Saturday, November 11, 2006

Email Phishing Scams

Phishing scams are an ongoing internet problem that frequently targets Ebay and Paypal users.

The scam involves sending a spoof email to users in an attempt to obtain personal information. The email usually has the address of the legitimate site in the from field. (its a simple thing to change the "from" address in most email clients) Logos will appear to be from legitimate sites. (copy, cut, and paste) Often the form of the letter itself will conform to the legitimate sites email template, complete with valid header and footer links. The difference will be in the clickable link which leads to a spoof website designed to look exactly like an Ebay or Paypal login page. Once you have logged in the scammer now has your login information.

A recent variation targeting Ebay users uses a form identical to the Ebay user to user message form. Often it is an inquiry about an item at auction, etc. Clicking the link to respond takes one to a spoof Ebay login page. Is very easy to get tripped by these when you are busy answering a lot of email. A copy of any Ebay generated messages will appear in your Ebay My Messages folder. If its not there., its probably not legititmate.

The newer version of Internet Explorer as well as some toolbars will alert you if the website you go to appears to be a phishing site. But why even bother? The bottom line is the only way to absolutely avoid being a victim of a phishing scam is to never click on a link in an email. Never. Regardless of how enticing the message, always go to the website through your own browser or bookmarks.

No comments: