Knowledge by EOgroup.net - August 2006 Newsletter Issue: Saving Makes Cents: 10-Ways to save big! | Identity Theft: Two ways to protect yourself on the Internet | Let's go Phishing! Fake emails from "legitimate" companies | Serenity Now: How to keep your cool in high pressure situations at work

Spam & scams

Let's go Phishing! Fake emails from "legitimate" companies
by Luis Eguiluz

Phishing is a hacker's favorite past time and no, I am not misspelling the word fishing. So what is Phishing? According to webopedia.com, phishing is "the act of sending an e-mail to a user, falsely claiming to be an established, legitimate enterprise." Why would anyone do this? Because it's "... an attempt to scam the user into surrendering private information that will be used for identity theft."

What does this mean? It means that sooner or later you are going to get an email from a company that you trust and, probably, are doing business with. Whether its your bank, your mutual fund, PayPal, Microsoft, Dell, etc., the email is going to tell you that due to certain new security features or because of their new policies you need to confirm your account number, credit card number and/or social security number. They may even request that you login, which means revealing your password to validate your account. Some even go to the extent of writing that if you do not do this, your account will be closed or cancelled. So what are you supposed to do?

First of all, do not panic. Panic makes you over-react and sometimes take action without thinking. Second, if you feel the email is legitimate DO NOT click on any of the links provided in the email, instead call up the company and ask about the legitimacy of the email and its meaning. Most of the time they will tell you that the email is a fake (a phishing scam).

What if it's after-hours and you can't reach a live person? Still DO NOT click on the link(s) provided in the email, wait until the next business day to get a live person. It's better to wait a day or two, then spend days or weeks trying to re-establish your credit because your identity was stolen.

A real-world example of Phishing
Just to show you how tricky spammers and hackers can be when Phishing, below are two examples of emails I got from "PayPal."

The first email was the real thing, while the second one was sent by a spammer trying to get my PayPal login name and password.

To see how real these fake emails appear, click on the images below:

Notice how real the fake emails look. If I didn't know better, I would have clicked on the link and within a couple of minutes a spammer would have had my PayPal login name and password to do as he\she wished.

Real companies WILL NEVER ask you for your password, credit card, social security or other personal information via email.

As I was writing this article, a client of ours called to ask me what she should do about a PayPal email she just got regarding her account being closed. My answer was "delete it" and call PayPal. So phishing does happen, more often then you think.

Remember: always call the company that "supposedly" sent you the email asking for your personal information or to log into your account. My motto: "When in doubt, DON'T DO IT"

www.eogroup.net

In this Issue

Pg 1. Back to cover

Pg 2. Saving Makes Cents:
10-Ways to save big! (featured story)

Pg 3. Identity Theft:
Two ways to protect yourself on the Internet

Pg 4. Let's go Phishing!
Fake emails from "legitimate" companies

Pg 5. Serenity Now:
How to keep your cool in high pressure situations at work

more newsletter

EO Services

Contact EO

Take advantage of our free consultation. Contact EO today!

866.913.7099
Request a Consultation

433 Maple Ave., 1st Floor
Westbury, NY 11590
(by appointment only)