The "phishing" industry is morphing their tactics as people are becoming wise to their past methods. These criminals learn quickly and are becoming more sophisticated in ways to fool you.
I just received the following message from a bank. I immediately knew that it was bogus, since I did not have an account with it... but as I read the mail, I first started to think that is was legit, just sent to me by mistake.
I then looked it over more closely... valid return address, valid contact information about the bank, no suspicious links (just plain text), a warning about the dangers of "phishing", low-key suggestion to write a letter, email or call the included phone number. I thought, "Okay, it appears legitimate," and if I was the average account holder I would probably be seriously considering calling the phone number "immediately" as directed.
After checking the bank's web site (which I located independently, never use the supplied links/addresses as they may be pointing to a fake site), the only difference I noted was that the bank's phone numbers where in XX state and the phone number provided was in Illinois. (Which did not necessary mean it was fake, as many organizations have support numbers in different locations.)
However, by this time I was certain it was bogus for reasons I don't want to publish here, so out of curiosity I dialed the number included several times in the email, so they obviously were intending to drive responses to it.
On the phone, I encountered an automatic, official sounding message that said, "Welcome To XXXXX State Bank's Account Reactivation System... to start, please have your credit card information available and press 1 when ready..."
Here is an actual text of the email and actual phone number, the only change I made was to conceal the bank, as it was in no way their fault. (I did report the incident to them.)
| -------------------------------------------------------------- Consumer Alert: Increase in Fraudulent e-mails -------------------------------------------------------------- XXXXX State Bank has confirmed that a small number of people were recently phished. "Phishing" is when a criminal replicates a legitimate web site to deceive individuals into providing personal financial, or other confidential information. An unknown number of people recently received an email that appeared to be sent from XXXXX State Bank. We currently working to shut down the phishing site, and determining the extent to which our clients may have been affected. Due to this attempts we have had to temporary suspend any future authorizations being conducted with your Credit Card. Please call us immediately at 1-309-807-0946 We will review the activity on your account with you and upon verification, we will remove any restrictions placed on your account. Please disregard this notice if you already re-activate your card. XXXXX State Bank cares about you and we want to ensure the highest level of protection for you. Sincerely, XXXXX State Bank Fraud Department You can contact us by phone, U.S. mail, or email. We look forward to hearing from you. By phone: 1-309-807-0946 Or contact Customer Care at 1-309-807-0946 By U.S. mail: XXXXX State Bank Box 1234 1234 Main St. XXXXX, XX 12345 |
Bottomline: You can never be too careful when it comes to protection against criminals gaining access to your personal information.
Click here for additional Security related articles
Copyright 2008 by Lawrence Yerkes. All Rights Reserved.
|
Home Website | NJ Property Search | Sell | Buy | Rent | Search | Relocate | Resources | Contact Me | Commercial |
Comments (15)Subscribe to CommentsComment