Public Service Announcement: Phishing

For the benefit of readers who may be unaware of this problem, here’s a brief announcement and description. I have recently gotten a lot of e-mail that are variations of a scam called “phishing.” You have probably gotten them too. The scam is this: The e-mail appears to be from a trusted institution (often a financial institution) and uses that institution’s logo. It directs you to click on a link to “update your information” or something similar. The link appears to be a legitimate web page; however, it is a scam site, set up by thieves, and they use the information they get to steal money from victims.

Example: I recently got an e-mail at my earthlink account, which had the return address [email protected]. (Anyone can put a fake return address in the e-mail; they mean nothing). The e-mail stated: “We were unable to process your last month’s statement, because your credit card was not approved. This may be due to an expired card being listed on the account. Please log on to our web site [LINK] to update your information. If you have any questions, please contact our billing department.” The LINK, of course, was not to the real Earthlink site, but to a copy of the site, run by the scammers.

So, don’t be scammed. And if you want more information on this scam, there are many resources; to start with, you might look at this discussion on Snopes, this web site of an anti-phishing group, or this recent blog post at Begging to Differ discussing the issue (which got me thinking about it today in the first place).