From the Kenosha News on 12-3-06

Scams and phishing attempts are on the rise

Despite attempts at filtering out spam, I am receiving increasing numbers of e-mails containing scams and phishing attempts. “Phishing” is an attempt to steal your identity or other valuable information by getting you to e-mail it or enter it in an on-line form.

Most recent scams have come from senders who represented themselves as Sears and MySpace. In the past, I have gotten them from senders saying they were from PayPal, Citibank, Chase, Johnson Bank, Ebay, Dell, and even the IRS. Even though these phishing e-mails get increasingly sophisticated, there are still ways to tell they are scams:

  1. If you get a message from a company you don’t normally do business with (e.g. you don’t have an Ebay account), then it’s definitely a scam. Most phishers send out their scams based on who they think most people do business with, but they generally don’t know who the real customers are.
  2. Float your mouse over the link they want you to click on. If it were legitimate, it would point to an address that corresponded to the sender’s address. For example, if the message were really from Citibank.com, then any link in the message would be to www.citibank.com. When you float over the link, the REAL address will show in the lower left of your browser window. If it doesn’t match, then the link goes to someone else’s server, and they collect your private data – like your login and password or a credit card number. In most scam cases, the link goes to an IP number rather than a site name, like 222.36.45.10. In some cases, the address might match, but the link connects to a .php or .asp file, which is a script that could potentially contain a virus or be otherwise dangerous.
  3. Show the “complete headers” of the message. There’s usually a button or icon in your e-mail program for this. Headers show the technical information about where the message is really from. While the message might say it’s from refund@irs.gov, the full headers reveal the return path as root@host115.ipowerweb.com – a dead give-away this is a scam.
  4. Use common sense. Reputable businesses will NOT send you an e-mail with a link in it. Instead, they would recommend that you go to their real web site (whose address you would already know if you are a real customer) and login there to check for problems.

Many of these same techniques can help you recognize e-mails with virus attachments. Reputable companies will also not send you attachments – especially not .zip or .vbs attachments – unless you have specifically requested information from them.

Another common practice of spammers is to put one e-mail address in the To: field and dozens of addresses in the Bcc: (blind carbon copy) field. If you get a message that looks like it was addressed to someone else, it is because your address is in the Bcc: field in the header. This is not dangerous alone, and it doesn’t indicate that there’s something wrong with your e-mail, but it is a sign of a phishing attempt or just plain spam.

The best thing to do with any of these messages you identify as scams is to delete them and flag them as spam in your e-mail system.

By Carol Sabbar from the Kenosha News on 12-3-06