Wednesday, February 01, 2006

I got Phished, but all is well...

Be careful out there. I avoided a very clever Phishing scam this morning. (Phishing is when someone attempts to get your personal information by sending an official-looking e-mail. It's fraud.)
This one was targeted at my Pay Pal account. The phishing note indicated that I had added an additional e-mail to my account. I had not done this, so I clicked on the link that said, "If this is incorrect, click here." Well, when I went to that link, the system demanded that I "update" my credit card information. That seemed very suspicious to me. The system looked identical to Pay Pals, except that it wouldn't let me go anywhere else on the page until I entered my credit card info. That was my tip-off. I called Pay Pal. It was a scam. I am very grateful I didn't supply my info. I went back into my real Pay Pal account, removed all my credit card info, and changed my password.

Professional institutions (banks, online businesses, etc.) should never ask for your account details (password, credit card, etc.) via e-mail. Never give out this private info via e-mail!

This scam was a little more sophisticated because it actually took me to a website that looked identical to Pay Pal's. If you are at a website that is asking for your private information and it just doesn't "feel" safe to you, trust your gut. If you have any doubt whatsoever, give the institution a call before entering your info. It's better to be safe than sorry! These phishing scams can be very convincing.

If any one else has internet safety recommendations, please share them!


Just John said...

Wow, you're certainly careful about changing your info. Don't think you're being 'targeted.' I get hundreds of emails like that (my yahoo spam filter automatically delets them). One way you can find out is scroll over the 'link' they give you and while it may read '' the hyperlink never goes to Same goes for your ebay account. And many banks (mine does) protect you against unauthorized charges.

NM Tea Lover said...

I have gotten this phishing message several times, and I almost clicked on the link when I received it because it looked real. But then I remembered that when I signed up for PayPal, they recommend I be the one to check my information. So instead of clicking the link, I went directly to my PayPal account and found nothing had changed. It's a good idea to verify separately and directly with the provider what is current, rather than relying on an e-mail message.