“Spoofed” on the Internet.

[Loretta Ann]

Hi all,

I just received this from an online friend, and am passing it on.


Don’t be “spoofed” on the Internet. You very well may loose your identity like I did. It happened so quickly, so professionally, I never knew what happened until 24 hours later. You would think I would have known better, I had heard not to give out information that is too personal, had received e-mails about it. Yet I was still fooled by a familiar looking business. It was from EBay, or so I was to believe. A secure site, someone I do business with. I trusted them, felt safe with them, never had any problems with them.



Then one day I received an e-mail. ‘We have suspended your account. Please click on the link below to clear up this matter’. I panicked… what’s wrong with my account? I don’t need any problems with my account! I sell on EBay, am waiting right now for a payment on an item I have sold. I buy on EBay, I am waiting for auctions to end so I can make payment and receive my items. I must get this cleared up straight away. And so I clicked on the link below. That’s where it all began. I was quickly whisked away to EBay’s web site, or so I thought. It looked just like EBay, there is the space for my user name, so I typed it in, and there is the space for my password, very important, and so I typed that in. Up pops the registration form. Ah here we go, this is what they need, updated registration information, perhaps there was incorrect info and I just need to fill it in again, this wont take long. I filled in the boxes. Then there was some very personal questions…. SSN? Hum… well this is a secure site, this should be okay, bit strange though, but I want to get my account up and running again, so here we go, and then when everything was all filled in I hit the process button. A bar was flashing across my screen, showing that it was sending the info through. Then a white page came up, saying it was ‘unable to process my information at this time’ and to please check the following items to see if there is a problem with my system. The only problem was that I had just been “spoofed”. I had been taken. I wasn’t EBay. I was on a site that was a mirror image of EBay. Someone took painstaking time to reflect EBay to a T. I went onto EBay the next day, and went onto Live Chat. I asked the tech. person why my account was suspended. ‘Your account isn’t suspended, there’s no problem that I can see’. I asked “then why did EBay ask all those questions? Why such personal questions?”. Tech “we would never ask you those questions, please send the email to us and we will investigate it’.



Then I called a friend who knows a lot about computers and is in the security business. They confirmed that there was a problem, and that yes, my identity had been stolen. They sent me very important information. I got on the phone and started doing the items listed below. Took just about an hour on the phone, then a trip to the bank and police station. I put up as many walls around my identity as possible. I wanted the criminals to be stopped in their tracks. This lady may have been spoofed, but she wont be taken. It just goes to show; even someone who knows better can be “spoofed”. Be careful, question those you trust. Print out the page below and keep in a file somewhere, just in case you or a friend needs it someday. Please pass this email onto friends and family. Get the word and information out to the community.
Fraud Alert



What would you do if you found someone had stolen your identity?



First recover as much as you can from the “oh no” sinking feeling that has just washed over your entire body. Next get out all your credit cards and start calling. But not to cancel them. Why? Because whoever just stole your identity will just change your address and phone and request new ones. Remember they are YOU now. They can call and do all sorts of stuff to you. But did you know that you can protect yourself BEFORE anything devastating happens? There is a little secret the credit card companies are keeping from you. Why they are doing this I don’t know, because it’s the best-kept secret I have heard of in a long time. You can actually assign a secret password to your credit card. YES you can. It’s free, it’s easy, it’s private and NO ONE can do anything with your credit card over the phone with the credit card company without it. They can’t even change the password with out it. So even if someone gets all your other info they cannot call in and do any of the above mentioned.



Second is to call your bank and request a new debit card, let them know what has happened and get it canceled fast. Also walk into your bank and have new checking and savings account numbers issued, and alert them to the fact that there may be criminal activities in the future with your old account number and to put a note in your file. You will need to order new checks as well.



Third is to call the credit-reporting agency. You can call Equifax at 1-800-685-1111(www.Equifax.com) and they will alert Experian and Trans Union. They have an automated system and it’s easy to follow. You simply put a Fraud Alert (choice #4 on the menu) on your credit report. With your identity they can order a copy of your report and start credit up under all your cards. You will receive your credit report within 7 to 10 days and it will include a special 1-800 number to talk directly with a fraud representative. With this phone call you will have all three alerted and if anyone tries to start up a credit account in your name they will call you before anything can take place. Be sure to call the 800 number that comes with your credit report from them and check to make sure the fraud alert has properly gone through, the police told me that sometimes you have to check to make sure.



