Welcome to this edition of Adam Ginsberg's "Insiders" Newsletter. Each issue is designed to provide you with insights, tips, secrets and overall strategies on how you can build your online auctions business. I'm sure you love this issue! This week the topic is: Protect your identity by not falling victim to a phishing scam.
How Not To Get Hooked By The
Latest Phishing Scam
In a recent newsletter issue I covered Internet Scams, and how to avoid them. This issue focuses specifically on Phishing Scams directed at eBay and PayPal Sellers.
It’s a terrible feeling when I get a call or email from someone that tells me they have been a victim of a phishing scam. It’s so frustrating when that happens – and it seems to be happening more and more frequently as these phishing scams look more and more real. As an example, I was working with a student to received a phishing email that appeared to be from eBay. This unfortunately situation cost the student almost $1,000. Between that story and the email I received below, I felt compelled to get this information out to everyone as quickly as possible.
Reality Check: If everyone who used eBay and PayPal read this article and followed the information below, phishing scams would be virtually eliminated. As such, you have permission to copy this article and reprint elsewhere. The only condition is that it must be reprinted exactly as is, with no changes to links, etc.
So this newsletter is an important one. Will you learn how to make money eBay in this issue? No. You will, however learn how to avoid being a victim of identify theft and that is critical to your business success.
As a side note – Identity Theft is now the #1 crime in America. In a future article I’ll discuss what you can do if you’ve been victimized by this horrible crime.
The image below is taken directly from my Outlook mail folder. I received this message just yesterday. I hate receiving spam email - and I hate it even more when it's a bogus phishing email. I am amazed, however, at just how real these messages actually appear to be. There’s almost no way to detect, just by looking at it, that this email is a phishing email.
Let's Define Phishing:
”A method of identity theft carried out through the creation of a website that seems to represent a legitimate company. The visitors to the site, thinking they are buying something from a real business, submit their personal information to the site. The criminals then use the personal information for their own purposes, or sell the information to other criminal parties.”
First, let’s recognize that there are scams on and offline. Scams, as a way of taking advantage of people, are not knew – they’ve been around for centuries. However, what the Internet does is make it easy for unethical people to get easy access to unsuspecting victims.
The main purpose of a phishing email is to trick you into giving up your personal identifying information including bank details and account passwords. Many of you reading this newsletter article have received a phishing email similar to the one shown above. It’s so rampant these days that there are people who receive two or three of these bogus emails every day!
What should you look for if you received a suspicious email that could be a phishing email? Remember, the phishing e-mail will often look and read like it is coming directly from the real source (like eBay or PayPal). First, you should ask yourself, “why did I get this email”? In my case it was clearly part of a scam, because the PayPal account in questions isn't even an active one.
Critical Point - Don't Miss This One: A Bank, A Financial Institution, eBay, PayPal, etc. will NEVER ask you to enter your personal identifying information in an email. If you can remember that one point then you can never be scammed by a phishing email. Simply log directly into the account in question and see if there are actions that need to be addressed or resolved.
If you need proof – for your own piece of mind – that the phishing email you received is a fraud, try the following technique to satisfy your own curiosity.
Here is snapshot of the link that was shown in the email. If you right click on the link you’ll get the option to “view source”. Go ahead and do that. Now, in the source, do a “find” for the link.
Here’s another important point: when logging into secure sites, the link will be “https” and not the conventional “http”.
Take a look at the screenshot below and you can see the REAL link that the phishing email is sending you to. Not only isn’t an “https” link, but it’s not even close to a paypal link.
An interesting but rare form of phishing involves criminals purchasing a misspelled website name, for example www.payplal.com, and constructing a real-looking site designed to fool people. Only a small percentage of web users will incorrectly type the name, and less still might go on to enter their private details, but this can be enough for web bandits to make a tidy profit.
Other types of scams that involve PayPal usually involve a message about unauthorized access attempts. The sender will tell you that someone has tried to get into your account. As a result your account is in danger of being "frozen". However if you click the link in the email (You are told) you will be able to enter your password to avoid the loss of your account. Naturally, those unfortunate enough to give their log in information will have given it to strangers. This is the exact message show above.
Phishing fraud has become a major concern. According to Gartner Research, phishing fraud between mid-2004 and 2005 cost over US$2.4 billion. Phishing is big business.
Again, the good news for us is that prevention is not difficult. The popular and free Gmail service, from Google, includes a phishing filter that alerts you to most kinds of phishing e-mails. If you wouldn’t like to get a gmail account but don’t have one, send me a message to info@adamginsberg.com and I’ll send you an invitation. Gmail service is still by invitation only. Another thing you can do is find an anti-phishing attachment on Microsoft's free MSN Toolbar and also in the next version of Internet Explorer (7.0). To report an e-mail or a site that you believe is a scam, you can visit www.antiphishing.com.
Of course, technology can only help so much. The best defender against phishing scams is you. Take care when you receive e-mails and type in web addresses and remember, if in doubt: close your browser window or e-mail, and verify.
Until the next issue...
Knowing No Boundaries
Adam Ginsberg
AdamGinsberg.com
|
