[ Photo: J. Fox ]
I've been getting e-mail phishing scams for several years and thought I'd seen it all. But this week I received an e-mail that wasn't the usual "We're doing a security check and need your password" scam.
The e-mail appears to come from PayPal, a popular institution often imitated by scammers. What's unusual is that it seems to be a confirmation of a purchase, for more than $400, paid from my PayPal account. There's even a realistic-looking transaction, including the name and address of the person whom you're supposed to assume made the purchase.
I picked this up as a scam fairly quickly because I've trained myself to recognize such cons. But I suspect that a consumer fearful that their PayPal account had been incorrectly charged would hastily follow the scam's instructions to click on the “CANCEL TRANSACTION” link to sign into their account.
If that link were still active (it wasn't when I tried it), doing that would give the criminals the information they need to immediately access the account and drain its funds. (Based on our most recent State of the Net Survey, we estimate that, over the past two years, about 7 million American consumers gave such phishers personal information and that, nationally, phishers stole nearly half a billion dollars from online consumers.)
Here's how to avoid becoming a cybervictim:
- Never click on links in any e-mail, from any institution, that offers to take you directly to your savings, checking, or other financial account.
- Remember that most reputable financial institutions never send e-mails asking you to access your account. No matter how genuine such an e-mail may look, it's probably bogus.
- To report a phishing e-mail forward it to the Anti-Phishing Working Group
- For free tips on how to stay safe online, visit our Online Security Guide.
- To find the best software for protecting your computer, see our Ratings of Security Software Suites (available only to subscribers).
—Jeff Fox/em>
Previous
Post a comment
Comments: