Monday, December 17, 2007

Phishing scams piss me off - you are not smarter than me

It is one of my biggest irritants when some stupid ass nerd who has no life, and unlimited time on their hands, thinks he is smarter than me. Well, you aren't. And here is some news, I have a BIGGER MOUTH THAN YOU DO!

As some of you know, I recently changed internet providers which, in turn, caused me to have to change my email address.

And since I am online frequently, there were a number of places I needed to change my email with. So today, I changed it with Paypal. Within a few minutes I had to reverify twice, and confirm twice.

Because of the money transactions that occur at Paypal, there is alot of private and personal information stored there. Tons of scam artists (a/k/a no life nerds) spend their entire days to hack your information from Paypal website. This is all they freakin do.... because they have no life.

The most convenient way for them to do this is phishing. Well, now we put our email addresses on everything. They now ask for it when you shop, when you register to purchase something online. There are lists floating around in cyperspace with your personal email on it. I guarantee you.

That is how these con-artists get your email. And because most Americans now shop online, have visited Ebay or other online auctions, we have Paypal accounts.

Why do we have Paypal accounts? Well, because Paypal has the ability to transfer funds to a third party without releasing your personal information, and that protects you. So sure enough today, I got a phishing email that appeared at first glace to be from Paypal, but that goodness I am a super sleuth.

Back to my original point, the con sends you an email pretending to be Paypal, stating that something has occured and they suspect fraud, or you tried to log in too many times with the wrong password (none of which is true)! Then - and here is the kicker - they place a LINK IN THE EMAIL FOR YOU TO CLICK ON TO RESOLVE THE MATTER! Then, usually there is some threat of action that you don't want. 'We will close your account, your account will be terminated or suspended. Or then there is my personal fave they will report YOU as a fraud. ROFLTIPIMP!

So what happens? What is the first thing you see when you click on that link - it send you to what LOOKS LIKE the real Paypal, and then it asks your log in ! You put your email addy and your password in - bam they got ya!

But now it re-routes you to another page - it looks like Paypal! It says enter your checking information or credit card information so that we can verify who you are! You put it in! BA BAM - now they really got ya!

So now, you have given them your log in information and your credit information. They have your entire identity !

Here are my tips -

#1 - If you get your email online, you can place your cursor over the link provided in the email and down in your taskbar (lower left hand side of your screen just about the Start menu button) will appear where you are REALLY going, not the bogus address listed in the email. Remember, just because it says the correct link for paypal doesn't mean thats where you're going when you click there. Anybody can make a link say something other than where it is going.

#2 - If you get your email in Outlook, right click on the link and then select VIEW SOURCE. This should give you a NOTEPAD version of the email including html. If you scroll down to the link, it will show you in the web address it is REALLY sending you, and then it shows you in quotes "www" what they want you to see in the email, or where they want you to believe you are going.

#3 - It is best to open another browser window, and type in the web address for Paypal (or whatever other company) yourself. If you have any questions, hit the contact tab and send them an email. If they really sent you an email, there will still be a way to resolve it without you clicking on that link in the email you received.

#4 - REPORT IT! REPORT IT! REPORT IT! Dude, don't just delete it. Report it! There are laws, and imagine that some other (not so computer-savvy) person is going to actually get scammed. It can take years to get your identity, credit report, bank accounts and life back in order after someone compromises your reputation, credit history and your good name!
  1. Report it to the company involved (i.e. who are they PRETENDING to be). In my case, I forwarded the email to Paypal via spoof@paypal.com.
  2. Report it to the Internet fraud complaint center (http://www.ic3.gov/) - a division of the FBI.
  3. Report it to the US-Cert (http://www.us-cert.gov/nav/report_phishing.html) - a division of the Department of Homeland Security.

Here are some important places you can visit!

Your states Attorney General.

http://www.fightidentitytheft.com/phishing-scams.html

So, today I did report these little assholes (I am picturing freakin Wormser from Revenge of the Nerds, sitting in his nasty-stained boxers at his computer).

Here is what I received back so far...

US-CERT
US-CERT has received your report and has assigned incident number
US#****** . Use this incident number whenever referring to this report.


The United States Computer Emergency Readiness Team (US-CERT) is a
partnership between the Department of Homeland Security and the public and
private sectors. Established in 2003 to protect the nation's Internet
infrastructure, US-CERT coordinates defense against and responses to cyber
attacks across the nation.


Your report will assist US-CERT in the identification of emerging
cyber-security threats.
Thank you,
US-CERT Operations Center
888-282-0870

soc@us-cert.gov


PAYPAL
Thank you for writing to PayPal regarding the email message you received
that appeared to be from eBay.


As you may have already suspected, this email was not sent by eBay.
These emails, commonly referred to as spoofs, are sent by fraudulent
sources posing as eBay in an attempt to collect sensitive financial
information or passwords.


Please know that PayPal and eBay are committed to the security of our
sites and our members. We review every report we receive and forward all
vital information on to the appropriate authorities for further action
and tracking. We work actively and aggressively in partnership with many
agencies, ISP's, and law enforcement groups to support their
investigation of these fraudulent entities. As a public company, we rely
on the same agencies you do to pursue these fraudulent activities. You
may also wish to contact your ISP or email service provider for further
information or instructions.


Once again, thank you for alerting us to the spoofed email you received.
Your vigilance helps us ensure that PayPal and eBay remain a safe and
vibrant online marketplace.
Sincerely,
PayPal Account Review Department
PayPal, an eBay Company


Ok, I kind of feel better! I forgot to mention that I did go to (in a different browser) to the corporations website who is named in my emails notepad and left them a very nice email message letting them know that they either have crooks working for them, or they themselves are crooks. I hope they email me back, because I let them know exactly what I thought of them, their employees, and that I had already reported their company to both the FBI and the Department of Homeland Security (as listed above).

1 comment:

Anonymous said...

Ohhhh that burns me up too! I got one of those emails a few months back.....and PayPal told me that if they ever send me an email about something, they will address me personally in the email ie: by my first AND last name.

Glad you realized it was spam!