14 replies to this topic

[camay2327]

A new thing called "PHISHING" a large SCAM

This has happened to me from "PAYPAL"

Paypal themselves were not trying to get me to update my information but someone else was trying to get it posing as them.

I deleted the message and did not answer it, after calling paypal and confirming that they were not in fact sending me the message requesting an update.

Be aware folks they are trying to get our money one way or another.

I got the below from the following web site:::

http://www.ftc.gov/b...hishingalrt.htm

I also read an article in the AARP Bulletin for January 2004 which I will type in later.

Cal

--------------



How Not to Get Hooked by a 'Phishing' Scam

Internet scammers casting about for people's financial information have a new way to lure unsuspecting victims: They go "phishing."

Phishing, also called "carding," is a high-tech scam that uses spam to deceive consumers into disclosing their credit card numbers, bank account information, Social Security numbers, passwords, and other sensitive information.

According to the Federal Trade Commission (FTC), the emails pretend to be from businesses the potential victims deal with - for example, their Internet service provider (ISP), online payment service or bank. The fraudsters tell recipients that they need to "update" or "validate" their billing information to keep their accounts active, and direct them to a "look-alike" Web site of the legitimate business, further tricking consumers into thinking they are responding to a bona fide request. Unknowingly, consumers submit their financial information - not to the businesses - but the scammers, who use it to order goods and services and obtain credit.

To avoid getting caught by one of these scams, the FTC, the nation's consumer protection agency, offers this guidance:

* If you get an email that warns you, with little or no notice, that an account of yours will be shut down unless you reconfirm your billing information, do not reply or click on the link in the email.Instead, contact the company cited in the email using a telephone number or Web site address you know to be genuine.

* Avoid emailing personal and financial information. Before submitting financial information through a Web site, look for the "lock" icon on the browser's status bar. It signals that your information is secure during transmission.

* Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.

* Report suspicious activity to the FTC. Send the actual spam to uce@ftc.gov. If you believe you've been scammed, file your complaint at www.ftc.gov, and then visit the FTC's Identity Theft Web site (www.ftc.gov/idtheft) to learn how to minimize your risk of damage from identity theft.

* Visit www.ftc.gov/spam to learn other ways to avoid email scams and deal with deceptive spam. The Federal Trade Commission works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint or to get free information on consumer issues, visit www.ftc.gov or call toll-free, 1-877-FTC-HELP (1-877-382-4357); TTY: 1-866-653-4261. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure online database available to hundreds of civil andcriminal law enforcement agencies in the U.S. and abroad.

The FTC works for the consumer to prevent fraudulent, deceptive and unfair business practices in the marketplace and to provide information to help consumers spot, stop and avoid them. To file a complaint or to get free information on consumer issues, visit www.ftc.gov or call toll-free, 1-877-FTC-HELP (1-877-382-4357); TTY: 1-866-653-4261. The FTC enters Internet, telemarketing, identity theft and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.

[camay2327]

This article came from the AARP BULLETIN dated January 2004.

SCAM ALERT

Another Phish Tale

Joseph Wagner had little reason to suspect anything was wrong until he got a call about the $75 sneakers. Wagner, 52, a Chicago-area teacher, hadn’t ordered them. Yet a merchant in New York was calling him to confirm the Internet sale.

“I told him I didn’t authorize anything.” Wagner told the AARP Bulletin. “He alerted me that someone had my credit card number.

The thief, disguised as Wagner’s credit card issuer, had sent him a series of e-mails asking him to update his billing information. The messages told Wagner to go to the company’s website and resubmit his personal information—or his credit privileges would be suspended. Wagner complied.

Last year, the Federal Trade Commission (FTC) told Wagner that he was a victim of a fast spreading scam called “brand spoofing” (because the perpetrators disguise themselves as a well-known company) or “phishing” (because they fish for information).

Carried out on the Internet, these swindles are considered “a subset of identity theft,” FTC attorney Eric Wenger says, because personal information unwittingly supplied by victims is used to open new credit accounts and make purchases in their names.

Investors say the phony e-mails and the fake company websites are so cleverly designed that they are virtually impossible to distinguish from the real thing.

“The pages are filled with images from the company that’s being spoofed,” Wenger says. “If you get a message asking you for personal information, don’t click through to the website to decide if it looks real or not, because it will look legitimate.”

