102 total posts
(Page 1 of 4)
Phish scam attempt
I received two phish emails this month. Both, supposedly from Ebay, informing me that my account needed updating. I have no account with Ebay!!
It never made sense that a credit card company or financial institution would ask you to update highly personal (i.e. SSN's, CC numbers, etc.) via email. The only ones I have ever received were via snail mail and an 800 number, and that is very few. Whenever I get anything from one of my "vendors" asking for anything, I go to thrie website using my contact URL. I have even called a bank manger in one case. Also, I always forward the suspect email to the legitimate institution. They almost all have a fraud link on their sites.
Pass it on
I get a few phishing e-mails a day. In fact, I had one in the same batch of messages with the CNET newsletter that this question was contained in. I agree that the best way to avoid them and try to stop them is to pass the scams on to the fraud address for whatever institution they're trying to impersonate. EBay and PayPal both say in their return e-mails that they report the attempt to "the proper authorities" whoever that is. At least it sounds as if something's being done!
I have had emails from "Banks" where I have no accounts, ebay where I have no account, and from Worldnet doing a "maintenance routine". I guess that they must get enough replys to keep casting.
The question should be have you answered any phishing scams?
Receiving a phishing scam is not unusual. It happens quite often. A nice official letter from some well known "Bank" or from "e-Bay" or from "Pay-Pal" arrives almost daily.
The "phool" is the person who answers this e-mail with out making sure the letter is genuine.
I personally don't know of any legitimate company that requests any personal or confidential information thru an e-mail.
There should be one simple rule when you receive one of these phishing expeditions: THROW IT OUT.
actual victim of fraud = no
victim of getting tons of phishing emails (which wastes my day) = yes
Reply to The question should be have you answered any phishi
Don't just throw it out; report it to the supposed bank or company in question, if possible.
Just Use Common Sense
Most of the scams I receive are from places I don't have an account with. For those that I do I would open a new browser if the email appeared to be legitimate. Most places I deal with use my name in an email. It's always best to exercise caution.
And use caution
Most scam spam is anonymous, they don't know your name. However, I did receive one phishy scam spam that did have my name - but it was supposedly from a bank I'd never heard of!
I looked up the real bank website (Google is your friend!) and forwarded the scam spam to their security. They sent a confirmation, and shortly thereafter, the scam website was blocked!
Re: Have you been the victim of a phishing scam?
I have received approaches from banks I have never heard of, and from E-bay, with whom I don't have an account. They are so apparently fraudulent, that even one from a bank I know would be questioned.
OT - the other day I received two successive "alarm" messages of a similar type telling me that my email account had been frozen, and if I opened the virus attachment, I would find out what to do next.
Before the term Phishing
Shortly before the term phishing was coined, I received a phishing attempt email. I didn't fall for it for one reason. I always notice the URL and it wasn't a normal, yes it had ebay in it, but it had some other gibberish in it as well. As a test, I put in bogus information for the login and it let me through. I immediately notified ebay, because I saw it as a potential hazard. Of course, never heard a response. So to answer the poll question. No, I have never fallen for a phishing attempt.
Phishing - nearly hooked
I was asked to "update" personal information a couple of times and when asked to note where I lived, Israel was not on the list of countries. Or the list included ONLY names of states in the U. S. A.
Remembering that when I originally registered with Pay-pal and Ebay the list of countries DID include the country of my residence. I immediately shut down my computer, playing it safe hoping that my personal information was not sent out.
Now I'm careful about any requests for solicited personal information that I did not specifically intiate.
If my account is to be cancelled. I'll at least know that I was overly careful, but not sorry.
I NEVER ACCEPT E-MAIL FROM BANKS, CREDIT CARD COMPANIES, OR SALES ORGANIZATIONS. JUST DELETE ALL.ALL CONTACTS ARE INITIATED BY ME.
Have you been the victim of a phishing scam?
NEVER been a victim; never will. Absolutely NO personal financial information goes out from my computer. No on-line purchases; no on-line banking; nada.
So, if a phishing scam comes in, I know that's what it is. (And one has come in supposedly from my bank, which I immediately notified them of.)
I have gotten emails that state that, ''you have won a PS2, XBOX, etc.", that looked very, very, very real and I almost got it until the site wouldn't except nothing but bank debit cards. At least I was thinking enough to realise that that wasn't right! I now realise that nothing via emails are real! I delete ANY offers that come in that manner.
Phishing Scams - Requests don't come from legit companies
A common method is to use a large image that looks like text. If you are moving your cursor over the message and it's a hand, look out!
