Community Newsletter: Q&A forum: 6/24/05 How to recognize and avoid phishing scams

Answer:

Andrew, it is not unusual for phishing e-mail to arrive in bunches and to keep doing so for a few days or significantly longer. Spam and phishing e-mail (the term "phishing" refers to a type of spam that attempts to fool recipients into supplying confidential information) are sent in HUGE numbers so as to increase the probability of reaching some gullible soul. Increased awareness of this problem, as well as efforts to combat the amount of spam and e-mail scams, have forced spammers to rely on different strategies. Chances are all those phishing e-mails are being sent by the same or a small group of individuals, who sent them through different channels in an effort to stay one step ahead of spam filters and ISPs who shut down accounts once complaints are received. Also, by flooding the Web with new scams or more clever variations of old ones, these criminals increase the probability of hitting pay dirt before the new scam is brought to the public's attention.

If there was a simple way to completely stop or effectively minimize spam and phishing e-mails, someone would've have sold it and by now made enough money to make Bill Gates look like a beggar. The sad truth is that there is very little we can do to stop receiving scam e-mails. Again, these messages are sent in bulk, with randomly generated recipient addresses or those harvested from websites, chat rooms, etc. All it takes is for your e-mail address - or one very close to yours - to appear somewhere in the web, and spam will find you. But just because we are currently unable to eradicate spam and phishing scams doesn't mean we should stop trying, or that we have to give in to their tricks. You can find some useful advice for fighting spam here

http://reviews.cnet.com/5208-6130-0.html?forumID=7&threadID=55268&messageID=658692&tag=nl.e497

as well as by enrolling in the CNET online course I will refer to a bit later.

As for phishing, newer products such as Zone Labs' ZoneAlarm Security Suite (http://www.zonelabs.com/) and Trend Micro's PC-cillin Internet Security (http://www.trendmicro.com/) offer anti-phishing protection. While the latter is hardly a perfect solution, it might be worthwhile if you are getting seriously bombarded with phishing e-mails, or are in the market for comprehensive protection for your PC. You might be able to find anti-phishing freeware on Download.com (http://www.download.com/), too.

The most important thing to realize is that no legitimate business will ever send an e-mail asking for sensitive personal or financial information. Any legitimate company stupid, irresponsible, and careless enough to do so would be essentially giving its customers a heck of a good reason to take their business elsewhere! It's just bad business.

Think about it. A financial institution has your home and work phone numbers, Social Security information, and probably more information on how to contact you than might be found on your own wallet. Even eBay has your phone number. If a serious breach in security were to take place, getting hold of customers as soon as possible would be absolutely essential. Why would a financial institution use standard e-mail - an unsecured form of communication that might or might not be checked daily - rather than contact you by phone?

Then there's the question of how exactly entering account, PIN, credit card numbers and/or your mother's maiden name on a website does anything about "suspicious account activities." Chances are, financial institutions and other organizations will either halt access to an account and call the account holder as soon as anything out of the ordinary is detected, or require that you contact them before access is restored. Why would they e-mail you to ask information already in their possession? Some of these phishing e-mails and websites ask for so many details that they literally scream "identity theft!!!"

It follows that if no legitimate business will ask for sensitive information via e-mail, you should never e-mail any sensitive personal information. Ever. Any e-mail that requests such sensitive information, regardless of how genuine or sophisticated it looks, has to be considered fraudulent and treated accordingly. Period.

(You might run into small, legitimate retailers who sometimes give you the option to remit credit card payments via e-mail. Don't. Call them instead and provide the payment details over the phone, even if they lack a toll-free number. And even these retailers will not send you an e-mail asking for a credit card number or similar information!)

What should you do when you get that "verification" e-mail or one alerting you to some supposed emergency? The Federal Trade Commission (FTC) offers the following advice on an article titled "How Not to Get Hooked by a Phishing Scam," included here in its entirety for your convenience:


If you get an email or pop-up message that asks for personal or financial information, do not reply. And dont click on the link in the message, either. Legitimate companies dont ask for this information via email. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the companys correct Web address yourself. In any case, dont cut and paste the link from the message into your Internet browser phishers can make links look like they go to one place, but that actually send you to a different site.

Use anti-virus software and a firewall, and keep them up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.

Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files. Anti-virus software scans incoming communications for troublesome files. Look for anti-virus software that recognizes current viruses as well as older ones; that can effectively reverse the damage; and that updates automatically.