Last year Jacquelyn Rhodes of Napa, Calif., received what she says looked like an official e-mail from (AOL) saying that her credit card had expired and asking for information to “reactivate” the account. “it looked authentic,” she says, “so I provided that.” Later that day, when Rhodes could not access her account, she reported the fraud to AOL, her credit card company and the major credit bureaus.

Rhodes and Wagner were lucky—the scams were discovered early, before the swindlers could use their accounts.

Bottom line: Don’t respond to e-mails asking for personal information on your credit card account—call the company directly.—CAROLE FLECK

Listen to the Prime Time Focus Radio version of this story at
www.aarp.org/radio.
FOR MORE INFORMATION
Visit the Federal Trade Commission online at:
www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm
---------------------------------------------------------------------------

That’s it folks. Hope this helps someone.

Cal

[Chad Vander Veen]

Why do they always target the older people? And why on earth are old people so quick to give out information? Shouldn't people who are elderly by now be aware of these simple scams? Email has been around for 15 years. Scam artists forever. What gives?

[folsomBlondie]

Good question.

I think it's because older people are not computer and Internet savy.

[Candy Apple]

Come on now-----!! Some of us still have half a brain anyway!!!! Shame on you Blondie!!!

[Eric]

Report the PayPal emails to PayPal/eBay ...they take them seriously and are hunting down many of these scam artists... I still get 'em every so often & will report them when/if I have time. Other than that about all you can do is help spread the word. I can't believe how many people had no idea that those emails were fake...not that they fell for 'em, but they thought they looked legit.

Edited to add that PayPal will only request information or give you such a warning upon logging in. If an email looks legit, always question it, and log into your account. You'll see that there's no warning & you can confirm that your account settings are correct.

Report fraud here:
http://www.paypal.co...contact-general

[DalOwnerX3]

Maybe scammers are targeting older people because they come from a time when life was simpler. From a time when people didn't have to lock their doors when they go out to get mail or when kids could play outside. So they probably aren't as suspicious and jaded as the Gen-Xers.

They also consider things they read to be true. My mom forwards me a lot of e-mail warnings that are really urban legends.

[camay2327]

The one I received was from what was supposed to be PAYPAL, I did report to PAYPAL. I called them and actually asked them if they would send something like that. They said they would never do that.

I am almost 66 and I am computer and internet savvy. I am on the internet a lot.
These messages do look so real, they really mimic the actual web site.

I received the PAYPAL one through my yahoo.com e-mail address so I reported it to them too.

The reason I put it out here is that people do get suckered in!!!

Cal

[john]

Be aware of anything from any company that asks for you to supply information which you have already provided. The PayPal scam is a big one, one that I know they are aware of. I'm sure PayPal (and likely the FBI) are looking to find the crooks who set this up. Those of you AOL folks know that there is a big AOL scam out there too. NEVER give anyone your personal info.

Note that even if a site looks like the real thing, always be cautious, especially when it comes from an unsolicited email. Your best bet is to call them personally from the official website (not the site you are directed to in the email).

Spammers and scammers are getting more and more sneaky... when one tactic is blocked or fails, they try more new tactics. Every now and then they get lucky; this is why they do it.

[folsomBlondie]

QUOTE (Candy Apple @ Jan 6 2004, 08:52 PM)

Come on now-----!! Some of us still have half a brain anyway!!!! Shame on you Blondie!!!

Sorry Bettye - I don't mean it like that. DalOwnerX3 said it all.

[Steve Heard]

First of all, they are not only targeting older people. I don't know how they choose the addresses they are sending them to, but they are hitting the young and old. I just received one, and it is so poorly written, I can't believe ANYONE would fall for it.

Dear Citi-Bank User,

This e-mail was sentt by the Citi sevrer to veerify your e-mail
addres. You must clpmoete this poerscs by clicking on the link
below and enntering in the smmall window your Citibank ATM
Card Number and pin that you use on local Atm machine.
This is donne for your porecttion -0- because some of our memebrs no
lnegor have access to their email adesrsdes and we must verify it.

To veerify your e-mail adderss and akcess your OnlineCitibank account, klick on
the link bellow. If ntohing happens when you click on the link -o coppy
and pastte the link into the adderss bar of your web browesr.

http://www.citibank....38mUwc7PtbeP6YI

---------------------------------------------
Thank you for using OnlineCitibank!
---------------------------------------------

Even if it looks legit, remember that anyone you've given your card number to already has it, and they themselves always remind people to never reply to requests for your personal information, account numbers, or passwords.

