Kudos to the staff at the Federal Trade Commission’s regional office in Seattle for turning the tables on an attempted phishing scam.
Phishing e-mails appear to come from banks, online auction sites and other companies you do business with. Traditionally, the messages prompt recipients to click on a Web link where they are then asked to provide personal information – which is intercepted by identity thieves. Consumers are getting smarter, however, and most now know better.
So cons have now altered their messages to ask recipients to call a local “customer service” number instead – so they can protect you from fraud! Here’s an example:
“Dear Credit Union Customer,
We regret to inform you that we have received numerous emails which ask for personal account information. The emails contained links to fraudulent pages that looked legit. Please remember that we will never ask for personal information via email or web pages.
Because of this we are launching a new security system to make Credit Union accounts more secure and safe. To take advantage of our new consumer Identity Theft Protection Program we had to deactivate access to your card account.
To activate it please call us immediately at (360) 717-3498.”
Consumers who called were told to provide account information.
The phony e-mail also included identity theft prevention tips and a link to the FTC’s real identity theft Web site at www.ftc.gov/idtheft.
The savvy folks at the FTC contacted the phone company that operated the number and replaced the scammer’s pre-recorded message with one of their own. Now when you call, you hear a message from Jennifer Leach with the FTC’s headquarters in Washington, DC, telling you all about phishing.
FTC investigator Laureen France, here in Seattle, helped make that happen. She’s trying to shut down other phishing-based phone numbers, as well.
Thanks to new technology like VOIP (Internet-based phone service), cons can set up a local phone number but be millions of miles away. That appears to be the case with another phishing scam targeting GESA Credit Union members. An e-mail now circulating the Web tells them to call (509) 420-9401 to reactivate a credit card. Because the 509 area code is used in the Tri-Cities, some people may think they're calling a local branch. The number has been blocked and GESA’s Web site has an alert.
You can report phishing scams by sending the e-mail messages to the FTC at spam@uce.gov and to the Anti-Phishing Work Group at reportphishing@antiphishing.org. Don’t simply forward the message; that loses important information. Instead, send it as an attachment by dragging and dropping the phishing e-mail into a new message.