The phish are jumping only too heavily in the Internet’s crowded waters, and Netizens who shop online or bank online should make themselves even more aware of fake e-mails disguised as Netizens’ ordinary services but carrying scams, identity/security solutions company GeoTrust warned in an April 8 announcement.
“[C]riminals are sending tens of thousands of phony e-mail messages a day to unsuspecting online consumers that appear authentic and have the look and feel of popular merchants, ISPs and financial institutions such as Amazon, eBay, Earthlink and Fleet Bank,” the company said. “... The individual is typically asked to update their online account information, but unbeknownst to them, they are being scammed, with criminals walking away with credit card information, social security numbers, online checking account information, home addresses and telephone numbers.”
GeoTrust’s warning came a day after the Federal Trade Commission announced they would extend to April 20 the public comment submission period regarding new regulations to be handed down under the recently-enacted and controversial CAN-SPAM law. The law requires the FTC to make regulations that define “relevant criteria” to determine the primary intent of an e-mail, but the law’s critics say the law has done little or nothing to shrink the crushing volume of spam – among which volume are an increasing number of phishing scams.
“Phishing” involves a scammer creating an e-mail message or a Web page designed to resemble exactly a known business or service provider’s Web pages, then sending it to prospective victims hoping the resemblances fool them enough to compel them to provide personal and financial information the scammers can use to injure the victims financially.
Most recently, in late March, the FTC and the Justice Department brought separate actions against a spam operation the FTC said hijacked America Online and Paypal logos to con “hundreds of consumers into providing credit card and bank account numbers,” using those logos in communications suggesting recipients’ accounts with the two companies would be canceled if they didn’t “update” such information.
GeoTrust said the top five ways to avoid hooking unwanted phish include never giving away personal information (name, passwords, credit or Social Security numbers) unless you yourself initiate correspondence with the company or service in question; find the closed lock symbol on your Web browser to know you are using a secure Website; change your passwords often and use uncommon passwords online; encrypt your e-mail when giving businesses personal information; and, read online bank statements thoroughly each month, looking out especially for transactions you didn’t authorize.
For more information on helping consumers avoid online “phishing” scams, or to arrange an interview with Neal Creighton, the president and CEO of GeoTrust, contact Bill Keeler or Courtney Pillsbury at (781) 684-0770.
