Phishing Attacks on the Rise

[Ladyzekke]

*Sigh* more crappa scams going on. Most seem pretty obvious, but wanted to post it just in case, especially the IP provider one, that could really fool you. Assholes, wish all these scammers a chopping death! Grrrr...

May 19, 2004
By Eileen Alt Powell, AP Business Writer

NEW YORK (AP)-Beware of phishermen! In one of the fastest growing scams on
the Internet, con artists are sending out millions of "urgent" e-mails
trying to get unsuspecting consumers to divulge personal information such as
their Social Security numbers or the passwords for online accounts.
Some tell consumers the federal insurance on their savings accounts will be
canceled unless they update their personal data. Others claim to be from
Internet service providers redoing their billing lists. Still others say
something has gone wrong with a credit card transaction and that additional
information is needed or the card will be canceled.

There are even links from the e-mails to Web sites that look just like
legitimate bank or credit card or online merchant sites.

But they're not.

All are examples of "phishing," and the scam artists take the information
they gather to raid consumers' bank accounts or charge thousands of dollars
of merchandise or steal their identities.

The volume of such attacks is growing rapidly, said Naftali Bennett, chief
executive of Cyota Inc., a New York-based anti-fraud firm that detected some
450 distinct phishing expeditions in March alone.

"It's the perfect crime from the fraudster's perspective," Bennett said.
"It's easy to do, you get thousands of records and the risk of getting
caught is very low."

A study released earlier this month by the research firm Gartner Inc. found
that an estimated 57 million consumers believe they may have received a
fraudulent e-mail in recent years.

It estimated that the losses that banks and credit card companies incurred
from fraud against consumers who took the phishers' bait totaled $1.2
billion last year.

There are ways for Internet users to protect themselves, and experts say it
starts with consumers being just as wary about giving out personal
information online as they would be on the phone or in person.

"The red flag should be any request for personal information, especially
from someone who says they need it right now or there will be dire
consequences," said Patricia Poss, an attorney with the Federal Trade
Commission's bureau of consumer protection.

Consumers who think they've received a phishing e-mail should not click on
any Web links contained in the e-mail and, instead, forward it to the FTC's
collection site at uce@ftc.gov.

If they've responded to such e-mails, they should contact their banks or
credit card companies immediately to try to prevent account information from
being misused, Poss said.

"Then, if you're worried about identity theft, get a copy of your credit
report and make sure nothing is going on," she added.

The reports are available from the three major credit agencies-Equifax,
Experian and TransUnion. Consumers also can file an ID theft complaint at
the FTC's site, www.consumer.gov/idtheft.

Robin Holland, a senior vice president with Equifax, said that if consumers
believe their personal information is being misused, they should ask for a
fraud alert to be put on their credit files.

"If you ask for an alert with any one of the companies, the information will
be sent to the other two," Holland said. "Then any creditor who pulls your
file won't open up any new credit without contacting you."

David Jevans, senior vice president of Tumbleweed Communications, an e-mail
security and anti-spam company in Redwood City, Calif., said the industry
has become so concerned about fraudulent e-mails that it has created the
Anti-Phishing Working Group, which he chairs. Its members include financial
institutions as well as software and Internet companies and law enforcement
agencies.

The group posts known phishing attacks on its Web site at
www.antiphishing.org and offers a variety of tips for consumers to avoid
becoming victims.

Security tips also are available on the sites of a number of the companies
victimized by phishers, including www.citibank.com along with online auction
site www.ebay.com and its online payment service, www.paypal.com.

Jevans said that to help counter increasingly sophisticated phishing
attacks, consumers should make sure their computers are protected.

"Make sure you have antivirus software and keep it up to date," he said. "A
lot of these (phishing) things are starting to drop spyware on your
computer." He added that consumers should download security patches from
Microsoft.

Jevans also suggested consumers make sure they review their billing
statements carefully and periodically check their credit reports for
irregularities.

"We're finding these guys sometimes wait four to six months before using the
information they get," he said.


Copyright 2004 Associated Press. All Rights Reserved. This material may not
be published, broadcast, rewritten or redistributed.
Copyright (c) 2004 Ziff Davis Media Inc. All Rights Reserved.

[Vaskez]

Blah, blah. All people need to do is learn one simple thing:

No financial or security agency/group will EVER ask for sensitive information by email or phone.

If people remembered that, there'd be no problems.

[Timber Loftis]

Oh, woe to Phish fans everywhere is the nomenclature at use here.

[Q'alooaith]

Quote:

Originally posted by Vaskez: Blah, blah. All people need to do is learn one simple thing: No financial or security agency/group will EVER ask for sensitive information by email or phone. If people remembered that, there'd be no problems.

It's the electronic age getting to people, so many people get their credit card detail's online and use them to buy stuff online, they pay their bill's online and all that..

So often in all that jumble people forget a second great rule.

Don't follow link's, use the link's and site's as you'd normaly, you can't be got if you don't go to their link

[Ladyzekke]

Quote:

Originally posted by Vaskez: Blah, blah. All people need to do is learn one simple thing: No financial or security agency/group will EVER ask for sensitive information by email or phone. If people remembered that, there'd be no problems.

Well as I said, most of these scams are pretty obvious, and most people should recognize them for what they are by now, but then again these scams never seem to die, so some people somewhere must be buying into it, those that don't have a lot of internet experience, and that is what keeps these scams alive, so posting this kind of thing can't hurt, the more people that knows about these things the better. No doubt, that credit card one is the most obvious LOL, I've seen a few myself, mostly they are like "we have lost your credit card number due to a major database crash, we need you to update your account, so what is that number again?: thanks!" [img]graemlins/hehe.gif[/img]

[Firestormalpha]

It's not the phishing scams that bother me. It's the people who fall for them.

[Ziroc]

If these pricks put as much time into REAL work as they do in coming up with scams, they would be rich. Sad losers is what they are, and jail is where they will be soon.

[Cloudbringer]

Amen, Ziroc! I agree a hundred percent! And as LadyZ said, the sad part is that there must be some people falling for it or they wouldn't bother.

[Paladin2000]

People are always out for easier and quicker bucks, so scams, phisings and all other cons will continue to rise no matter what. *sigh*

[JrKASperov]

Quote:

Originally posted by Ziroc: If these pricks put as much time into REAL work as they do in coming up with scams, they would be rich. Sad losers is what they are, and jail is where they will be soon.

Correction: that's where you'll HOPE they will be. [img]tongue.gif[/img]