Please be sure to read my Scams Home Page

Spoof/Phishing Scams are also known as Fraud, ... .

The Scam

I, personally, have received MANY of this type of email, as have many friends and relatives. While some were duplicates with different names, most had different names, different places, different wording, different amounts. In ALL of them:

• Something happened to your account requiring your immediate attention.
• Links are included in the email, or you are asked to reply with the information.
• As in a lot of spam, they may actually have your name, address, email address and ISP, and it will be included in the email, suggesting they already have your information and simply need you to verify it.

NEVER, NEVER, NEVER click the link in an email from anyone like this. Not only could you be taken to a legitimate-looking page, not only could you be giving information to a scammer/phisher, but links have been known to download viruses, adware, spyware, and other dangerous programs, either screwing up/destroying data and programs on your computer, watching your keystrokes (if you buy something online, you will be giving them your credit-card information!), forcing pop-ups without end, and/or sending data from YOUR computer to the scammers' without your knowledge. (And, one of the first thing many do is attempt to "spoof" your scanners, making them LOOK like they are running when, in fact, they aren't.)

If you are worried about what the email says, log DIRECTLY into your account to check it

1. Open whatever browser you use
2. Type in the web-address of the online vendor
3. Log in as you normally would
4. Check for messages, unauthorized account activity, etc.
5. If you find anything that shouldn't be there, or otherwise wrong, contact the vendor IMMEDIATELY by phone

Most banks, credit-card companies and online vendors NO LONGER include "clickable links" in their emails. They may include their web address, or a link for you to cut-and-paste into the browser, but even then, be careful, because the scammers will do the same thing. It's safest to simply go DIRECTLY to the site and check out the claim made.

Remember that scammers will use images direct from the company's website, so rolling over them and seeing where they came from will mean little. BE AWARE that sometimes there are LINKS behind these images. DO NOT CLICK ON THEM.

To check the emails:

1. Roll your mouse pointer over (DO NOT CLICK) any link in the email.
   If the first part of the link (between the "http" and the top-level domain - ".com", ".net", etc.) is NOT the site of the business in the email, or if it's a simple ISP number ("###.###.###.###" - untranslated domain), it's most likely a spoofed link.
   BE AWARE that what is shown in the email and the actual link may be different!
2. No businesses, government agencies or financial institutions will send you an email asking you to verify your information through an email link. (Remember, they already have it.) If you receive email, snail-mail, or a phone call requesting this information, THEY should read it ALL to YOU, not the other way around.)
3. Be sure to check with the actual agency online (go directly to the site - see above), by calling the number on your bill or statement (a REAL bill/statement) or in person. Again, they should be verifying your information. If possible, have THEM read it to YOU to verify it. (Though, remember, if you made the call, they won't do this... YOU could be a scammer.)

4. BE SURE to check the "email headers". See:

   • Reading Email Headers Off Site New Window
   • Internet mail message header format, Off Site New Window

   or see

   • SpamCop Off Site New Window - Which includes instructions on how to get them for many email clients - You can simply enter/cut-and-paste them into the entry box, here, and it will give you the email addresses of the people to whom you should complain about Spam. Use this information to verify from whence the email came!)
   1. If the email DID NOT come from the agency in question, it's most-likely a scam.
   2. If the email DID NOT come to YOU (it's not YOUR email address in the TO), it was most-likely sent to a mailing list.
   3. If the FROM and/or REPLY-TO (if there is one) are different from the originating address, it's most-likely a scam.
   4. If it says ANYTHING about any of the headers being "misconfigured", it's most-likely a scam.
5. Look for errors in spelling, punctuation, grammar and spacing. REAL businesses, government agencies or financial institutions will very seldom have any. (They've been proof-read by various people - managers, legal departments, etc.) Remember, though: Just because there is one or two, doesn't mean it isn't real, though! Even news agencies screw up now and then, right?

External Spoof/Phishing Scam-Specific Links

• Anti-Phishing Working Group
• Phishing - Wikipedia, the free encyclopedia
• What is phishing? - A Word Definition From the Webopedia Computer Dictionary
• FTC - Identity Thief Goes “Phishing” for Consumers’ Credit Information
• FTC - How Not to Get Hooked by a ‘Phishing’ Scam
• Microsoft Article - Help prevent identity theft from phishing scams: What is a phishing scam?
• ComputerWorld/Security - Phishing
• OnGuard Online - Phishing
• Harvard Study  - Why Phishing Works (PDF)
• Phishing scams tutorial - Part 1
• US Treasury Department - OCC: Consumer Protection News - Internet Pirates Are Trying to Steal Your Personal Financial Information
• BBB Online - Identity Theft
• US Department of Justice - Criminal Division - SPECIAL REPORT ON “PHISHING”
• About.com - Antivirus - Phishing Scams

These are just a few of the results found in the first 30 results of a search for "phishing" in Google. There are, according to Google, 69,100,000 results, (phishing - Google Search).

Examples

Following are links to some of the numerous versions of this scam I have received, or that were sent to me to "check out". I will try to "reproduce" the actual "look" of the email in my examples.

• Amazon Phishing Examples
  • March 06, 2007 ([Notification] Security Measure)
• CHASE Phishing Examples
  • November 22, 2005 (Periodic Review/New Site)
  • November 26, 2006 (Chase Services : Chase Online Bank Account Needs To Be Updated)
• eBay Phishing Examples
  • April 15, 2007 (eBay Item Not Received Dispute Opened for Item)
• PAYPAL Phishing Examples
  • April 05, 2007 ("You have added ??? as a new email address to your account"
  • October 20, 2007 ("PayPal Security Information" ... "Please update your records within 72 hours our Account Review Team identified some unusual activity in your account, one or more attempts to log in to your PayPal account form a foreign IP address.)"
• German American Bank (Bancorp) (GABC) Examples
  • October 31, 2007 ("You"ve been selected to take part in our quick and easy survey")
  • October 31, 2007 and November 01, 2007 ("We regret to inform you that we have received numerous fraudulent emails which ask for personal account information.")
• IRS - Economic Stimulus Refund Program
  • May 13, 2008 (IRS Logo, then "Over 130 million Americans will receive refunds as part of President Bush program to jumpstart the economy. / Our records indicate that you are qualified to receive the 2008 Economic Stimulus Refund.")
• (MANY more to come)

 

Send email to Bill Sanders ()
with questions or comments about this page or site.

This site, all text and graphics (unless otherwise noted) on it
were designed, developed and published by Bill Sanders of Orange Frog Productions.
It and it's CSS was validated and complies with both the: CSS and HTML 4.01 validators from W3C.
NOTE: All CSS validates except the "New Window Buttons" which include some invalid code (ie: hacks),
added PicoSearch Tables, and warnings for using transparent backgrounds when color foregrounds defined.
Copyright © 2003, 2004, 2005, 2006, 2007 by Bill Sanders / Full site last modified: October 21, 2006
Any reproduction, printing, or selling of this content is prohibited without express written consent from William D. Sanders.