Credit & Money Management
When the FBI Isn't Really the FBI
Fake e-mails and look-alike Web sites lure you into divulging personal financial information.
From Kiplinger's Personal Finance magazine, December 2003
Advertisement
Howard Schmidt is co-founder of the Coalition on Online Identity Theft, which includes companies such as Amazon, eBay and Visa. He was formerly the White House special adviser for cyberspace security and also served as chief security officer for Microsoft.
Just what is the "phisher" scam? Identity thieves are sending e-mails from phony Web sites fishing for financial information from customers of banks and online retailers. The sites look authentic, often re-creating the company's logo. There was even an FBI spoof site. People were getting e-mails telling them about this type of fraud and directing them to the fake FBI site to see if their account had been compromised.
So how can you spot the frauds? Most legitimate online companies will never ask you for personal financial information. That's a clear red flag. If you get a message indicating that your credit card has expired and needs to be updated before a transaction can be completed, don't link to the site embedded in the message. Manually type in the retailer's Web address so you'll know you're at a legitimate site.
What if you realize after the fact that you've been taken in? Notify your local police department. Most local departments have computer crime investigators. You could also contact the Internet Fraud Complaint Center at www.ifccfbi.gov. And notify the online company you're doing business with, as well as the bank or credit card issuer.
What's being done to stop such fraud? A number of companies are running public service announcements on TV and other media. Some, such as eBay and PayPal, set up special areas on their Web sites to educate consumers. Members of our coalition are also creating ways for users to know that e-mail is coming from a legitimate source. Some of this technology will be in place before the holidays.