Don't Get Baited by These Scams
By Michelle Singletary
Date: February 05, 2004
The world of personal finance is getting pretty dicey.
It's so tough we have to have a National Consumer Protection Week (it began Sunday and runs through Feb. 7).
And, boy, do we need protection.
Every e-mail, telephone call and piece of mail we get now has to be scrutinized for any hint of deceit designed to steal our identity.
If you fail to protect your personal financial information, you could be hooked by crooks. I'm not trying to be cute (okay, maybe a little), but one of the newest scams is called "phishing." It's so named because con artists go fishing for folks' personal financial information by pretending to be representatives of legitimate companies or government agencies.
In one version of phishing, you might get an e-mail that claims you need to supply personal information to assist in the fight against terrorism. The e-mail claims that bank regulators will suspend the federal insurance on your bank account until you verify key financial data.
In other instances, e-mails purport to come from one of several government agencies, such as the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency or the Securities Investor Protection Corporation. The Web sites to which the e-mail recipients are directed are counterfeits of official government sites.
According to the Treasury Department, consumers are asked to click on a link listed in the e-mail that will take them to the look-alike Web site. There they are instructed to update personal information, such as name, account and credit card numbers, mother's maiden name, passwords, Social Security numbers and other information.
If you want to see examples of some of these highly deceptive e-mails, go to www.anti-phishing.org and click on the link for "phishing archives." The Web site is run by the Anti-Phishing Working Group, an organization of financial service institutions and e-commerce providers. The group was created for the specific purpose of fighting phishing.
In another form of the phishing scam, someone claims to be calling from a credit card company's security department. I can see how someone might fall for this. The caller doesn't ask for your credit card number, which many people know not to give out. Instead, he asks that you read off the security code on the back of the card to verify that you have it in hand. These days, when making an online or telephone purchase, many companies ask for that security number. A crook may have your credit card number, but if he doesn't have your actual credit card, he won't have the security code.
So how can we consumers protect ourselves?
First, you have to stay in continuing consumer-education mode. You can start by going to www.consumer.gov/ncpw. That's the official site for National Consumer Protection Week. You will find a basic personal finance quiz under the "Outreach Toolkit" link. Take the quiz and see how much you know about personal finance.
You'll also find links to sites run by groups and government agencies that offer lots of consumer information.
When it comes to the latest phishing scam, follow these tips from the Federal Trade Commission and the FBI:
• Ignore e-mails that warn about fraudulent charges to your account or claim that your bank account or credit card account will be shut down unless you reconfirm certain information. Most important, do not reply or click on the link in the e-mail. If you're worried the e-mail might be legit, call the company using a telephone number listed on your account statement or bill.
• Pay attention to the Web address. Most legitimate sites will have a relatively short Internet address that usually ends with .com or .org. Phishing sites are more likely to have an excessively long line of characters in the Web address with the legitimate business name included somewhere in the string, or possibly not at all.
• Forward any suspicious e-mails to firstname.lastname@example.org. If you believe you've been scammed, file your complaint at www.ftc.gov, then visit the FTC's identity theft Web site (www.ftc.gov/idtheft) for tips on minimizing the damage from identity theft. You should also contact your local police or sheriff's department and file a complaint with the FBI's Internet Fraud Complaint Center at www.ifccfbi.gov.
It's unfortunate that we have to go through all these steps and be so untrusting.
But it's a must if you want to keep your financial data from falling into the hands of people whose criminal behavior is as disgusting as fish bait.
^macro[showdigestcomments;^uri;Don't Get Baited by These Scams]