Credit Card Scams - How to Prevent Becoming a Victim of Phishing

By: Steve J Nickson

A phishing scam is the process of attempting to get
sensitive information such as credit card details,
usernames, passwords and social security numbers by
pretending to be a trustworthy organisation.

Phishing e-mail messages can take a number of forms. They
might appear to come from your online bank or financial
institution, auction sites such as eBay, online payment
processors such as PayPal, a company you regularly do
business with, or from your social networking site such as
YouTube, Facebook or MySpace.

Phishing scams are usually carried out by email or instant
messaging, and direct you to a fake website where you enter
personal details. The fake website will look similar or
identical to the legitimate website.

In order to trick you into revealing your personal details,
the message might include phrases like "confirm billing
information" or "verify your account" or "update your credit
card information" or "If you don't respond within 48 hours
your account will be closed".

These are examples of messages you may receive: "We suspect
an unauthorized transaction on your account. To ensure that
your account is not compromised, please click the link
below and confirm your identity." "During our regular
verification of accounts, we couldn't verify your
information. Please click here to update and verify your
information." The messages convey a sense of urgency so
that you will respond immediately without thinking.

The message might even claim that your quick response is
required because your account has been compromised. The
messages direct you to a website that looks just like a
legitimate organization's site, however it's a fake site
whose sole purpose is to trick you into giving your
personal information so the operators can steal your
identity and run up bills or commit crimes in your name.

Social networking sites are now a prime target of phishing,
since the personal details in such sites can be used in
identity theft. Experiments show a success rate of over 70%
for phishing attacks on social networks.

A phishing scam that is very targeted is called spear
phishing. Some recent phishing attacks have been directed
specifically at senior executives within businesses, and
the term whaling has been coined for these kinds of

This type of credit card scam may result in denial of
access to email, loss of credit, lost access to accounts,
or severe financial loss.

If phishers can gain access to username and passwords, they
can lock you out of your accounts, and drain accounts of
any money and also run up debt. If phishers can obtain your
name, date of birth and an address [some of which can be
obtained from public records] they can open bank accounts,
business accounts and credit cards with which to commit

In 2007 phishing attacks in the United States involved 3.6
million adults who lost US $ 3.2 billion in the 12 months
ending in August 2007.

How to Avoid a Phishing Scam.

Be suspicious of any emails with urgent requests for
personal or financial information, especially if they have
exciting or upsetting information designed to get you to
respond urgently.

Don't reply to email or pop-up messages that ask for
personal or financial information, and don't lick on links
in the message. Don't cut and paste a link from the message
into your Web browser because phishers can make links look
like they go one place, but that actually send you to a
different site.

Always ensure that you are using a secure website when
submitting credit card or other sensitive information via
your web browser.

Phishers are now able to forge both the https:// that you
normally see when you are on a secure Web server and also a
legitimate looking address. Make sure you enter the address
of any banking, shopping, or financial transaction website
yourself and don't use displayed links.

Phishers can also forge the yellow lock you would normally
see near the bottom of your screen on a secure site. The
lock used to be an indicator of a 'safe' site. When the
lock is double-clicked, it displays the security
certificate for the site. If you get any warnings that the
address of the site you have displayed does not match the
certificate, don't proceed.

Some phishers send an email that appears to be from a
legitimate business and ask you to call a phone number to
update your account or access a "refund."

Because they use Voice over Internet Protocol technology,
the area code you call does not reflect where the phishers
really are. If you need to reach an organization you do
business with, call the number on your financial statements
or on the back of your credit card.

Use anti-virus and anti-spyware software, as well as a
firewall, and update them all regularly.

Review credit card and bank account statements as soon as
you receive them so you can check for unauthorized charges.

The main thing phishing e-mail messages have in common is
that they ask for personal data, or direct you to Web sites
or phone numbers to call where they ask you to provide
personal data.

Article Directory:

| More

Steve Nickson makes it easy to avoid being scammed. Find out how scams work, how to recognize them, and the steps to take to avoid becoming a victim by visiting Watch for Scams

Please Rate this Article


Not yet Rated

Click the XML Icon Above to Receive Security Articles Articles Via RSS!

Powered by Article Dashboard