A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources. Its especially important to run a firewall if you have a broadband connection. Operating systems (like Windows or Linux) or browsers (like Internet Explorer or Netscape) also may offer free software patches to close holes in the system that hackers or phishers could exploit.

Dont email personal or financial information. Email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organizations website, look for indicators that the site is secure, like a lock icon on the browsers status bar or a URL for a website that begins https: (the s stands for secure). Unfortunately, no indicator is foolproof; some phishers have forged security icons.

Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.

Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computers security.

Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.

If you believe youve been scammed, file your complaint at ftc.gov, and then visit the FTCs Identity Theft website at www.consumer.gov/idtheft. Victims of phishing can become victims of identity theft. While you can't entirely control whether you will become a victim of identity theft, you can take some steps to minimize your risk. If an identity thief is opening credit accounts in your name, these new accounts are likely to show up on your credit report. You may catch an incident early if you order a free copy of your credit report periodically from any of the three major credit bureaus. See http://www.annualcreditreport.com for details on ordering a free annual credit report.

You can learn other ways to avoid email scams and deal with deceptive spam at ftc.gov/spam.

(Original source: http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm)

I forward all phishing e-mails to spam@uce.gov as well as to SpamCop (you'll need to register at http://www.spamcop.net/ for the free reporting service). SpamCop will process the e-mail and forward a report to the company, bank or organization impersonated in the e-mail. SpamCop will also try to trace back the message to the original sender. There is really no need to try to trace the e-mails yourself. In all likelihood, doing so will accomplish nothing good.

While most phishing scams stand out like a sore thumb, there are always a few that make even experienced users wonder. If you would like to learn more about the intricacies of identifying phishing e-mails, by all means check out the interesting analysis of one of these legit-looking e-mails in Lesson 3 ("The World of Spam") of Help.com's outstanding Combating Spam and Spyware online course. This free course is currently being offered through July 1, and I highly recommend it. (http://courses.help.com/index.jsp)

There are simpler ways to tell if a message is fraudulent, though. You can visit the Anti-Phishing Working Group's website (http://www.antiphishing.org/) and search its Phishing Archives to see whether the message you received is already there. You can also file a report while there, though that should be unnecessary if you have already forwarded the suspicious e-mail to SpamCop and/or the FTC.

Other websites dealing with Internet hoaxes and rumors (e.g., http://urbanlegends.about.com/library/blhoax.htm?once=true& ) might also corroborate your suspicions. Remember, phishing e-mails are essentially Internet hoaxes that strike a nerve and tend to be immediately taken more seriously simply because of the blunt emotional impact the threat of a sudden financial catastrophe has on their readers.

Last, but not least, you can always open a new browser window and visit PayPal, eBay, or your bank's website. Logging into your account without any difficulties should confirm that the warning was bogus.

Hope this helps!


Submitted by: Miguel K. of Columbus, Ohio

hi i want u to solve this question for me,IF I WANT TO CHECK WHAT I SAVED ON MY 31/2 DISKETTE IT TELLS ME THE PARAMETER IS TOO LONG, I HAVE BEEN TRYING THIS SINCE ALL THIS WHILE BUT IT SEEMS NOT TO BE WHAT I WANT.So please help me.
thanks
olowe adekunle

I received the Ebay account message also and forwarded the message to Ebay. They said they were going to investigate. Haven't heard from anyone since though. FOrtunately I didn't give them any information.

Another tip in IE6 is to click on the phishing message, go to Message, Block Sender. This will at least prevent further emails from that address though isn't much help if the 'phisher' uses multiple addresses

Answer:

Andrew, I have also received spoof e-mail messages. PayPal and eBay are a couple that come to mind. These scammers are very smart and use fraudulent Web sites to appear legitimate. They will attempt to have you respond with such personal information as a credit card number, a social security number, site passwords, user IDs, and so on. Their intention is to steal your identity, and some have wreaked havoc on individuals' credit ratings. Once they have a credit card number, they run up the tab. The card owner then has to sit down and cancel credit cards, obtain new ones, and deal with credit bureaus to straighten matters out. This is not an experience anyone wishes to have! Below are some methods you can use to help cut down on the number of these messages and protect your privacy.



1) Be very suspicious of any email you receive asking for personal information. Unless the email was digitally signed you cannot be sure the email is legitimate. To obtain additional information on a digital signature do a web search for the keyword digital signature. The bottom line is if you do not know who is asking the questions delete the email. It is better to be safe then sorry!

