Phishing Scams - Anti-Phishing Information

Phishing is one of the most prevalent of all Internet scams. At any one time, a large number of major financial institutions and online entities around the world will be the target of phishing scammers. Some high profile institutions such as Citibank and PayPal are targeted almost continually. Phishing scams attempt to trick people into providing sensitive personal information such as credit card or banking details.

• How Phishing Scams Work
  
  
• How Scammers use Information Harvested from Phishing Scams
  
  
• Common Characteristics of Phishing Scam Emails
  
  
• What to do if you Receive a Suspected Phishing Scam
  
  
• What to do if you Have Already Been Tricked into Submitted Information
  
  
• How to Avoid Becoming a Victim of a Phishing Scam
  
  
• Examples of Phishing Scams
  
  
• Reporting Phishing Scams
  
  
• Help Combat Phishing Scammers
  
  
• Other Anti-Phishing Websites
  
  

Phishing scams attempt to trick people into providing sensitive personal information such as credit card or banking details. In order to carry out this trick, the phishing scammers send a fraudulent email disguised as an official request for information from the targeted company. Generally, they also create a "look-a-like" website that is designed to closely resemble the target company's official site. The fake website may appear almost identical to the official site. Style, logos, images, navigation menus and other structural components may look the same as they do on the genuine website.

Recipients of the scam email are requested to click on an included hyperlink. Clicking this link will cause the fake website to open in the user's browser. Once at this fake website, the user may be presented with a web form that requests private information such as credit card and banking details, and other account data such as a home address and phone number. Often, the visitor is requested to login using his or her username and password. All information entered into this fake website, including login details, can subsequently be collected and used at will by the criminals operating the scam.

A variation of the scam involves using an embedded form within the bogus email itself. Victims are instructed to enter details such as a password and bank account number into the form provided and return the email to the sender. Another variation attempts to trick recipients into installing a trojan on their computer, either by opening an email attachment or downloading the trojan from a website. The scammers can then use the trojan to collect information from the infected computer. The scam emails are randomly mass-mailed to many thousands of Internet users in the hope of netting just a small number of victims. The majority of people who receive these scam emails will probably not even be customers of the targeted institution. However, the scammers rely on the statistical probability that at least a few recipients will:

1. Have accounts with the targeted institution.
2. Will be unaware of such scams and believe the email to be a legitimate request.

The scam can prove to be a lucrative exercise for the scammers even if only a very small percentage of recipients ultimately become victims.





Scammers are able to use information stolen from victims in a variety of ways. They may:

• Take over the victim's account.
  After the scammers have harvested information such as passwords, user names and account numbers, they are able to directly access the victim's account. They can then transfer funds to other accounts, conduct transactions, issue cheques in the victim's name and generally manipulate the account in the same way that the legitimate owner could. They can also change the account password so that the victim is locked out of his or her account.
  
  
• Use the victim's credit card details
  If the scammers have stolen credit card details, they can then use these details to make purchases that will be charged to the victim's account.
  
  
• Steal the victim's identity.
  If the scammers have gained enough personal information from their victim, they may be able to steal his or her identity. They can then commit a variety of fraudulent and other criminal activities in the victim's name. Identity theft can have very serious and long-term repercussions. Identity theft victims can spend months or years trying to clear their name, sort out legal issues, recover from debt and repair damaged credit ratings.
  
  More information about Identity Theft

• Unsolicited requests for sensitive information
  The entire purpose of a typical phishing scam email is to get the recipient to provide personal information. If you receive any unsolicited email ostensibly from a bank or other institution that asks you to click a link and provide sensitive personal information, then you should view the message with the utmost suspicion. It is highly unlikely that a legitimate institution would request sensitive information in such a way.
  
  
• Content appears genuine
  Phishing scam emails are created to give the illusion that they have been sent by a legitimate institution. The email may arrive in HTML format and include logos, styling, contact and copyright information virtually identical to those used by the targeted institution. To further create the illusion of legitimacy, some of the secondary links in these bogus emails may lead to the institution's genuine website. However, one or more of the hyperlinks featured in the body of the email will point to the fraudulent website.
  
  
• Disguised hyperlinks and sender address
  Links in phishing scam emails are often disguised to make it appear that they lead to the genuine institution site. The sender address of the email may also be disguised in such a way that it appears to have originated from the targeted company.
  
  
• Email consists of a clickable image
  Some phishing scam emails may arrive as a clickable image file. That is, the entire email consists of an image that contains the fraudulent request for information. These are a particularly dangerous type because clicking anywhere within the email will cause the bogus website to open.
  
  
• Generic Greetings
  Because they are sent in bulk to many recipients, scam emails use generic greetings such as "Dear account holder" or "Dear [targeted institution] customer". If an institution needed to contact a customer about some aspect of his or her account, the contact email would most likely address the customer by name.
  
