- Font Size:
- Default font size
- Larger font size
BY JOYCE RUSSELL
joycer@nwitimes.com
219.762.4334 | Saturday, March 12, 2005 | (No comments posted.)
PORTAGE | Madonna Gonzalez never suspected an e-mail from what she thought was her Internet provider.
The e-mail last December told Gonzalez the company had received reports of "fraud activity regarding stolen account information and stolen identities" and asked her to update her account information.
Gonzalez clicked the link to what appeared to be an authentic EarthLink Web site and provided the information.
She didn't know then that she had just fallen for one of the same fraudulent activities the e-mail had warned her of.
Almost two weeks later, she went to U.S. Federal Credit Union to withdraw $20 from her account. That's when she first found something wrong.
Her account was empty. The $798 she had in there had somehow been withdrawn through the First Ukrainian National Bank.
She got "phished."
Phishing - tagged as such because Internet scam artists put out bait, hoping some will bite - is a growing Internet fraud scheme.
The scheme involves sending spam e-mails. The subject lines usually threaten closing of an account, warning of fraud or needing to update account information, said Sheila Gordon, director of victim services with the San Diego, Calif.-based nonprofit Identity Theft Resource Center.
They try to panic people and tell them to act immediately, Gordon said.
Victims are usually asked to click a link to a Web site, which uses the company's logos and appears authentic. The address uses the company name and, at first glance, seems real. But, it may be a letter off from the correct spelling or have a word or phrase added.
For Gonzalez, much of her information -- name, address, telephone number, credit card number and type -- was already filled in. The scammers asked for her PIN number and consumer security verification number from the back of her card.
While there are no clear-cut statistics, hundreds, if not thousands, of individuals like Gonzalez, as well as companies from EarthLink to eBay to AOL and dozens of banks and financial institutions across the country, have fallen victim to phishing.
The Anti-Phishing Working Group reported 948 phishing attacks the week of Jan. 29 alone.
Identity theft, which includes phishing scams, for the fifth year in a row, leads to the highest number of complaints filed with the Federal Trade Commission, spokeswoman Patti Poss said. This past year, 39 percent of consumer complaints filed with the FTC dealt with identity theft.
"We've seen a rise in this type of activity since late 2002. We've tried to do whatever we could to prevent it," said Les Seagraves, chief privacy officer for Earthlink in Atlanta, Ga. Seagraves said they've e-mailed customers warning them of the scam, provided free scamblocker software to Internet users and partnered with the FBI, National Consumers League and FTC to try to get the word out about phishing.
"There are criminals out there. These are bad guys with one thing in mind, to take your money. They are smart criminals who know what they are doing and know how to cover their tracks," said Seagraves, adding that their company and others are working on a number of solutions to stop the phishing attacks.
Since Gonzalez learned she'd been phished, she's been fighting with the U.S. Federal Credit Union to get her money back. She claims the credit union initially told her not to worry, that she'd have her funds back into her account in a matter of weeks, but then denied her claim. They failed to inform her of the process needed to follow to reclaim her funds. Gonzalez filed a complaint with the National Credit Union Administration.
"It is the credit union's policy, as stated in the membership disclosure, that we are not liable for membership negligence," said Michelle Stack, U.S. Federal Credit Union's vice president, adding they warned customers in two consecutive newsletters about phishing. "I'm sorry for her, but we're not liable for it."
"She fell victim to a scam, and that's not negligence," Gordon said, adding laws on recovering funds vary not only from state to state, but depending on if the money was taken from a credit card, by ATM or other means.
What is phishing?
Phishing, also referred to as brand spoofing or carding, is a variation on "fishing." Bait is thrown out with the hopes that, while most will ignore the bait, some will be tempted into biting.
Phishing is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The email directs the user to visit a Web site where they are asked to update personal information.
Source: webopedia.com
Back to story No comments posted.
- It wasn't clear, concise or focused on the topic in the story.
- It was a personal attack, vulgar, explicit or degrading, used actual or implied profanity or contained potentially libelous statements.
- It accused someone of being guilty of a crime.
- It promoted violence or illegal acts.
- It contained telephone numbers or street addresses, or e-mail addresses and links to Web sites other than nwi.com or government agencies.
In no way do these comments represent the views of The Times or Lee Enterprises.
Passionate views, pointed criticism and critical thinking are welcome. Name-calling, crude and profane language and personal abuse are not welcome.
Reader comments will not be edited - they will be approved or declined. They may be used in the print edition of the newspaper.
If you feel a posted comment has violated these guidelines, please email our New Media team the commenter's name, the comment and a link to the article.
For more information please read our Terms of Service.