2) You should never use the links in an email to get to any web page. You are better off logging onto the website directly by typing in the Web address in your browser. Also, never enter personal information such as account numbers, passwords or credit card numbers directly into any email.

3) When submitting credit card or other sensitive information via your Web browser, check to make sure you're on a secure Web server. The beginning of the Web address in your browsers address bar should be "https://" not just "http://".

4) You should log into any online accounts you have often. Have the links to such accounts close by and periodically check them (I suggest weekly). Do this just to check around and verify that no suspicious activity has taken place. Another thing you should do is reconcile your bank, credit card and debit card statements regularly to once again verify that all transactions made are valid. If you do find a problem notify your bank by phone and in writing. They will assist you and provide guidance as to what steps you should take to correct the problem. It may be an error on their part or perhaps your privacy on the internet has been compromised. The correspondence with your bank or card company is the safest route to go.

5) Always keep your web browser up to date with the latest versions and fixes. Microsoft comes out periodically with security patches. You can go to http://www.microsoft.com/security/ to find these patches and you also can register to receive the updates automatically.

6) There are groups you can report phishing or spoofed e-mails to:

a) Forward the email to reportphishing@antiphishing.com

b) Forward the email to the Federal Trade Commission at spam@uce.gov

c) Forward the email to the abuse email address of the company that is being spoofed (spoof@ebay.com) is an example

d) When forwarding spoofed messages, always forward the entire original email with the original header information. You can do this by using the forward option of your email client.

e) You may also want to notify the Internet Fraud Complaint Center of the FBI by filing a complaint on their website which is http://www.ifccfbi.gov/

7) Lastly I recommend you install a firewall and antivirus program and keep them up to date. You can do a web search to find each of these and there are some that are available for free.

8) With regards to email which I am doubtful of I follow the rule: WHEN IN DOUBT TOSS IT OUT! I hope this information is helpful and your personal information is never compromised.
Visit the following websites for more information.

http://www.antiphishing.org

http://www.computerworld.com

Submitted by: Joseph V. of Highland, New York

I m also suffered from PayPal site, although i have not disclosed my credit card no. etc. but tell me can they harm my system.

Answer:

What is "phishing" anyhow? Phishing is as fishy as it sounds. Crooks attempt to lure you to their phony Web site, which is usually made to look almost exactly like that of your bank or other financial institution, eBay or PayPal, or any other site where you might have an account and transactions happen regularly.

First of all, recognizing a phish is easy - many times, a no brainer (like when you get a phish from a bank that doesn't even do business in your neck of the woods!) Banks DO NOT use e-mail to discuss security issues with you.
They will NEVER, EVER, EVER ask you to log in, provide sensetive information, etc. The same is true of eBay/PayPal. And when in doubt, CALL and ask them if it's legit. That's what the customer service departments are there for.

As for what you can do about it... There's plenty! First of all, don't delete the message (yet)!

Given the crooks in question are using a purchased (or possibly stolen) spamming list, chances are it's pretty close to impossible to stop getting them by merely treating some crook's phishing expedition as regular spam.

Fight back!

You will have to do a bit of research, but in the end, it's worth it. First of all, you'll have to identify the institution - in your case, eBay and/or PayPal. You'll have to go to their legitimate web site by manually typing in the URL (if you know it, use Google if you don't). Above all, do NOT click on the link! That will not get you to your destination.

Once you're on the site, you'll have to do a bit of detective work to find the company's anti-fraud/phishing unit's email address. It's usually on the "Contact Us" page.

Note: Some banks or institutions don't clearly have it anywhere on their site. In which case, it's time to find their customer service number. It's usually a toll free 800/888/866 number. You may also have to navigate through a bunch of menus to get to where you are talking with a live person.
(Pressing the 0 key sometimes helps expedite things.)

Once you've got a live body on the other end of the line, find out where to forward the phish. Go back to your e-mail program and open the e-mail in question - once again, being careful NOT to click on any link contained in the e-mail.

Since there are a lot of e-mail programs available, you'll have to do a bit of research on how the next step needs to be done correctly. What we're after here is the FULL e-mail header. Most applications give you a "Reader's Digest Condensed" version of what's in the header - usually who the e-mail was from, when it was sent, who was supposed to get it and, of course, the subject. But sometimes e-mail headers can reveal a LOT of interesting forensics - and if you're lucky, the originating system's IP address.

Highlight the entire header and copy it to your clipboard.

