By Tracy Kitten, Managing Editor, Bank Info Security
There's a limit to how much a banking institution or other organization can control when it comes to preventing online fraud. My personal experience with a phishing scam illustrates why it's so important to educate consumers and businesses about how to spot suspicious requests and potential fraud.
My Phishing Story
Several weeks ago I was replying to online ads for ticket sales to the Kentucky Derby - a big event that no doubt attracts all types of scammers trying to sell cons.
I got a reply from a seller who seemed legitimate. I provided the seller my mobile number, so we could discuss the logistics of payment. He requested my eBay ID, saying I could pay for the tickets through eBay and bypass PayPal. Odd, I thought. But giving him the benefit of the doubt, I provided my eBay ID, thinking this guy just didn't really understand how PayPal and eBay work. Within five minutes, I got a confirmation for an eBay transaction texted to my phone. And a few minutes later, I received an e-mail from what appeared to be eBay. And a few minutes after that, the seller e-mailed me, asking me to give him the confirmation code that was sent to my phone.
Right then, I knew this was a scam. The e-mail was convincing, though a few details seemed sketchy, like the fact that my alleged eBay representative lived in England and that my name was misspelled. And the fact that this person asked me to provide the texted verification code was a big indicator this was a scam.
To the casual user, however, those sketchy details might not have stood out.
Knowing not to click any links, I logged in to my eBay account and checked my inbox. Nothing. I immediately called eBay, forwarded the phishy e-mail to eBay's customer service department.
Here an excerpt of the well-composed response I got from eBay:
Thanks for forwarding the suspicious email you received. The email is a spoof, also known as a "phishing," e-mail. (That's phishing, as in "fishing" for personal information.) It didn't come from eBay. Our Trust & Safety team is working to disable any websites it links to.
Copies of any e-mails we send you about the status of your account or a change in your account information will be displayed in My Messages. This is especially helpful since many spoof emails try to convince you that your account is in jeopardy.
Important - *Never* respond to a suspicious e-mail or click any links in the e-mail message. If you think you may have given out personal information in a spoof email or website, you need to take steps to protect your identity right away. ...
Keep those reports coming -- you're helping protect the global Internet community! Our Trust & Safety team works closely with Internet Service Providers to shut down fraudulent sites. We also send your reports to Web browser companies so that they can develop tools to identify spoof sites.
Why We Need More Education
Had I fallen for this scam, my first reaction as a consumer would be to blame eBay. But eBay was in no way involved. The tickets were not even advertised on eBay. Banks and credit unions face similar issues.
I don't think consumer education is the only answer, but online users have to increase their security savvy. My education about how fraud is perpetrated saved me in this case. But were I a typical user, this could have turned out badly.
This story was adapted from an article Tracy published on April 20, 2012.? To read Tracy?s full story and other articles by this reporter, visit?http://www.bankinfosecurity.com/.
Click?here for an example of an email phishing scam and what red flags to look for.
Source: http://feedproxy.google.com/~r/visa-fraud-news/~3/VZQnGp90z7E/fraud-news.jsp
whitney houston funeral live stream kevin costner whitney houston whitney houston funeral live pat buchanan slither slither chris christie
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.