 |
|
|
|
Contents
|
|
|
|
|
|
|
|
|
|
Phishing scams enlist local businesses
Identity theft still the objective of phishing attacks
The popularity of phishing attacks, designed to steal personal information, has caused many crooks to start to target smaller, local businesses in hopes of greater success. Beware of the e-mail from your local credit union.
Continued below
|
|
|
|
|
|
Phishing scam approaches may change, but the objective is the same - steal from you
The concept of a “phishing” attack is a fairly new one. Criminals who are intent upon stealing the personal information from people have been sending out e-mail by the millions. Each of these messages looks legitimate, and appears to come from some large financial institution - eBay, Paypal, Citibank, Wells Fargo and others. The message usually says something about a compromise of security and asks the recipient to “log in” to the company’s Website using a link in the e-mail message. But the link, the message and the site to which the link connects are all fraudulent. When the recipient connects to the site and provides personal information, the criminals steal it and use it to perpetrate identity theft crimes. These crimes may include opening credit card accounts or taking out mortgages, all in the victim’s name.
These phishing attacks have been well publicized, and the companies most often represented have installed more advanced security systems. In addition, they have made their customers more aware of the existence of these attacks and they have warned them to be wary of them. Always adaptable, the criminals have embraced a new idea - target smaller businesses.
|
|
|
|
With the new type of attacks, people may receive the same sorts of messages, but now they will appear to come from smaller, regional businesses. We live in one of the most sparsely populated areas in the United States and we recently received a phishing e-mail purporting to come from our local credit union, located less than a mile from here. By targeting these smaller businesses, phishers hope to find more vulnerable, trusting victims. They also hope that the smaller businesses that they are using in their messages will have simpler, less sophisticated security methods.
You might be suspicious receiving an e-mail message from Wells Fargo. You might be somewhat less suspicious if you receive one from the bank around the corner. The criminals hope so; they are still interested in stealing your name, Social Security number and credit card information.
It doesn’t matter who sends you the message, you should always be aware of any e-mail message that fits this description:
- Addresses you as ‘customer”, rather than by name. Your bank knows who you are. If they have a reason to send e-mail to you about your specific account, they will address you by name.
- Asks you to log in and to provide information that they should already have. Your bank will not need your credit card number or Social Security number; they already have it.
- Has misspelled words. Many of these messages are crudely written with many typographical errors.
If you are in doubt, call your bank or financial institution directly. Do not reply to an e-mail message that asks for personal information. It is much better to be safe than sorry.
|
|
