• Health
• Money
• Leisure
• Make a Difference
• Family
• Online Community
• Membership

Beware of Thieves Who ÔPhish' Online to Hook Your Identity

By: Source: AARP Bulletin Today Date Posted: 2004-04-23 14:45:00-04:00

• Comment
• E-mail
• Print
• Bookmark

E-mail to a friend

Your E-mail:


Your Name:


To:

(Separate multiple addresses with commas)

Message:

(Maximum length: 1,000 characters)

CC me

Joseph Wagner had little reason to suspect anything was wrong until he got a call about the $75 sneakers. Wagner, 52, a Chicago-area teacher, hadn't ordered them. Yet a merchant in New York was calling him to confirm the Internet sale.

"I told him I didn't authorize anything," Wagner told the AARP Bulletin. "He alerted me that someone had my credit card number."

The thief, disguised as Wagner's credit card issuer, had sent him a series of e-mails asking him to update his billing information. The messages told Wagner to go to the company's website and resubmit his personal information—or his credit privileges would be suspended. Wagner complied.

Last year, the Federal Trade Commission (FTC) told Wagner that he was a victim of a fast-spreading scam called "brand spoofing" (because the perpetrators disguise themselves as a well-known company) or "phishing" (because they fish for information).

Carried out on the Internet, these swindles are considered "a subset of identity theft," FTC attorney Eric Wenger says, because personal information unwittingly supplied by victims is used to open new credit accounts and make purchases in their names.

Investigators say the phony e-mails and the fake company websites are so cleverly designed that they are virtually impossible to distinguish from the real thing.

"The pages are filled with images from the company that's being spoofed," Wenger says. "If you get a message asking you for personal information, don't click through to the website to decide if it looks real or not, because it will look legitimate."

Last year Jacquelyn Rhodes of Napa, Calif., received what she says looked like an official e-mail from America Online (AOL) saying that her credit card had expired and asking for information to "reactivate" the account. "It looked authentic," she says, "so I provided that." Later that day, when Rhodes could not access her account, she reported the fraud to AOL, her credit card company and the major credit bureaus.

Rhodes and Wagner were lucky—the scams were discovered early, before the swindlers could use their accounts.

Bottom line: Don't respond to e-mails asking for personal information on your credit card account—call the company directly.