Thursday, September 4, 2008

The Bad Guys Are Phishing For Your Personal Information

Do you know what "phishing" is?

No, it doesn't mean you grab a pole and head to the late to catch some phish.

The official Webopedia definition of "phishing" is as follows:

The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user's information.

Phishers prey on ignorance, fear, and emotion. They also play the numbers game. The more bait they email out, the more phish they'll catch.. By spamming large groups of people, the "phisher" counts on his email being read and believed by a percentage of people who will volunteer their personal and credit card information.

The latest attempt by identity theives to steal the personal information of eBay members hit my inbox earlier this week and I have to say, this one is pretty convincing. Even this old dog did a double-take before realizing that the identity thieves were phishing for my personal information again.

The sender of this email is listed as: eBay Member - rivernick and the email subject line reads: Question from eBay Member.

The email begins: "Question from eBay Member -- Respond Now. eBay sent this message on behalf of an eBay member via My Messages. Responses sent using email will not reach the eBay member. Use the Respond Now button below to respond to this message."

Listen to me: DON'T TOUCH THAT BUTTON

Of course the email was NOT sent by an eBay member or sent via eBay's messaging system, as it appears.

The email then takes on a threatening tone.

It reads: "Question from rivernick: I'm still waiting payment for my item for about 7 days. What happened? Please mail me ASAP or I will report you to ebay."

The recipient is then prompted to respond to this rather disturbing email by clicking a "Respond Now." button.

Doing so will take you to a website designed to look like eBay where you will be prompted to login using your eBay user name and password.

Once you pass this point you will be asked to update your account information before proceeding. Unknowing souls will offer not only their eBay password, but personal and credit card information, as well, without even knowing that they are about to have their personal information stolen.

The one thing that makes this scam so effective is the threat by the supposed eBay member to "report you to eBay."

The email preys on the fear of most eBay members that they are in danger of receiving negative feedback. Many eBayers would rather you cut off a pinky than leave them negative feedback. It is this emotion that the new phishers are hoping to hook.

The phisher is betting that most people will either be horrified by the threat of being wrongly reported to eBay or they will be ticked off that some jerk is threatening them by mistake.

Either way the phisher is counting on a percentage of people to have a knee-jerk reaction and login to the fake eBay website he has set up clear matters up.

I've yet to see what percentage of people who receive these phishing emails fall for the scam, but if a phisher gets 1% of recipients to turn over their personal information, he will probably consider his phishing expedition a success.

I've warned you about these phishing scams before, but let's review it one more time.

NEVER reply directly to an email that appears to have come from eBay, Paypal, Amazon, or anyoen else asking you to click a link in the email to update your account information. If there is any doubt in your mind whether or not the email is really from eBay, for example, open a browser and type in the URL http://www.ebay.com. NEVER click a link within the email to respond.

NEVER believe that an email supposedly from another eBay member is for real. Again, do not click an email link to reply. Open a browser and go to eBay directly and log in. If the email was from a real member, there will be a record of the inquiry in your My eBay account.

You must be aware that there are bad guys out there who do nothing but spend time trying to come up with new and innovative ways to steal your information.

Be paranoid. Be aware. But don't be fooled.

The phishers will cast their line, but you do not have to take the bait.

Here's to your success,

Tim Knox, Entrepreneur, Author, Speaker, Radio Host Founder, The Insiders Club, Giving You The Power To Start Your Business Today http://www.theinsidersclub.com Bestselling Author of: "Everything I Know About Business I Learned From My Mama" http://www.timknox.com

2 comments:

Roller blinds said...

There is noticeably a bundle to know about this. I assume you made certain nice points in features also........
Pearson Airport Taxi

komal said...
This comment has been removed by the author.