MHRIC Logo

Phisihing: Identity Theft

A few weeks ago, I received several emails from CitiBank about my CitiBank credit card. They directed me to go to a web site and re-enter all my credit card information. I probably would have just deleted it but it caught my eye because I don't have a CitiBank credit card. So I started looking into this a bit more deeply.

Add another new scam to the problems of the net: phishing.

A play on the word "fishing" as used by con artists to search for personal information they can use for identity theft scams, it's sweeping the Internet via e-mail. We all receive them, possibly daily. They arrive with official-looking graphics, pretending to be from PayPal, eBay, or Citibank, saying something is wrong with your account and that you need to click a link and re-enter your registration or account information.

People who go along with the con and enter their personal information are giving criminals critical data they can use to buy things, get cash advances and sell your credit information to other thieves. It happens every day, and people fall for this much more than you'd realize.

There's another even more outrageous e-mail con that's going on. Headlined "Important notice," it advises that your credit card is being charged $234.67 for child pornography. If, the note says, you didn't order it, enter your credit card and expiration date and they'll cancel the charge. Right. The victim goes off to the web site link, enters all their credit card information, and VOILA!! They've been phished...

These spam scams are now totally out of control. And there will be more of them. That's because law enforcement agencies charged with going after these thieves are short-staffed because the war against terror has diverted funding and resources. The sheer volume of complaints also overwhelms them. Besides, many of these crooks are based overseas in countries that don't particularly care how many Americans get ripped off.

It won't happen to me!! According to the latest research from Gartner which ended in April 2004, phishing attacks have increased dramatically in the last few months. They found that as many as 30 million adults have experienced phishing and about 1.78 million adults have possibly fallen victim to these scams.

Two agencies are charged with fighting this: the FBI's Internet Fraud Complaint Center (www1.ifccfbi.gov) and the ID theft division of the Federal Trade Commission (www.consumer.gov/idtheft).

By all means, report these fake e-mails to both agencies. But both units are so swamped that, realistically, don't expect much, if anything, to be done with your complaint.

Here are some safe links for you to read for further information on preventing Identity Theft:

  • 10 ways to stop identity theft cold: MSN Money

UPDATE! Around 92 million people in the US are thought to have received a phishing email over the past year - and a staggering 30 million have fallen for such a scam, according to a survey to be published by Gartner Research on Thursday, July 1, 2004.

UPDATE:
This morning (5/20/04) I opened my home email and look what I found:

-----Original Message-----
From: Citibank [mailto:users-billing30@citibank.com]
Sent: Wednesday, May 19, 2004 11:27 AM
To: (email address blocked out)
Subject: to users of Citibank!

CkI3toI © Graduation

Dear cIient of the Citi,

As the TechnicaI service of bank have been currentIy updating the software, we kindIy ask you to follow
the reference given below to confirm your data, otherwise your access to the system may be blocked.

(There was a clickable link to a web site here which I blocked out so no one would click on it!)

We are gratefuI for yourdcooperation.878 normally cost Gnutella 

APmemberKofXcitigroup
Copyrighto©S2004ZCiticorp

The following text was included in the email in white lettering so it would not be seen in the email:

4accept my sympathy things do happen. Harley Davidson not.. Which one? Look Smart It's nice Beatles in 1889
Outlook Express Thaksgiving Census Hotmail be careful in 1932 in 1854 rammstein Free
Did you make Good luck! in 1876 Ampland Prom Dresses

UPDATE:

SPAMMER GETS 46 MONTHS IN PRISON
A 20-year old Texas man who pleaded guilty of luring people to fake websites has been sentenced to 46 months in prison. The U.S. Justice Department said the sentence in Houston, Texas, for Zachary Keith Hill was linked to a phishing scam that used emails purported to come from AOL and the online payment service PayPal. The e-mail messages identified the sender as "billing center" or "account department" and the subject line carried warnings such as "AOL Billing Error Please Read Enclosed Email" or "Please Update Account Information Urgent!"

UPDATE:

The U.S. Senate is now considering legislation to fight "phishers" --
scam artists who use fake Web sites to dupe people into revealing their financial or other private information. The proposed law could cost phishers up to five years in jail and as much as $250,000 in fines. Typically, a scammer who goes phishing will send a message doctored to look like an official notice from sole respectable bank or online store, and will use the phony site to trick consumers into giving out their account information. Avivah Litan of Gartner Research warns: "The Internet's becoming a very dangerous place to conduct financial business unless you're willing to scrutinize your activities very closely." (Washington Post 12 Jul 2004)

For more information or help, contact your local Help Desk.
Print this Page

 

These pages ©1996-2006 Mid-Hudson Regional Information Center.
All rights reserved.
Webmaster, webmaster@mhric.org