|
Credit card phishing scams are a popular way for thieves to steal your credit card information. Identity theft is big business.
Most identity theft does NOT occur on the Internet. People steal mail from mailboxes. Purses and wallets are stolen. In fact, a late November news report on CNN stated that credit card purchases on the Internet were safer than purchases in a local store.
Phishing is a scam based on numbers. If you ask enough people to give your their credit card information, some of them will. It's called phishing (fishing) because the thieves are tossing out a line with bait on it. They know that someone will take the bait.
Example One: Shortly before the Christmas buying season in 2007 I received this email:
Dear Chase valued customer,
We recently noticed one or more attempts to log in your Chase account from a foreign IP address and we have reasons to believe that your account was hijacked by a third party without your authorization. If you recently accessed your account while traveling, the log in attempts may have initiated by you.
However if you are the rightful holder of the account, click on the link below and submit, as we try to verify your account.
Log on to Chase Internet Banking http://76.187.25.131/bizpartner/chaseonline.chase.com and fill in the required informations.
This is required for us to continue to offer you a safe and risk free environment.
If you choose to ignore our request, you leave us no choice but to temporally suspend your account. We ask that you allow at least 48hrs for the case to be investigated and we strongly recommend not making any changes to your account in that time.
Please do not respond to this email as your reply will not be received.
Clues That Prove This is a Scam
- Your credit card company already has your credit card information. They will NEVER need to verify it via email.
- Log in to http:76.187.25.131. If you really have an account with Chase, you should already know that the web address is: http://www.chase.com/PFSCreditCardHome.html.
- Misspelled words: "fill in the required informations"; "you leave us no choice but to temporally suspend your account"
Don't Become a Victim:
What did I do with that email? I sent it to Chase Bank's abuse department. Chase, similar to every other bank, states on their website,
You can be assured it's not our practice to:
- Send e-mail that requires you to enter personal information directly into the e-mail
- Send e-mail threatening to close your account if you do not take the immediate action of providing personal information
- Send e-mail asking you to reply by sending personal information
- Share your name with any contacts outside our firm in a manner inconsistent with our Privacy Policy
I couldn't have said it better, so I won't.
Example Two: A few weeks earlier I received the following email.
From: Lee Strickland (jchadwick@innocentyounggirl.com)
Subject: Creative Suite Design 3 Premium
Your gloved hands covering your lips' good-bye Will sound, then the Lord's face will luminesce the old men burnish stories of Yaz and the Babe To have been claimed by what we see of what and the Splendid Splinter. For a few dreamy dollars, Rise, to the muffled chime of churchbell choir.
By what it seems to have moved toward. In any He terrifies the Vast, he seems so wild; Oh you builders, Shadows keep piling up as surfaces What is there in the depths of these walls Reshaping magnified, each risen flake I. Further Exploration of Spitsbergen By the design of our own silent eyes there's a pulpy orange-y smell from juice factories....
wonders if she'd ever be brave enough
And he is swathed in ever-petrified dread; I bring down a bit of its light And piled up at the base of the columns
The Kicker: This email had an attachment. The attachment was a photo. If I wanted to see a photo sent to me from innocentyounggirl.com, I would have to open it.
How many people do you think opened that attachment to see what it was? I didn't. Usually, those types of email attachments contain a trojan horse.
A trojan horse is a sneaky little computer program that installs itself on your computer, and you never know it happens. It did it when you opened that photo.
There are many kinds of trojan horses. Some search your computer for personal information and send that information back to the person who sent you the original email.
Another trojan horse is known as a keylogger. It logs your keystrokes as you are typing at your computer, including the keystroked you use to type in your logon and password at your online bank. And it sends that information back to the person who sent you that fraudulent email.
Steps You Should Take - Or Not Take
Never open an email attachment if you do not know who sent it. We also recommend that you consider automatic password software that prevents keyloggers from gathering information. Using the automatic password software means that you are not typing your logon and password information.
For more information about this free software, please read our article entitled, Automatic Memory for Computer Passwords. Beth and I have used this software for a long time.
Click here to return to Consumer Help Desk.
Click here to return to the top of this page. |
