|
Favorits •
Web Domain Directory •
ODP •
Annuaire FR •
Directorio ES •
Directory EN •
Diretório PT •
IT Katalog •
Czech Katalog •
Polski Katalog •
Maps •
Satellite Photos •
View Card
|
||
|
|
Security |
|
|
| ||
 |
Wells Fargo Report Phishing Scam
First off I should explain what phishing is. Phishing is basically the act of tricking a victim into divulging information. It involves the receiving of an email message with a link to a website where the victim would enter personal information. In this particular scam, you get an email from "Personal Banking: personalbanking@wellsfargo.com" stating that there may have been some unauthorized access to your account and that you should click the link and enter your account and verify some information. When you click the link you are taken to a site which looks identical to the Wells Fargo site. If you look at the HTML code of the site, you'll notice that they are almost identical. One thing about this scam which was somewhat surprising is that the message made it past my G-mail spam filter. This is slightly different to scams I have seen before in that they don't ask you to reply to this email with your account number like most others, and they don't ask for passwords or anything like that. They simply request that you log in, as you normally do, which would not raise the eyebrow of normal users. On a closer inspection of the site you will notice that the forms submit the data entered (user name and password) to some foreign script and not to Well Fargo. Most probably, the scammer is having all the usernames and passwords emailed to him. After submission of your information the site responds that your password is incorrect. Here an unsuspecting victim would assume that this was because of the supposed unauthorized access mentioned in the email. If you try to submit information a few more times, it takes you to another Wells Fargo look-alike page called "Online Banking Verification". Here they ask for SSN number, your ATM card number, the expiration date, the pin number and the CVV2# (4 digit verification). With the ATM information the scammer could max out your debit card. With all the rest of the information he has gathered it would not be at all difficult to call up Wells Fargo and basically take over your account. He could change billing addresses, get checks for you account, and simply wipe it out. How to spot scams like this Scams like these are usually easy to spot, but this one in particular was a bit tricky, however there are some basic methods you can use to spot these types of scams. First of all, check the link. Although it looks like the link is going to Wells Fargo's website, if you let the mouse hover over the link for a while and look in the status bar, you will get the real address of the link. In this case the scammer used just an IP address of his domain or machine. This, however, can be overridden on the internet (if the scammer changes the status bar) and sometimes even in your email, depending on what your security settings are. Check the address bar. In this case, the address bar reported that the website was also from the scammer's IP address. Simply put, it did not say www.wellsfargo.com. Very seldom would a scammer be able to fake this. They may, however, employ other tricks like buying a domain name with a slight spelling difference that the user might not notice or by simply loading the link in a new window and hiding the address bar altogether. Lastly, the only full proof method to avoid becoming a victim to a scam like this is to simply call in and verify the information over the phone. Please note; do not use a phone number in the email if one is given. Open up your phone book and locate the number for your firm and ask them about it. Just remember, if it looks funny and feels funny, it's probably a scam. Do not ever reply to such email messages for personal information as sensitive as account information and SSN. Below is a copy of the email message for your review and amusement. The link is active, however DO NOT ENTER ANY PERSONAL INFORMATION INTO THESE FORMS. THIS IS NOT WELLSFARO'S SITE. Kevin. A. Lloyd. From: Personal Banking < personalbanking@wellsfargo.com > Dear Member, 1. Login to your Wells Fargo Internet Banking account. In case you are not enrolled for Internet Banking, you will have to use your Social Security Number as both your Personal ID and Password and fill in all the required information, including your name and account number. 2. Review your recent account history for any unauthorized withdrawls or deposits, and check your account profile to make sure not changes have been made. If any unauthorized activity has taken p! la ce on your account, report this to Wells Fargo staff immediately. To get started, please click on the link below: https://online.wellsfargo.com/signon?LOB=CONS We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire Wells Fargo system. Thank you for your prompt attention to this matter. Sincerly, Kevin A. Lloyd: Just launched a website, http://www.DeleteMySpam.com/, dedicated to helping to eliminate the spam crisis.
MORE RESOURCES: |
|
|
|
RELATED ARTICLES
Identity Theft - Dont Blame The Internet Identity theft - also known as ID theft, identity fraud and ID fraud - describes a type of fraud where a criminal adopts someone else's identity in order to profit illegally. It is one of the fastest growing forms of fraud in many developed countries. Check Out That Privacy Policy Before you enter your name, address or any other data in that form, STOP! Wait. Don't enter anything yet. Data Security; Are Your Company Assets Really Secure? Is your data secure? Think again. Securing data is unlike any other corporate asset, and is likely the biggest challenge your company faces today. Computer-Virus Writers: A Few Bats In The Belfry? "Male. Obsessed with computers. Phishing - Learn To Identify It Phishing: (fish'ing) (n.)This is when someone sends you an email falsely claiming to be a legitimate business - like your bank or credit card company - in an attempt to scam you into giving them your personal, private information that they can use to access your accounts. Consumers: Shop Online and Get Information Safely Do you really have to know how feeds work? Not really. But you do need to understand how they can benefit you as a consumer or as an information seeker. How Did This Happen to Me? Top 10 Ways to Get Spyware or Viruses on Your Computer If you use the internet, you have probably been infected with a virus, trojan or spyware. According to the SANS Internet Storm Center, the average unprotected PC is infected within 20 minutes of normal internet usage. Is Adware - Spyware Putting Your Privacy at Risk Do you sometimes notice your computer running slower. Is your computer acting strange almost like its possessed? Well, it just may be plagued with Spyware. Phishing-Based Scams: A Couple of New Ones Phishing in its "classic" variant is relatively well-known. Actually, 43. I Spy...Something Terribly Wrong (In Your Computer) This really chapped my lips.. Internet Privacy Over the past few years as the internet has become more and more popular, privacy has become a major issue. Just as if you are walking down the street and can be watched, every click of your mouse every website you browse, or file you download, is traceable. Message Board Security Problems Security leaks can be a big problem for any site using a message board. Hackers can actually use your message board to go in and change things on your site. Dont Allow Hackers to Take Out Money from Your Bank Account If you know what is the 'Fishing' then it's very easy to understand the definition of 'Phishing'. Just replace letter 'F' from the word Fishing with 'Ph'. The Risk Of Electronic Fraud & Identity Theft Electronic Fraud and Identity Theft ----------------------------------- Human beings are pretty sensible when presented with an imminent threat or risk. That is, if it's staring us directly in the face. Its Time to Sing the Encryption Song - Again! Yes, I'm wearing my encryption hat again. Why you may ask? Well I just finished reading about the newest security hole in Microsoft's latest server product. SCAMS - Be Aware - And Report When Necessary The Internet is a vast International Network of people and businesses - and a place where people can make a fairly decent living. However, it is also a place where certain unsavory characters can freely roam - to take your dollars and run. Email Hoaxes, Urban Legends, Scams, Spams, And Other CyberJunk The trash folder in my main inbox hit 4000 today. Since I never throw anything out, I know that what's in there is courtesy of my email filter which is set to automatically delete anything that is forwarded from my work account from a certain person. SPYWARE - Whos Watching Who? I am in the midst of Oscar Wilde's The Picture of Dorian Gray. "The basis of optimism is sheer terror. Secrets On Security: A Gentle Introduction To Cryptography Let us take the example of scrambling an egg. First, crack the shell, pour the contents into a bowl and beat the contents vigorously until you achieved the needed result - well, a scrambled egg. Watching the Watchers: Detection and Removal of Spyware If spyware were a person and he set himself up in your house, you are likely going to do one of two things. You'll kick him out yourself or you'll call someone (such as the police) to do it for you.
|