Site icon IT World Canada

CW-05-01-Editorial-Phisher is caught in his scamming act

Boondocks is a great comic. In one of my favorite strips, Grandfather Truman, faced with another of the innumerable scams that his grandson tries to put over on the old man, says to the youngster, “See, what bothers me is that not only are you stupid, but you think I’m stupid too.”

In a nutshell, this is how I feel about the horde of Internet scam artists, identify thieves and other assorted disreputable cretins. To whit: an e-mail I received the other day, that is a disturbing and all too common example of an unpleasant phenomenon known as “phishing”:

From: support Sent: November 8, 2004 1:45:38 PM To: isguerrilla@hotmail.com Subject: Washington Mutual Banking Account We recently reviewed your account, and suspect that your Washington Mutual Banking account may have been accessed by an unauthorized third party. Protecting the security of your account and of the System network is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive account features.

To restore your account access, please take the following steps to ensure that your account has not been compromised: 1. Login to your Internet Banking account. In case you are not enrolled for Internet Banking, you will have to use your Social Security Number as both your Personal ID and Password and fill in all the required information, including your name and your account number. 2. Review your recent account history for any unauthorized withdrawals or deposits, and check your account profile to make sure no changes have been made. If any unauthorized activity has taken place on your account, report this to Internet Banking Staff immediately. To get started, please click the link below: http://login.personal.wamu.com/logon/logon.asp?dd=1 We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire Internet Banking system. Thank you for your prompt attention to this matter.

Let’s start with a couple of obvious flaws in this serious sounding call to action. First, I don’t bank with Washington Mutual. Secondly, they want me to login to my Internet banking account even if I’m “not enrolled for Internet Banking.” No problem. I should simply “use (my) Social Security Number as both (my) Personal ID and Password and fill in all the required information, including (my) name and your account number.”

The worst aspect of this scam is that there will invariably be some people who will actually fall for it — presumably those who are the least Internet-savvy, most trusting, and least able to afford the cost and implications of having their identities stolen. Fighting back against such criminals who would snare gullible victims of fraudulent Internet commerce might involve: 1. Outing the bad guys — talk about them, write about them, and make sure everybody knows about them. 2. Forward any fraudulent e-mail you might receive to the appropriate authorities. I forwarded this note to the legitimate folks at Washington Mutual, who immediately responded, thanking me for pointing this out. 3. Be careful. The ‘real’ Washington Mutual people have a couple of good suggestions on their Web site to help all of us to identify the phishers.

These excellent guidelines include: Being suspicious of any demanding messages. A legitimate bank or business will not request personal information from you over an unsecured Web site.

4. Send a copy of the e-mail to the appropriate authorities. Those of us in the know are obliged to warn others who may not recognize threats, and fully understand or appreciate the potential disastrous consequences of such criminal activity.

Exit mobile version