Phishing Scams

Phishing is a scam you may or may not be familiar with. We did an article on it in July of 2003, and we have been seeing some pop up in our inboxes lately. The process of phishing is actually very simple: an email is sent to you that spoofs an actual legitimate company trying to get personal information from you such as account and pin numbers. This is all done through your email with very convincing looking messages, which always have a sense of urgency to them. The email may say something to the affect that you need to reply to this or your Paypal order won’t go through, or your order for $300.00 on Ebay was successful (when you didn’t place an order). Shortly after these messages will be either fields to enter the information for your credit card number and pin or a link to an unsecure page that asks for the same sort of information in order to take care of whatever situation they attempt to fool you with.

Though there is really no way to stop from receiving one of these emails, there are some practices you can use to make sure you never fall victim to a phishing scam. Your first defense should be the knowledge that no legitimate site would ever ask for you card number and pin in an email or nonsecure web page. Another thing you can do is to hover your pointer over the hyperlink they want you to click on and look down in the left corner of your Outlook Express to see the actual URL. The URL may look something like this for example for a spoofed Paypal message which is not Paypal’s URL.


That leaves us with what to do about it. Well, don’t call the company or bank, there is nothing that they can do about it (they don’t have anything to do with it, and it is actually costing them a lot of money to deal with this problem). Some of these companies do have something on their website where you can notify somebody of the problem, but it probably won’t do much good. The best thing to do is to simply delete the message.

If you did just place an order on Ebay or with Paypal and you really think this email may be about that order, simply go to their site and check on your order status through your account page. Phishing gets about 5% of the people it emails which isn’t good, especially this time of year when people are doing a lot of online ordering and it may be easier to fool people.

There is a great resource on the web called the Anti-Phishing Working Group, which has tons of information on how to protect yourself and what the newest threats may be.

So just remember never give any personal information out through unsecured emails, or you may be in store for an unpleasant surprise.

Stay safe out there,

~ Chad

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.