Once you've gotten the whole header in sight, copy it and then click the FORWARD button in your e-mail client. Enter the e-mail address the institution provided in the TO box. In the case of E-bay, that would be spoof@eBay.com or in the case of PayPal, that would be spoof@PayPal.com. Given the two companies are actually one and the same, those address' can probably be used interchangeably.

Usually, a forwarded message will have a bar or a line going across so you can type a quick note that's separate from the forwarded message. Paste the full header of the phish into the body of the e-mail above the line and you should be now ready to send. If you want proof that you sent the message, you can always BCC yourself as well.

Note: Many web based e-mail services do NOT lend themselves easily to finding the full header of an e-mail. The only way to retrieve that info in Hotmail, for instance, would be to use OutLook or Outlook Express.

Unfortunately, MSN/Microsoft has decided to no longer allow new accounts to be accessed via OE. Only older Hotmail accounts can be accessed with Outlook or OE.

Finally, click the send button. You should receive an e-mail from the institution acknowledging the forwarded phish shortly afterward. With a little luck, law enforcement cooperation, and good timing, the phishers in question will be sent packing and off to jail.

The bottom line - as long as you fight back by forwarding phishing expeditions to the institutions they (the phishers) are trying to victimize, at worst, the blighters will be kept on the run - at best, they wind up doing a long stretch in prison where they belong.

As far as avoiding being sent stuff in the first place, that's a bit trickier. Avoid web sites that resell your email address. Get a 'throwaway' e-mail address - like Hotmail, Yahoo or GMail. Use them when you visit a site with questionable ethics - especially when it comes to giving your email address out to others goes. Given the source lists for spam and phishing expeditions is likely the same thing, the odd occasional phish is likely to become a facet of life along with regular spam for herbal viagra, low cost mortgage refis and so forth.

Submitted by: Pete Z.

Answer:

Hi Andrew

There isn't much that can be done about phishing expeditions as I like to call them. Just be aware that they are out there. Always if in doubt, go directly to PayPal, Chase Banking, so on, so forth. Check out their sites, if there is a problem usually you would be directed as to what to do. Once there (at the legitimate site) find a phone number (again usually a toll free phone number) and discuss it with their customer service representative and they should be able to tell you either it is phishing site or where to go to correct anything. All of this is to get the person to reveal their personal card or financial information. The most employed phishing tactic is to pretend to be a financial institution like a bank or PayPal. They will send you an email which appears to come from PayPal, and ask you to "update your account" and warn you that your account is about to be suspended, frozen or closed, creating a sense of urgency. A person clicks on the link which the phisher has given in the email, the site to which it takes you "looks" like the real PayPal site, but it is not. And when you type your account information in at that site, they have your account information, got you! They now have your account information and of course with that they have access to all other kinds of information about you, that can include your other accounts from other places. Because these phishing sites look so realistic! As a rule of thumb, when a letter from a financial place of business out the blue, never respond to the email. Because of the problem of phishing scams, most business' do not send emails anymore. And if they do, go to the site, either type it in or if you have it in your favorites/bookmarks and click on that. Login, more then likely if the email is legit, when you do login it will alert you to update your information at that time.

There are methods to detect if it is a phishing site, such as; does the whole letter act as a link? That is no matter where you put the cursor on the letter, does it show as a link (cursor changes to a hand or some other kind of icon)? Another is, when using Internet Explorer, does the address show up with something other then what is in the warning letter? If it does then this is an indication that it is a phishing site. Again with I.E. or for that matter any browser that shows you the address before you click on the link, does a series of number, rather then a readable site name come up? This is also an indication of a phishing site. Understand that now there is a way to do what is referred to as a malformed address and have the address look legitimate. So in essence if in doubt, go to the real site, if you are still not satisfied, do some telephone calling. There are also some excellent sites that will keep a person abreast of the latest phishing scams and email scams. Here are some sites that one can go to, to find out if it is a scam or phishing site:

U.S. Government; http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm

About Site; http://antivirus.about.com/od/emailscams/

Anti-Phishing Working Group;
http://www.antiphishing.org/phishing_archive.html

Scambusters; http://www.scambusters.org/phishing.html (I know because I personally subscribe to this publication)

Institute for Spam and Internet Public Policy; http://www.isipp.com

Aunty Spam's Net Patrol; http://www.aunty-spam.com

These are just a few of the sites that one can go to get further information and most will let you subscribe to a news letter to keep one informed of the latest email scams, shams and phishing/pharming scams. Also some of the on-line email companies, at least yahoo does anyway, if you click on a suspected phishing link, yahoo will tell you that and give you the option of canceling your click. That is if Yahoo! knows about the scam or it may even be able to detect malformed address'. I don't know how Yahoo! detects it, but Yahoo! does!

