Email Phishing Scams

Have you ever received an email asking you to confirm your PayPal account details ? Or even that you've won the lottery? The mail then asks you to go to web site and enter some details like username and password or bank account/credit card  and provides links in the email to do so.

If so you could have been the target of a "phishing" scam (pronounced fishing scam). The term is derived from fishing - as the scammers are literally fishing for confidential information.

According to the Federal Trade Commission (FTC)- Phishers send an email or pop-up message that claims to be from a business or organization that you deal with – e.g.  bank, online payment service. The message usually says that you need to “update” or “validate” your account information. It might even threaten some dire consequence if you don’t respond.

The message directs you to a Web site that looks just like the legitimate organization’s site- but it isn’t. The purpose of the bogus site is to trick you into revealing  your personal information so the scammers can steal your identity.

How to Avoid being a Victim of  an Email Phishing Scam

• Treat all email with suspicion - Everything in a email  can be forged or manipulated including the senders address.
• Never use a link in an email to get to any web page. If you must go there, type the URL directly into your browser's address bar.
• Never send personal or financial information to any one via email.
• Ensure that all of your software (operating system, virus checker, firewall )is up to date
• Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.  
• Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges.

Some Victims of  Phishing

Most of the major web sites have been the subject of these phishing scams or spoof email scams. The spoof emails are sent just like spam and to anyone whose email address is on the scammers' lists.

Major Sites include...

eBay - Paypal- Yahoo - Microsoft - AOL -   Hotmail - Barclays iBank
Citibank - Halifax - Nat West Bank - Nationwide - MSN-Lloyds TSB

Anti Phishing Software

There are a number of companies developing software to detect email phishing scams WholeSecurity has a program called Web Caller-ID which is already in use at the online auctioneer eBay. The  technology has been incorporated into the eBay toolbar with a feature called Account Guard and according to WholeSecurity detects fraud sites purporting to be connected to eBay and its Pay Pal subsidiary with 98 per cent accuracy.

Because phishing scams are also sent as spam the main providers of anti phishing software should be those providing anti-spam software. Currently Spam Inspector has anti phishing capability but many others are likely to follow.

To Report Suspicious Email to the FTC

 If you get spam that is phishing for information, forward it to spam@uce.gov. If you believe you’ve been scammed, file your complaint at www.ftc.gov, and then visit the FTC’s Identity Theft Web site at www.consumer.gov/idtheft to learn how to minimize your risk of damage from ID theft. .

More information:

The Anti phishing working group website is the best place to go for more information on phishing scams and to report suspected scams. They also have an up to date list current scams and an archive of past scams and examples.

Scambuster.org have a scam newsletter that keeps you up to date with the latest Internet scams.

Millersmiles  site has an excellent archive of past email phishing scams and some good articles on phishing .

	Web www.oeupdates.com

Related Articles and Resources:

• What is Spam, Junk Mail, Unsolicited Email ?
• phishing spam
• Outlook Express Spam control and blocking