November 23, 2024
Editorial

Phishing for Trouble

Phishing is the name for a new scam that threatens to fleece unwary computer users in Maine and throughout the country. Be wary and you can save yourself a lot of trouble including access by a stranger to your bank or security accounts. In the worst case, it can lead to the theft of your identity.

A recent e-mail received in this area and throughout the country appeared to come from Smith Barney, the nationwide investment bank. It bore the company’s logo, complete with the little red umbrella denoting its absorption of the Travelers company, Addressed to “Dear Smith Barney customer,” it said: “Technical services of the Smith Barney are carrying out a planned software upgrade. We earnestly ask you to visit the following link to start the procedure of confirmation of customers’ data.” The Web site produced a form asking for account numbers, usernames and passwords. The e-mail continued: “This instruction has been sent to all Smith Barney customers and is obligatory to follow.” Smith Barney has denounced the message as fraudulent. It says it would never send an e-mail asking a customer’s personal data.

Another obvious phishing e-mail, ostensibly from Washington Mutual, Inc., used almost identical language, including the threatening word “obligatory.”

A third case seemed to come from the SunTrust Bank. This one told of “a large number of identity theft attempts targeting SunTrust customers.” It said it was taking steps “to safeguard your account” and needed “your banking details (credit card information and login/password for online banking).” A final admonition said: “This process is mandatory, and if not completed within the nearest time your account or credit card may be subject to temporary suspension.”

The awkward wording of that last sentence has led authorities to suspect that the author was a foreigner, possibly a Nigerian. Nigeria has become famous as a source for all sort of financial hoaxes and scams.

Bankers and government authorities including the Federal Trade Commission and the Maine Office of the Attorney General agree that the practice is widespread and involves millions of such fraudulent messages. They agree, too, that it is difficult or impossible to identify many of the perpetrators. An industry organization, the Anti-Phishing Working Group, estimates that phishers are able to convince up to 5 percent of recipients to respond to them. An e-mail security company, Tumbleweed Communications Corp., says that reports of e-mail fraud and phishing scams are up 400 percent this holiday period. It identified 90 different fraud and phishing attacks since last summer and estimates that more than 60 million fraudulent e-mail messages had been sent in a two-week period.

The best advice is don’t respond at all. Don’t reply, and don’t click on any link included in the message. The Federal Trade Commission advises checking all credit card and bank statements promptly for any unauthorized charges. And if you want to help in the agency’s continuing investigation of such schemes, forward any message that looks like a phishing expedition to the federal agency. You might find someday that you have helped bring his high-tech pestilence to an end.


Have feedback? Want to know more? Send us ideas for follow-up stories.

comments for this post are closed

You may also like