Fourth call the Federal Trade Commission Fraud Alert Hotline at 1-877-438-4338. Here you can request two publications from them concerning Identity Theft, what it’s about and what to do. Here they will also direct your to their web site.



And lastly walk into your local police station with any printed evidence you have (like the e-mail you were “spoofed” with and report this as well. They actually have an officer dedicated to handling Identity Theft and believe it or not, he or she is swamped with calls. I know because the officer I tried to talk to said he was so swamped that I needed to come back later. You need to do this just in case someone has a fake driver’s license made up in your name and they are pulled over the officer will be alerter to the fact. Also this will be counted toward the statistics as a crime and maybe legislation will do more to protect us.

[Wendy Seymone]

Thanks for the tip Darlene... Hopefully this same thing will not happen to anyone else.

Hugs and Kisses,
Wendy

[Curly(SO)]

Darlene, I had the exact same spoof email. I was fooled because I had actually recently got a new debit card and I knew the old one was still registered with eBay. Luckily, I got suspicious when it said enter SSN, but I had already logged in with my user name and password, so quickly changed password.
I have had spoof AOL emails, more eBay spoofs of varying quality and an eBay buyer tried to scam us with spoof Western Union emails. (They were very poorly done, the scammer should have paid more attention in his English lessons!)
It is getting quite tiresome
Thanks for the info, it is good to keep up awareness, as I had heard of these phishing emails, but was still almost taken in!

Love,
Curly(SO).

[Jaye]

What you're describing is a scam called "phishing". I get those sorts of emails all the time, but I've never received one from a company or vendor that I actually do business with. They usually have subjects like "Your Citibank Account" (ironic, as I don't have an account with Citibank).

Here's the "official" warning from the Federal Trade Commission:

http://www.ftc.gov/bcp/conline/pubs/ale ... ngalrt.htm

[Carol Ann]

Thanks Darlene for the information, I NEVER give out my SS# even for a credit card. But I did get scammed from an e-mail from microsoft saying to load the file enclose to fix a patch in my software. Looked like microsoft even the logo, BIG virus got me Live and learn, Carol Ann

[Anita]

Thanks, Darlene, I'm printing out the info you posted. Sorry you had to learn the hard way on this, but it would be easy for it to happen.
A

[Virginia]

Thanks, Sis! As usual ya done good, girl!"
My problem is that if they got my idenity, I think it would be returned two-fold. I know they would feel sorry for me and wish they had never bothered.
You know you would think that these criminals could find better things to do with their lives, anyway, nice "heads up!"
Virginia

[Alexandra]

earthlink, citibank, ebay and paypal are the top targets. obviously one does not give info over the net, but the SAFEST way to get around on the net is to not click links, but rather type in the url yourself.

[Ahzz]

Her are a couple things you can do to "see" if the email is a spoof.

#1 "View all headers" - This will show you the path the email took to get to you. If you don't see a server name that has the domain portion (the part after the @ sign, eg terrabox.com for my emails) , then it is PROBABLY a spoof and should be reported to your ISP.

#2 "view properties of ANY url that you are tempted to click on." Any url sent to you will almost ALWAYS start with a real name and will NOT have a '@' sign in it. If the URL has the '@' sign BEFORE the first '/' and AFTER the 'http://' then it is what security experts call a cloaked spoof site.Additionally most will also send you directly to their domain, not an IP. So if the url contains what looks like an IP, it's probably a phish.

#3. Companies will almost NEVER ask for you to re-input all of your information. Banks will definitly NOT as for your SSN. Your SSN is ONLY allowed to be used for banks and federal agencies. If anyone other than a bank or federal agency asks, it's a scam.

#4. Pay attention to the grammar of the email. 90% of all phishing emails have many grammatical mistakes in them. If you read it out loud to yourself and you start to sound like Abul from The Simpsons... well, it's a spoof.