There are enough suckers out there to keep them in business, though.

[DalOwnerX3]

It looks like the older people are more savvy than younger folks with respect to online scams.

http://cbs.marketwat.....54F90FB7F814}

The savviest Net generation?
Older Americans report the least Internet fraud

By Andrea Coombes, CBS.MarketWatch.com
Last Update: 11:41 AM ET March 23, 2004


SAN FRANCISCO (CBS.MW) -- While younger online surfers likely pride themselves on being the Internet savant generation, older Americans may be the savviest when it comes to avoiding online fraud.



Only 6 percent of Internet fraud complaints from all consumers, where age was reported, came from Americans age 60 and older, according to a Federal Trade Commission report released Tuesday.

"Fewer older Americans are victims of Internet fraud per capita than other segments of the population," said Betsy Broder, assistant director of the FTC's Bureau of Consumer Protection.

According to an AARP report last year, 16.6 million Americans aged 55 and older are online, 11 percent of all online users, and likely rising to 17 percent in 2007.

That doesn't mean, however, that older Americans don't face fraud online: Seniors reported paying $12.8 million in fraud-related payments, according to the FTC report.

Online-auction fraud is among the top problems reported by those 60 or over, with 29 percent of that age group citing such fraud, including cases where victims pay for an auction item they never receive.

About 20 percent of complaints related to offshore Internet fraud came from Americans age 60 and older. Typical cross-border schemes include prize promotions, sweepstakes, foreign money offers and advance-free loans, the FTC said.

Meanwhile, of about 200,000 identity-theft complaints that included age data, 10 percent were reported by Americans age 60 or over. While 33 percent of identity-theft victims overall experienced credit-card fraud, 44 percent of those 60 and over did.

More evidence of seniors' savvy

A separate survey released this week found that older Americans are more likely than other age groups to act more prudently when it comes to spam e-mail messages.

More than 34 percent of younger Internet users click on links in spam messages, but only 23 percent of Americans aged 65 and older did, according to an online survey of 1,000 adults conducted by market-research firm Applied Research for Symantec, the maker of antispam products.

Clicking on a link tells spammers the e-mail address is active, as well as exposes people to fraudulent schemes.

"We've seen a rise in spam that can be threatening, particularly to confidential data," said Nancy Mohler, a product manager with Symantec.

She pointed out the increasingly prevalent practice of "phishing," where spammers create messages that mimic those of a reputable bank or retailer.

"Phishing attacks are asking people to click a link and then provide information, like their Social Security number," Mohler said. "It might look like it comes from a bank. It's easy to be fooled no matter what your age."

But "seniors did show themselves to be more savvy, more cautious about responding to spam," Mohler said.

While 10 percent of Internet users overall said they open spam that has "a subject line that interests me," only 5 percent of the older Americans surveyed opened such mail.

That hesitancy to open spam serves seniors well, Mohler said. "There are risks associated with" opening messages from unknown senders, she said.

"It could be viruses. It could be a phishing attack. It could be trying to get a hold of confidential information that you don't want to give out," she said.

Perhaps because of their cautious behavior online, older Americans were also less likely to be ensnared in an e-mail fraud.

Twenty-one percent of Internet users 18- to 29-years-old and 19 percent of those aged 30 to 64 said they responded to an e-mail offer, only to find out later it was phony or fraudulent. For those 65-years-old and up, only 13 percent said they had that experience.

Andrea Coombes is a reporter for CBS.MarketWatch.com in San Francisco.

[camay2327]

Stevethedad

You are so right. They are poorly written. Anyone should be able to tell they are spam.

I have received a few and have brought them to the attention of the appropriate people.

Cal

[camay2327]

In todays SacBee 3-24-2004



You call it spam, they call it a living

By JENNIFER WOLCOTT, The Christian Science Monitor

Last Updated 9:38 a.m. PST Monday, March 22, 2004
(CSM) - It's been almost three months since the Can-Spam Act became official, yet most of us are still getting barraged with e-mail come-ons. The subject lines might be more subtle: "Check this out" instead of "Hot Babes!" for instance, but the number of spam messages hasn't dwindled.

In fact, it has increased from 58 percent of e-mails last December to 62 percent last month, despite efforts of the Federal Trade Commission (FTC) to police the law.

The big four ISPs - AOL, Microsoft, Yahoo, and Earthlink - are also going after more than 200 of this country's slimiest spammers. (It's estimated that there are about 2,000 spammers in the U.S. There are many more worldwide.)

