Wednesday, May 20, 2020

FBI Warning Regarding Phishing, Spoofing and ID Theft

The FBI,  the  Federal Trade Commission (FTC), and Internet service provider Earthlink have jointly issued a warning on how the growing ranks of Internet crooks are using new tricks called phishing and spoofing to steal your identity. In an FBI press release, Assistant Director of the agencys Cyber Division, Jana Monroe says, Bogus e-mails that try to trick customers into giving out personal information are the hottest, and most troubling, new scam on the Internet. The FBIs Internet Fraud Complaint Center (IFCC) has seen a steady increase in complaints that involve some form of unsolicited e-mail directing consumers to a phony Customer Service type of web site. Assistant Director Monroe said that the scam is contributing to a rise in identity theft, credit card fraud, and other Internet frauds. How to Recognize Attack Email Spoofing, or phishing, frauds attempt to make Internet users believe that they are receiving e-mail from a specific, trusted source, or that they are securely connected to a trusted web site when that is not the case. Spoofing is generally used as a means to convince individuals to provide personal or financial information that enables the perpetrators to commit credit card/bank fraud or other forms of identity theft. In E-mail spoofing the header of an e-mail appears to have originated from someone or somewhere other than the actual source. Spam distributors and criminals often use spoofing in an attempt to get recipients to open and possibly even respond to their solicitations. IP Spoofing is a technique used to gain unauthorized access to computers, whereby the intruder sends a message to a computer with an IP address indicating that the message is coming from a trusted source. Link alteration involves altering the return address in a web page sent to a consumer to make it go to the hackers site rather than the legitimate site. This is accomplished by adding the hackers address before the actual address in any e-mail, or page that has a request going back to the original site. If an individual unsuspectingly receives a spoofed e-mail requesting him/her to click here to update their account information, and then are redirected to a site that looks exactly like their Internet Service Provider, or a commercial site like ​eBay or PayPal, there is an increasing chance that the individual will follow through in submitting their personal and/or credit information. FBI Offers Tips on How to Protect Yourself If you encounter an unsolicited e-mail that asks you, either directly, or through a web site, for personal financial or identity information, such as Social Security number, passwords, or other identifiers, exercise extreme caution.If you need to update your information online, use the normal process youve used before, or open a new browser window and type in the website address of the legitimate companys account maintenance page.If a website address is unfamiliar, its probably not real. Only use the address that you have used before, or start at your normal homepage.Always report fraudulent or suspicious e-mail to your internet service provider.Most companies require you to log in to a secure site. Look for the lock at the bottom of your browser and https in front of the website address.Take note of the header address on the web site. Most legitimate sites will have a relatively short internet address that usually depicts the business name followed by .com, or possibly .org. Spoof s ites are more likely to have an excessively long strong of characters in the header, with the legitimate business name somewhere in the string, or possibly not at all.If you have any doubts about an e-mail or website, contact the legitimate company directly. Make a copy of the questionable web sites URL address, send it to the legitimate business and ask if the request is legitimate.If youve been victimized, you should contact your local police or sheriffs department, and file a complaint with the FBIs Internet Fraud Complaint Center..

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.