  
• Use various ruses to entice recipients to click
  Phishing scam emails use a variety of ruses to explain why it is necessary for recipients to provide the requested information. Often, the messages imply that urgent action on the part of the recipient is required. Some of the most common ruses are listed below. The scam emails may claim that:
  
  
  • The customer's account details need to be updated due to a software or security upgrade.
    
    
  • The customer's account may be terminated if account details are not provided within a specified time frame.
    
    
  • Suspect or fraudulent activity involving the user's account has been detected and the user must therefore provide information urgently.
    
    
  • Routine or random security procedures require that the user verify his or her account by providing the requested information.
    
    
  
  
  

• DO NOT click on any links in the scam email.
  
  
• DO NOT supply any personal information of any kind as a result of the email
  
  
• DO NOT reply to the email or attempt to contact the senders in any way.
  
  
• DO NOT supply any information on the bogus website that may appear in your browser if you have clicked a link in the email.
  
  
• DO NOT open any attachments that arrive with the email
  
  
• REPORT the phishing scam (click here for reporting methods).
  
  
• DELETE the email from your computer as soon as possible.
  
  

If you need more information about a suspected phishing scam, visit the legitimate website of the targeted institution or contact the institution directly. The institution's website may provide current information about the scam email you received.




If you have already submitted information to scammers as a result of a phishing scam, you need to contact the targeted institution for advice immediately. It is imperative that you act quickly to protect the account that has been compromised in the phishing attack.

For more comprehensive information about what to do, click the link below:


You should also take steps to protect yourself from identity theft. To learn more about identity theft, click the link below:

• If you receive any unsolicited email from a bank or other institution that asks you to click an included hyperlink and provide sensitive personal information, then you should view the message with the utmost suspicion. If you have any doubts at all about the veracity of the email, contact the institution directly to check.
  
  
• Never click on a link in an email in order to access the website of a bank or other institutions that may be the target of scammers. The safest method is to manually enter the URL of the institution's website into your browser's address bar.
  
  
• If you supply sensitive information on a website, always ensure that the site is secure. The address of the page should start with "https://" not just "http://" and the Lock icon should be displayed in the browser's status bar. If these indicators are not present, it means that the site is not secure and information you enter on the site is not protected. Fraudulent web forms related to phishing scams are often non-secure sites. Please note, however, that even an apparently secure site may be fraudulent. The fact that a site appears to be secure is not by itself a guarantee that the site is legitimate. However, legitimate sites that require users to supply personal information will always be secure.
  
  
• Use firewall, anti-virus and anti-spyware software to protect your computer system. Some phishing scam emails may carry trojans or other malware that may compromise your system.
  
  
• Ensure that your browser, system software and other applications have the latest security updates available. This will reduce the risk of scammers accessing your system via unpatched software vulnerabilities.
  
  

• Department of Finance Phishing Scam
  
• Social Security Administration Phishing Scam
  
• IRS Refund Scam Email
  
• Lloyds TSB Phisher Scam
  
• EBay Phisher Scam
  
• Question From eBay Member Phishing Scam
  
• ANZ Account Suspension Phishing Scam
  
• Smith Barney Phisher Scam
  
• MSN Phisher Scam
  
• Union Planters Bank Phisher Scam
  
• More US Bank Phisher Scams
  
• Phishing Scammers Target Citibank
  
• Virus Infection Warning Scam - Bogus Emails Point to Trojan
  
• Bank Withdrawal Notification Scam - Fraudulent Emails Point to Trojan
  
• ABA Phisher Scam
  
• E-Gold Phisher Scam
  
• FDIC Phisher Scam
  
• U.S.Bank Phisher Scam
  
• More Citibank Phisher Scams
  
• Paypal Phisher Scam
  
• Citibank Phisher Scam
  

If you have received a phishing scam, you can report it to The Anti-Phishing Working Group via the link below.


You may also be able to report phishing scams to the targeted institution. Contact the targeted institution to find out where to submit copies of the scam messages. This information is often included on the institution's website.




Generally speaking, people become victims of phishing scams simply because they do not know how such scams operate. You can help by ensuring that friends and colleagues are aware of such scams and what to do about them. You might like to point them to this web page or another resource that provides information about phishing. The power of such "word-of-mouth" education is substantial. You CAN make a difference by sharing your knowledge of phishing scams with other Internet users.

You can also help by reporting phishing scams (see above). Your submissions help to increase awareness of phishing scams and allow anti-phishing websites and targeted institutions to maintain up-to-date information about current phishing threats.

• Anti-Phishing Working Group
  
  
• Phishing - FraudWatch International
  
  

Write-up by Brett M.Christensen

---