An even more stunning statistic is this one: About 8 percent of spam recipients actually respond.

And that response rate adds up to big bucks for spammers. As Ronnie Scelson, one of this country's most active spammers puts it: "We would not be doing this if people didn't buy."

Not all unsolicited e-mail is illegal, and the promise of plenty of money spurs legitimate businesspeople to clog e-mail boxes, too. While they see their efforts as good marketing, most recipients think they're still spamming, despite the fact that the companies may follow the letter of the law.

In the field of direct marketing, it doesn't get much cheaper than spam. One needs only a credit card (to buy lists of e-mail addresses), a computer, and an Internet connection. Otherwise, it costs nothing to send bulk e-mail, even masses of it.

The typical spammer might blast out 5 million e-mails daily, selling to only a fraction of recipients. But that's enough. "A response rate of just 1/10th of 1 percent could keep a spammer afloat," says FTC staff attorney Michael Goodman.

Sending out fliers via snail mail, on the other hand, is costly. Traditional direct mailers must also wait longer for responses, and if they make a typo, they can forget about fixing it.

It didn't take long for accountant Laura Betterly to do the math. About 2-1/2 years ago, the single mother from Florida was looking for a lucrative career that would allow her to work at home and spend more time with her two sons, then ages 10 and 11. Betterly, already a savvy businesswoman, and three friends started a bulk e-mailing business - as she prefers to call it - with $15,000.

Six months later, she had earned nearly $200,000. Today, she employs 20 people, and she's mum about what she makes, but she does reveal that her company hit the $1 million mark last year. She has moved the business out of her home and into a downtown office in Clearwater, Fla. Her sons both attend private school. And she is home for dinner every night with the boys and her new husband.

But the life of a bulk e-mailer is no cakewalk these days. Betterly sends out millions of e-mails every day, yet she calls her product "spam lite" because she does "things differently from other e-mailers." In other words, she explains, she follows the specifics of the new law and refuses to promote any product that wouldn't be appropriate for her 13-year-old son.

The nature of her work is often a conversation stopper - but not always in a negative sense. "Most people imagine a guy in a trailer park smoking a cigarette and beating his wife," she says, laughing. "They are often surprised to find that I can put a sentence together."

Betterly, who was recently invited to speak at a spam forum hosted by the FTC, is a fan of the Can-Spam Act. She is all for cleaning up the industry by banning deceptive subject lines, requiring a real return address, and giving consumers a way to "opt out."

But how do recipients know if her opt-out is legitimate? Most have read that they should never click on an offer to get off the mailing list.

As former spammer Mike Hughes, says, "The worst thing you can do is open spam. It's like opening your front door to a salesman. As soon as they know your e-mail address is active, spammers will blast more."

Betterly considers spamming a matter of free speech. "It's what America was built on," she says. "Small business owners have a right to direct marketing."

Betterly thinks that when done right, bulk e-mailing can be a terrific boon to the entrepreneur.

She cites the example of a 70-year-old man who wrote a book about improving one's billiards game. He approached Betterly, she sent out millions of e-mails promoting his book, and now he supplements his Social Security income with the profits. He's also made friends with some of his customers.

"It's a win-win situation," she says, although few of those with clogged e-mail boxes would agree.

Among Betterly's other clients are a distributor of alligator meat, an owner of Texas ranch land, and a debt negotiation company (not "consolidation" - a distinction she makes clear).

Betterly is paid in various ways. She charges one fee for every 1 million e-mails she sends. That fee can range from $600 to $1,000, depending on whether the promotion is targeted to a specific location or demographic. She then charges about half that amount for each additional million e-mails sent. "It's always cheaper to just buy 10 million e-mails from the start," she says. Finally, she is paid again for the number of leads her e-mails generate.

On a typical day, Betterly's firm might send out 8 million pieces of spam for more than 10 different clients. If 100 people respond, she'll do just fine.

Betterly no longer sends bulk e-mail to anyone with a Yahoo address. Yahoo and a few other ISPs filter too well, she says, so she doesn't get much response.

Betterly might be "spam lite," as she says, but its all spam to these gatekeepers. And as long as unsolicited mail continues to clog their systems and annoy their customers, they plan to fight back.

[DalOwnerX3]

Spam and "phishing" are two entirely different things. Spam is just junk-email trying to sell you something. "phishing" is disguishing your e-mail so that people think your someone else and provides you personal information that can be exploited.