uses spam or pop-up messages to deceive you into disclosing your credit card numbers, bank account information, Social Security number, passwords, or other sensitive information."

In the alert, the government agency warns citizens to be suspicious of emails or pop-up messages that look to be from a company you do business with. The types of businesses that may be impersonated by criminals looking to steal your personal information includines ISPs, banks, online banking or payment services, or even a US government agency.

The FTC warns that criminals duplicate official websites that look like the website of your bank or Internet service provider and then send out emails or pop-up ads that invite you to enter your personal information, many times for "verification" purposes.

For the complete "phishing scam" consumer alert, visit the Federal Trade Commission Website.

Posted at 07:07 PM | Comments (0)

Phishing Scams To Watch For

Phishing is the term used to describe online thieves who "fish" for information about you. Many times this is sensitive, personal information such as credit card numbers or your social security number. Phishing leads to you allowing someone to make fraudelent charges on your credit card or, worse, phishing scams lead to identity theft.

Everyone knows that you should never give out sensitive information such as social security numbers over the phone to people who call. Many times criminals will pose as a legitimate company, including one that you do business with, and ask you to "verify" crucial information such as your social security number. Unfortuniately, many people still fall for this trick on the telephone.

With computers and easy Internet access growing to become a more central element in our lives, criminals have taken to the Internet to contintue to fool people. One way to "phish" for sensitive personal information is to setup a website that looks official and send out emails asking you to go to this website and enter your information.

Many times it is a duplicate of a website that you would consider reputable and one you might even have a business relationship with, such as PAYPAL.com.

Posted at 07:07 PM | Comments (0)

Recent Entries

March 2007
Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31

Search



Sponsors

security cameras
divorce

Archives

Syndicate this site (XML)
Powered by
Movable Type 3.11