Phishing

Discussion in 'Computers & Website Forum' started by HOHNancy, Sep 7, 2004.

  1. HOHNancy

    HOHNancy
    Expand Collapse
    New Member

    Joined:
    Jul 4, 2004
    Messages:
    220
    Likes Received:
    0
    Have you ever been the victim of "phishing"? This is emails that spoofs banks or another company, and they send you a link to a "lookalike" company form so you can send your banking accounts, etc. These emails usually have a threat included like closing your account if you don't enter the information immediately (or the like).

    Well, today I just found a Citibank email in my email box, telling me to send my banking account info in or they will close my account. They even made the email look like it is really from Citibank, even the subject heading looked real.

    Want to know how I know it's fake? First of all, most companies do NOT ask for your personal information by email, so I know it is risky sending it through the Internet. I do not feel comfortable sending my personal accounts in a link to a fake form that is supposed to be from that company.
    Second of all, I NEVER USED CITIBANK! [​IMG] That was a red flag to me that they are trying to scam me when I never had an account there. LOL They are wasting their time with me.

    So to report this, I looked up the real Citibank website and found the email addresses to report spoof emails like the one I just had.....so I forwarded it to both email addresses, and then just deleted the email.

    Did any of you been through this? [​IMG] What did you do about them? [​IMG]
     
  2. natters

    natters
    Expand Collapse
    New Member

    Joined:
    Jul 23, 2004
    Messages:
    2,496
    Likes Received:
    0
    I get the fake Citibank emails now and then. The first time I received one was about two weeks after I Citibank credit card, but I'm naturally skeptical off ALL such emails, so I visited the REAL website (not the link provided in the email) and quickly found out that Citibank even has a warning about fraudulent emails on their main page. I reported the first email I received, I simply delete the rest.

    NEVER give out bank info via email, and NEVER click on links in bank-related emails (they spoof whole websites, not just emails), even if it looks legit. If you ever receive an email that does something like this that you think might be legit, phone the bank instead (using the number from your phone book or bank statement, NEVER use a phone number from the email), or better yet visit in person.
     
  3. superdave

    superdave
    Expand Collapse
    New Member

    Joined:
    Jun 30, 2000
    Messages:
    2,055
    Likes Received:
    0
    Citibank is the major target of this particular scam for some reason. It is not their site, and if you send info to that link, you will be in big trouble.

    Any email that asks for account information is NOT a good idea, even if it's legit, it is a very bad way for a company to operate. Especially since most people use very unsecure email. Any time you are sending credit card or bank account info, or any account username or password too for that matter via a web form for online purchases, bill paying, etc. make sure you are on the actual site you are intending to send the money to, and also that you see the little padlock symbol to indicate the the site has performed a SSL handshake with your browser, that way the info will be encrypted from your PC to the server of the company.

    Also, report any suspicious emails either to the company being spoofed, or to your ISP, or email account provider (yahoo, google, AOL, charter, comcast, etc)

    Also, get rid of outlook express. It can open infected and trojan emails without you even having to open the mail. It is not enough to update it with microsoft's latest patches, get rid of it completely. An easy alternative is thunderbird, which you can download free at www.mozilla.org
     
  4. superdave

    superdave
    Expand Collapse
    New Member

    Joined:
    Jun 30, 2000
    Messages:
    2,055
    Likes Received:
    0
    Another very clever example of this kind of social engineering to get you to open email links is the latest couple of worms.

    The email claims to be from the webmaster or postmaster of a server that usually is one you would expect to see messages from, either your corporate mail server, or your isp servers, and says your computer has been infected, please either click on a link, or open a zip file with instructions to clean it off. These are in most cases ways for them to get around your security, and make you think you need to do the instructions, when actually that will infect your system. If you get these emails, do not follow their instructions, simply update your virus definition files through your normal means, and do a windows update to get their security updates and delete the questionable emails, mark them as spam or whatever. The email addresses are usually bogus, so that won't be much help.
     

Share This Page

Loading...