Hope this helps, Andrew.

http://www.rickswebfactory.com/

Submitted by: Rick B. of Warren, Michigan

***********************************************************************

Answer:

Pay Pal emails etal.
These are major phishing exercises going on. I have received numerous ones also. These are coming in also in very convincing format from credit companies and banks. Whatever you do, DO NOT REPLY, or provide any personal information "as requested".

These phishing attempts are often filled with valid logos, and enough information about you to make you think they are real.
If you become unnerved, and begin to think that these may be valid, access the financial site only by your own independent initiation from a clean link in your browser. Do not use any forwarding link arriving by an email into your in box.

I have had only a single prompt from an institution which actually was valid. I provided significant feedback to them about how I felt their contact methods were not longer appropriate in the Internet society we now live in. Hopefully if others do the same these few institutions will get the message also.

Quicken was a good example. I had to eventually do what the email suggested, however I had to initiate the process on my own terms before I had confidence the request was valid. I scolded Quicken the best I could after several months of these emails.

PayPal confirmed to me that they do not contact their users in this manner. And, these institutions appreciate the information of this phishing activity going "in their name". Some banks have even set up
addresses in some kind of format of spoof@(bank name).com etc to
forward this garbage directly to them for review.

I rather enjoy using accessory email filters in addition to those provided by my ISP. This gives me the ability to set some specific filters to trap incoming mail before it come from the server onto my computer. It is amazing how many variations of the same garbage email are being sent as attempts. Software like this gives the user a chance to review what is to be killed automatically before it actually happens. Occasionally something valid from a "wild card" filter is something I want, and I have manually rescue it from being earmarked for trash.

An example of a wild card filter might be one which looks for emails which include "Dear (email address)". If they don't know my name, I don't know them either..... You will also notice that most of this garbage is coming from foreign domains. However, the spoofs are using what appear as "valid" domain names also. I try and only accept specific, known senders using domains like, hotmail, aol, etc. Cell phone domains have been used for attempts as well, so be initially suspicious. The old saying, "don't believe anything you hear, and only half of what you see" may not be applicable anymore. I think that it has to be way less than half now. "You can't get blood out of a stone"
may be better today!


Submitted by: Dale D.

***********************************************************************

Answer:

>What can people do to avoid receiving these spoofed e-mail messages or at least cut back on their numbers?

In my experience, there is little that you can do to cut back on phishing e-mails. You can chose to receive e-mail only from known sources, but that is going to limit you. You can try anti-spam programs, but phishing e-mails are pretty efficient at getting past those programs, particularly since they appear to come from a legitimate source. I suggest that you just ignore them. I have created a special e-mail address for each service that I use, such as PayPal and eBay.
Granted, not everyone has this ability or the desire to do so, but when e-mail arrives from "PayPal" addressed to the wrong address, then it is easily recognized as bogus and I trash it. Of course, you cannot use those email addresses for anything else - only for that specific account
- and you need to have an e-mail program that keeps your received e-mails separated by account.

> Also, how can people learn to recognize fake e-mail, and is there any way to trace it back to the sender?

First thing to do is to read the privacy statements for PayPal or whatever company you are dealing with. Almost without exception, companies like this will state that they will NEVER ask for your personal information in an e-mail. Right away, if you get an e-mail asking for this kind of information, you know it is bogus.

The "easiest" way to recognize fake e-mail is to look at the headers and source of the e-mail. This will usually reveal that the sender was not the company it claims to represent. The word "easiest" is in quotes, however, because sometimes it is difficult to interpret all the information in a header, but the information is there if you take the time to try to understand it.

Also, if an e-mail tells you to click a link to reactivate your account, or to otherwise submit your personal information, always look at the link's address before clicking on it (you may need to look at the e-mail's source to see this). If it does not have the name of the requesting company in the last place before the "dot," then it probably is not legitimate. In other words, "paypal.qwerqwer.com" is not a legitimate PayPal address, whereas "qwerqwer.paypal.com" could be. The best solution? NEVER click on a link sent in such an e-mail. If you think that there may be a legitimate problem with your account with a company, go directly to that company's website by typing their address into your browser and logging in as you normally would. (Yes, your computer may have been infected in such a way that your browser could send you to an address other than the one you typed in, but the odds of that are pretty slim.)