#5. Pay attention to the spelling of words. Most phishing emails have poor spelling or use a foreign version of the english language. If it sounds like a tech manual from china, it's probably a scam.

and last but not least, check with the site that suposedly sent the email. They won't mind confirming or denying the sending of emails to their customoers. After all, it's their backside as well that's being protected. Sites that have lost your info will usually post something in their news section.

Remember, there are always indications that your are being spoofed. You just have to inspect the URLs that you are sent and pay attention to the details of the email to cath phishes.

I hope this helps. Feel free to ask questions if you want more information about this.

[Beauty]

Hi Ahzz,

Great post.

Thank you!!!

Beauty

[Alexandra]

I got this today. Somebody is phishing for money from my pocketbook:


Dear EarthLink Subscriber,

According to our records, the VISA associated with
your EarthLink account is about to expire.

To ensure uninterrupted service and avoid a possible
reactivation fee, please update your credit card information
right away (or as soon as your replacement card arrives in
the mail).

You can easily verify/update your credit card information on
your "My Account" Web page:



You can also update your credit card information by calling
1-888-[deleted] and using our automated phone system. Select
the option for "billing" and have the following information
ready:

* The phone number associated with your account
* The credit card number you wish to use, including
the expiration date
* One of the following -- your email address, password,
secret word, or PIN

We value you as a subscriber, and appreciate your prompt
attention to this matter.

Sincerely,

EarthLink Accounts Receivable

************************************************************
This is an Administrative Message from EarthLink. It is
not spam. From time to time, EarthLink will send you such
messages in order to communicate important information
about your subscription.
************************************************************

[Beauty]

Nice catch Alexandra!!!

Thanks for posting it!!

Beauty

[Ahzz]

I got this today. Somebody is phishing for money from my pocketbook:


Dear EarthLink Subscriber,

According to our records, the VISA associated with
your EarthLink account is about to expire.

To ensure uninterrupted service and avoid a possible
reactivation fee, please update your credit card information
right away (or as soon as your replacement card arrives in
the mail).

You can easily verify/update your credit card information on
your "My Account" Web page:



You can also update your credit card information by calling
1-888-[deleted] and using our automated phone system. Select
the option for "billing" and have the following information
ready:

* The phone number associated with your account
* The credit card number you wish to use, including
the expiration date
* One of the following -- your email address, password,
secret word, or PIN

We value you as a subscriber, and appreciate your prompt
attention to this matter.

Sincerely,

EarthLink Accounts Receivable

************************************************************
This is an Administrative Message from EarthLink. It is
not spam. From time to time, EarthLink will send you such
messages in order to communicate important information
about your subscription.
************************************************************

Good catch. This is actually one of the better drafted ones that I have seen. ;-P At a casual first glane it actually does look to be potentially authentic.

first wrning sign: I have yet to hear of a company that will email youi about your card expiring. They don't care until it comes time to charge you. If it's expired at charge time, THEN they wil notify you that your charge didn't go through and to contact the technical or billing department.

second warning sign: Companies almost never call it "your secret word" anymore. Everyone says password.

third warning sign: companies usually (i've run into a couple that did) do not specify what kind of credit card you used to sign up with. They will refer to it as "debit card" or "credit card".

fourth: they did not ask you to sign in to your customer account. Most places have a nice billing interface on their website that is easilly located from their home page. As a result it is normally unnecessary to send URLs or to remind people to have such secret information handy.

All in all the only thing that gives it away to me si the number of iffy items. Nothing specific calls out as a phish.

Anyone else have any good examples that they had to think twice about before deciding it was a phish?

[Ahzz]

Hi Ahzz,

Great post.

Thank you!!!

Beauty

Thanks.

Just trying to make the net safer one netizen at a time maam. *rides off into sunset on digital horse*

[Alexandra]

A, you know, I get one of these EVERY WEEK!!! LOL! There is also a html version that is particularly tricky . . . . they have these Earthlink support links on the bottom -- they all link to REAL Earthlink support URLs except the one to "renew" the VISA account.