September 14, 2007, Scammers phish for accountsREG computer 1, By Charles Miller

The Computer Corner
By Charles Miller

Scammers phish for accounts

A new verb is coming into the vernacular. When internet cybercrooks go casting about for personal or financial information, they are said to go “phishing.”

Phishing refers to any high-tech scam that uses spam or pop-up messages to deceive the user into disclosing name, credit card numbers, bank account information, Social Security number, passwords, birth date or other important data.

There is a very simple way to prevent this, and please excuse me for shouting, but DON’T GIVE OUT ANY OF THE ABOVE INFORMATION.

Phishers send an email or pop-up message that claims to be from a business or organization that you deal with. For example, the message may appear to be from your internet service provider (ISP), bank, online payment service, or even a government agency. The message usually says you need to “update” your account information.

The message almost always threatens some dire consequence, such as freezing your bank account, if you fail to respond. If you are so dumb as to respond to that email, you may end up wishing your bank account had been frozen.

The messages frequently direct you to a counterfeit website that looks just like the legitimate organization’s site. The purpose of the bogus site is to trick you into divulging your personal information. The cybercrooks can then steal your identity and run up bills on your credit cards or empty out your bank accounts.

Faced with increasing volumes of fraud and mounting losses, some financial institutions have started taking a hard line with their customers. Their position is that if you, the customer, are stupid enough to give out your account number and password to a thief, then you deserve to lose your money.

If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies just do not do this, ever!

The safest approach to this growing problem is to not email personal or financial information. Email is simply not a secure method of transmitting personal information.

If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine.
If you do online shopping and initiate a transaction for which you want to provide your personal or financial information, look for indicators that the site is secure. Look for a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, even these indicators are not foolproof, as some scammers have forged these.

American citizens should report suspicious activity to the US Federal Trade Commission. If you get spam that is phishing for information, forward it to spam@uce.gov. If you believe you’ve been scammed, file your complaint at www.ftc.gov , and then visit the FTC’s Identity Theft Website at www.consumer.gov/idtheft to learn how to minimize your risk of damage from ID theft.

There is really no substitute for common sense. Your bank, broker or credit card company is never, ever going to email you asking for your account number or password. They already know that information.

Please do not let yourself become a victim. Never directly answer any of these emails requesting personal information.

Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981 and now practically a full-time resident. He may be contacted at 044-415-101-8528 or email FAQ@SMAguru.com.