Able to trace it back to the sender? Why bother? Look at the header and you will see the path that the e-mail has taken, but there is absolutely no guarantee that the path info hasn't been faked, or that it wasn't relayed through an "innocent" computer. What are you going to do if you trace it back? Write them a scathing e-mail? Want to be laughed in your face? By the time you trace it back, if you can, they will be long gone.
These are "hit-and-run" operations, only existing long enough to get a few suckers to submit their info, and slipping away into the night.

If you want to "do something" about a phishing e-mail, check with the company from whom the e-mail appeared to have come to find out where you can report suspicious e-mail. They usually have an e-mail address to which you can forward scam e-mail. They can do more with the e-mail than you can, as they have greater resources and have a greater stake in the issue.

In the end, you have to use your own head to spot these e-mails. Suspect every e-mail and you will be much safer, and NEVER submit personal information to a web site you went to from a link in an e-mail.


Submitted by: Ray M.

***********************************************************************

Answer:

Andrew, you've hit upon one of the big problems for all users of email - unsolicited email or "spam". Phishing is simply another variation - one of dozens of twists, but these intrusions can all be boiled down to a single definition - spam. And the solution is not an easy one. Prevention would be the simplest - get an email box and don't let the spammers know you have it - but if you ever give your email address out just once, even to an organization you trust, you're caught. Even if you never give it out, eventually the auto-name-generators will probably get a hit on your account.

A lot of folks would like the government to step in and do something about it. While it's not impossible that Uncle Sam may someday look at the problem, if we think about it, I don't think any of us want the feds poking around our email - any more than they already do! So then, it's really up to you. And you can mitigate the spam - maybe not eliminate it entirely, but shave it down to a level you can live with and laugh at, instead of fume and fuss at. Don't bother to try and track down the senders. Even if you could uncover the ultimate address of a spammer, there still isn't much you can realistically do - legally or otherwise. And don't forget the horror story of the guy who did find one of them, and then tried a little spamming of his own. I believe the story goes that he ended up with more spam than ever, and never did really find out who the spammer was. Today's expert spammers are behind double-blind remailers that are usually outside the US, and you simply cannot penetrate that veil. Try it yourself if you like - just open the header of a spam mail and get the IP addresses shown there. Use one of the "whois" services or go to a site like http://www.dnsstuff.com/ and plug in the IPs you got from the header. Most likely you'll find they trace back to a host in Hungary, Brazil, Russia, China or some other impossible location.

To slow down spam, if you want to let someone else handle it, go with an email provider that has built-in spam and virus filtering. Earthlink, AOL and the other biggies all have some level of email scanning that helps to cut down on the spam. But not entirely. You'll still get cleverly constructed ads that are designed specifically to evade the heuristic logic used by the filters. Whether you go with a service that provides filtering or not, by all means, purchase a copy of Firetrust's Mailwasher Pro ( http://www.firetrust.com/ ), or one of the other filters that have a "whitelist" or friends list. It takes a little time to get all your friends, acquaintances and other trusted senders into the list, but once they're all in, the spammers are completely locked out. If the sender is not on the list, the mail is tossed out - simple as that. And there are adjustable levels of automation to the process. If you're like me and can't bear to not know whose mail is about to be dumped, you can review what's about to be sent to the bit bucket before you commit to it.

If you're behind Microsoft Exchange, as in a corporate computing environment, the problem is up to your IT folks, because products like Mailwasher are ineffective when installed on an Exchange client machine. But there are very powerful solutions to spam at the corporate level too, but you can't personally do much to help. The most effective anti-spam measure for the near term to have and use a whitelist. You'll be totally insulated from spam until the spammers figure out how to emulate someone on your "friends" list (and I don't doubt that there's some misguided phisher out there working on the problem at this minute).

Good Luck!

Submitted by: Phil B.

Answer:

First thing!: NEVER answer to such a message! Don't even click on any link they may contain. If you click a link from such a message, you may confirm to somebody that they have a live address.
How to recognize spoofed messages: you may not be a client of the other entity, the message tells you that you need to confirm your info, or that your account has been suspended and that you need to reactivate it.
Have a close look at any link, does it contains a long string of "random" text?(Y) Does it contain any misspellings?(Y) Look at the source of the message, does the actual link the same as the effective
link?(N) Is the address a bunch of numbers?(Y) Those are indices of fake message.
If in doubt, issue a challenge to the emitting institution using the address you have: in your correspondent list or on paper or from the actual site. Never issue the challenge by replying to the message.
There's very little you can do to prevent those messages. Check with your correspondents and have them check their computers for a virus infection, Trojan and spywares and do a cleanup. Maybe one of them got highjacked and made into a SPAM spewing zombie computer.

