Here they go again: Scammers, as usual, have wasted no time trying to profit from the crisis of the day, in this case the economic troubles that have many Americans worried about the safety of their bank accounts and investments.
A flurry of bogus “phishing” e-mails—a new twist on old (and often successful) scams to steal identity—have been sent in recent weeks, often under the false claim of updating account information in newly merged banks.
Two e-mails making the rounds aim to snag customers of JPMorgan Chase, which recently acquired the failed Washington Mutual savings bank. In one, the subject line reads, “Account review—Chase Team identified some unusual activity in your account.” In the other, it reads, “You have 1 new ALERT message.” Both tell their targets to click on a link that takes them to a phony website, where they are asked to update their bank accounts by revealing personal information, including bank account number, PIN and Social Security number.
“It never ends. These crooks just put a new top paragraph on their last phishing e-mail and send it out in bulk,” says Tom Kelley of Chase.
Another e-mail purports to be from Wachovia, recently acquired by Wells Fargo. Recipients are told to download software for its “Wachovia Security Plus” protection. But doing so releases a virus that could infect your computer and track passwords and other personal information, says Wachovia spokesman Matt Wadley.
“Scammers like to use global crises and high-profile news headlines when baiting consumers,” said Peter Horan, chief executive officer of Goodmail Systems, creator of the industry standard for secure e-mail, in a statement. He added, “In the wake of Hurricane Katrina, millions of Americans received fake e-mails claiming to be from charitable organizations soliciting donations. When the government distributed stimulus checks earlier this year, the IRS became the target.”
Although banks never send e-mails asking customers to update their account information, such bogus requests defrauded consumers of more than $3 billion last year. They are often sent by overseas scammers who are hard to trace and nearly impossible to prosecute.
Be wary, too, of incoming e-mails from online investment newsletters and offers to join online bulletin boards recommending “stock picks.” Although some are genuine, others “are tools for fraud,” according to the Securities and Exchange Commission. For SEC tips on separating the good from the bad, visit www.sec.gov/investor/pubs/cyber fraud/newsletter.htm.
If you believe that your bank, investment or credit card account has been jeopardized, contact the company directly. Don’t hit reply on the e-mail. Enter the firm’s online address yourself or call the phone number on your statement or credit card.
Your best protection always is to delete—without opening—any of these messages.
Sid Kirchheimer is the author of Scam-Proof Your Life, published by AARP Books/Sterling.