Legit companies don't send out requests for you to change your personal account information. Use some common sense, just delete any messages that ask you for personal information! If it's a site you do business with and are concerned, contact them directly.
e-bay and pay pal phishing
I too became suspicious when I received an e-mail from e-bay about activity on my account with a link to update my information. Luckily I remembered reading that e-bay would never ask me to update that info via e-mail and I promptly reported it and received a reply that indeed it was a fradulent e-mail. I have also received e-mails from citi card as well. To all those out there, when in doubt report it!
I never, and I mean NEVER give out credit card or any kind of personal information. That's my secret and I'm sticking to it!!
Lucky me : I was warned
By the time I got a phishing e-mail, I had already heard and learnd about the subject.
The one's I got I've send to Paypal or Ebay, they were for me obviously bad guy e-mails.
Beside of phishing e-mail I got a number of times e-mail about millions that should go out of there country. Also that subject was already known by me, so I did only a delete action of that e-mail.
From now on I'll also do what has been advised by all of those who has reacted on the question "How to recognize and avoid phishing scams".
I'll spread, after translating into dutch, it hier in the Netherlands and hope to get reactions about where in the Netherlands I can force legal action of the authorities by reporting these criminal actions.
I use Mailwasher to screen my e-mail so 99% never even gets to my inbox. Should something look real I call the company or e-mail them FROM THEIR WEB SITE and ask. Beware of Targeted Attacks that contain some personal information, like your acct #. Some Phishers are targeting people they have some info on trying to get more.
Mailwasher allows me not only to see text of an e-mail but to bounce it back so it looks like the address is no good (no I don't work for them).
I have not had a phishing problem, yet. One reson, I am very careful with email, especially not going to a web site through the email or answering any questions within the email structure.
No, the secret
1 I never respond to the messages.
2 I never go to the websites until I am ready to do business . . . just in case there a redirect in place.
3 I only use my bookmarked addresses to go to the website.
4 In case bookmarks fail, I keep addresses with coded passwords in Splash ID.
5 I use Privacy Eraser on my computer to regularly clean history and such.
6 I use Trend AntiVirus and report all suspicious emails and block senders.
I look for the secured website signs or I don't enter my information when I do business on a trusted website.
Then when a virus modifies your hosts file with a spoofed address for www.ebay.com., or www.bankamerica.com, you click on your favorite's link and think you're going where you clicked and instead you're going to a hackers website who is now capturing your login information...
Unfortunatly, there is nothing you can do about these kinds of scams...My suggestion is that you set the hosts file to read-only and log into your computer with a different username and remove that username from the modify access for that hosts file. This way, you will have *some* protection from this.
Have I been A Victim of Phishing?
Well, I am uncertain if I am a victim, but I certainly have had two seperate attacks on my MSN account. The whole thing was odd to me so I shot a quick response to MSN Help and was assured that the particular e-mails I had received were indeed phishing attacks.
What is REALLY stupid about this you ask? I dun't have a credit card and if I ever do any business over the internet, I send a postal money order, by snail mail.
I use a screening (MailWasher) so that a much is deleted from the server and never downloaded into my Eudora directory. Secondly, if it is one of the PayPal or Ebay phishing scams, I ususally send to their spoof address. Lastly, if I do not recognize the sender or the title is suspect, it goes to the great bit bucket.
I have had so many phishing e-mails from both e-bay & paypal.I actually went to the site & filled in my details the first time.But felt strange about it,I looked around on the e-bay site & learned all about phishing mail.I now send anything I think isn't for real to them at firstname.lastname@example.org & they confirm to me if is real or not.The latest I got yesterday was to enter a competition with them,once again I was sus about it,forwarded it on & yes it was more phishing.
It sems to come in many ways...Be aware to it all!!
My score was 50%
On the other hand I rated all as phished as I have no business relations with any of them. I forwarded two recent attempts similar to those shown to the spoof address of the company. If you do so be sure to send the complete address of the sending party. It may well be bogus, but some might contain some clues.
I get bogus offers similar to the spoofs as regular mail telling me I have won "computer," or some other goodie. All get the bit bucket delete.
It continues because a hit rate of one in a hundred thousand can be profitable. I suspect the "marks" are more prevalent than this ratio.
Failed phishing attempt
During the last few weeks I have been bombarded with e-mail messages supposedly coming from my ISP in sets of three per day. They purported to be about problems with my account, security violations, or threats to cancel the account. They all have the same domain (that of my ISP), however the sender sometimes is support, or administrator, etc. about six in total.
The messages require one to answer a questionnaire that comes as a zipped attachment, where sometimes Norton Antivirus detects a virus and at other times does not.
What made me initially suspicious was the fact that living in Colombia, messages from my ISP always come in Spanish, and that all these phishing e-mails were written in English. A phone call to the ISP confirmed that the messages were not from them.
Back to The CNET Lounge forum
(Page 1 of 4)