Submitted by: Alain

***********************************************************************

Answer:

Re Fake e mails:-

First of all, paypal and e bay do not send such e mails.

You only go to the official e bay website sign in under your user and check for messages.

Do the same for paypal. Only sign in on the paypal website.

I for one have spoofstick installed for both my internet explorer and for Firefox.

It shows whether the site if real or fake.

They also have such protection for Mozilla Thunderbird at www.mozilla.org

You can use Mozilla Thunderbird instead of outlook express.

Best regards

Submitted by: elinorann978

***********************************************************************

Answer:

When in doubt, forward any suspicious emails to spoof@eBay.com or spoof@paypal.com.
I tried to login to my eBay account on Thursday morning 6/16/05 and was told that my 'sign-in information is not valid'.
I then received an email from eBay telling me that my account had been suspended and all of my auctions removed due to possible unauthorized activity. I'm a high feedback seller (610 FB ratings, 100% positive), and am apparently considered to be a good target. It took most of the day (both on the phone with eBay personnel and with the 'live help'
system at eBay) to have my account reinstated. For the previous few days, I had been getting email questions from supposed eBayers asking questions about items that I was NOT selling (and a search using the supposed item numbers showed 'invalid item number').

While I should have become more than suspicious at that point, I pretty much ignored them.

What had happened was that somehow someone had gained access to my eBay and email passwords, and began sending hundreds of email 'offers to sell items off of eBay'.

eBay then suspended my account, and when I did an advanced search by sellername, I found that I was listed as 'no longer a registered user'.

While I didn't TOTALLY freak out, I of course changed my passwords on my email account(s) and then (after explaining the above situation to the eBay 'live help' guy and being told: "That's it"!) was given a temporary password for my eBay account, which I then changed to a much more secure one.

In the meantime, anyone who had been bidding on my items was sent a notice by eBay that the item had been ended by eBay due to the 'suspension of the seller's eBay account'.

That's NOT a good thing for current business, and it has the potential to hurt one's eBay reputation in the long run as well.

That sort of thing can really put a crimp in your day; I'd suggest that EVERYONE change their important account passwords on a regular basis, and forward anything which has links in it and looks suspicious in any way directly to both companies for investigation.

There are a LOT of people out there who are trying constantly to do this sort of thing, and even though I KNEW that, I had never had a problem before, so I thought I was safe!

Submitted by:
Dave Y. of Depew, NY


***********************************************************************

Answer:

When you recieve such emails you should look at the following things to decide wether it's fake or not:

1. Compare it to any real emails from PayPal/eBay. If it's significantly different, it might be fake.
2. Click "Show Full Headers", "Show Original Message", "Options" or something of the type to see the header of the message. If the address it was sent from ("Sender") doesn't end in @paypal.com/@ebay.com, it's probably fake.
3. Put your mouse pointer over the links to other sites (in Internet browsers only). It will display the target of the link in the bottom status line in your browser. If the target is not Paypal.com or eBay.com, it's fake.
4. Finally, go to to paypal.com/ebay.com by typing the full URL in your browser's address bar. This will take you to the real site, where you can check your account for whatever the email said is going on. If there's nothing there, the email was fake.

If you determine that the email was fake, you should report it to the correct site by going to either http://pages.ebay.com/securitycenter/index.html or to http://www.paypal.com/us/cgi-bin/webscr?cmd=_security-center-outside. If the email appears to be from PayPal, you should forward it to spoof@paypal.com.

If you've determined an email to be fake, mark it as spam or report it to your email provider or anti-spam software. Be sure to look at your spam folder every couple of days, as a real email might be accidentally be sorted into that folder by your email provider or software.


Submitted by: Ilya S.

***********************************************************************

Answer:

Hi Andrew,

There are simply a few steps to avoid "phishing":

First of all, something you have to keep always in mind: Anytime you receive any email which is asking you for personal banking of financing information, don' t reply to this message because there is no on-line banking system which uses this method for verifying information about you. They usually tell you simply that there is an issue with your account and that should go to their website, the one which web address you have been using all this time. In this case you type in the "address" bar of your web browser the full bank's URL which you already know and nobody will be able to access your bank info. Anyway the best thing you can do if you have time is tell your bank or whoever this e-mail supposedly comes from that someone is trying to get information about their customers. The other day I received one of these messages asking me for my credit card number, PIN code, etc. so the first thing I did was go to the bank and give them a copy of this e-mail. In the following few hours a warning was placed on the bank's official website so that everyone knows. You should do the same if you have free time.

I hope I was helpful.


Submitted by: Samuel from Spain.

***********************************************************************

Answer:

I just did a research paper on identity theft and I found a great site dedicated to these annoying phishing emails: www.antiphishing.org
They have excellent information and sample emails with screen shots of the sites you're taken to if you click on the email.
I get tons of these from eBay and PayPal, along with some from Citibank and other companies I've never even done business with. The first thing I do is send it to "spoof@ ..." (ebay.com, paypal.com, etc). They will normally send an email right back saying the email never originated from them. I will then report it as spam to my ISP. That's about all you can do. www.antiphishing.org also lets you report these bogus emails.
Just remember NOT to click on the links in the email and NEVER give out that information! If you are concerned about your account, use caution and contact the institution directly either by going straight to their website without using links or by phone.

Submitted by: Jessica G.

***********************************************************************

Answer:

Andrew although the pages look very real and bear all of the pictures and trademarks appearing on the official E-bay and
Pay-Pal sites there is one clue which gives it away instantly, and that is the address. If you look at the address bar
in your browser you will notice that it does not say "www.ebay.com" The address in the address bar will usually have
some ip adress;123.45.666.07/ebay which is the address of the owner of the website running the phishing scam.
When I receive these I usually forward them to Pay-Pal so that they can notify the proper authorities and try to
trace not only the origin but the person behind the scam. The best way to stop this kind of illegal activity is by
finding them and putting them where they belong, behind bars!!

Submitted by: G.G.

***********************************************************************

Answer:

E-bay has had a big problem with this very thing. E-bay assured me that they would never e-mail you and ask for that information. E-bay was also hacked a couple of years ago and my account was one of those that was stolen. They got in and changed my password so I couldn't use the account, and apparently did some transactions and I was getting e-mails saying my account would be closed if I didn't pay some fee that I owed. I ended up abandoning my e-mail address and my e-bay account and had to start all over. Bottom line is, don't answer these e-mails. Delete and forget. As for reducing the number of them that you get. I assume it is the same as any spam. There is only so much you can do. Use your filters or get a new e-mail account. It's a shame that we have to run away and hide. There is evidently no privacy. I got an e-mail account strictly for friends and family. So far I have had very little e-mail of an unfriendly sort. It's amazing to me that they somehow manage to get to you even when you are extremely careful to keep that e-mail address a secret.

Submitted by: Doyle S.

***********************************************************************

Answer:

The only real way to cut back on phishing emails is to not publish your email address on the internet, anywhere, ever, which is obviously difficult, so you may have to live with them. To recognise a fake email it will always have a link, supposedly toa reputable company, asking you to input your user information. Everything else on the email is to try and convince you to click on that link and enter your user name and password - trying to sound important, and trying to make you rush into it. What the scammers can do when they have your username and password, I will leave to your imagination. I'm not sure about tracing the emails back to the sender, but the anti-phishing working group would like to know about any new emails - they keep an archive to try and stop it happening to others - see http://www.antiphishing.org/index.html
I have a whole web page with more info. See www.daftmoo.co.uk/phishing.html Hope that answers all your questions Jo


Submitted by: Joanne H. of UK

***********************************************************************

Answer:

My answer is to automatically forward spoofs to PayPal, Citibank etc security dept. often, by the time I've gotten the spoof, the web site linked to the spoof has already been shut down. In the case of the Nigerian diplomats who want to share their millions, the FBI has a site to which you can foreword those spoofs. I think they've jailed about 1500 of those turkeys in Nigeria with help from our FBI. I read somewhere that you'd be far better off as a detainee at Guantanamo than in a Nigerian jail!!!

Submitted by: diandted of Jupiter, FL

***********************************************************************

Answer:

Dear Fellow Phish Targets:

ALL of those bogus-looking email messages that report "suspicious activity," "X has been added to your credit account," "Y has accessed your account" are nothing but Phishing activity. PayPal has a site to report "suspcious email messages," which I used regularly when the last wave of smelly email arrived. As for eBay, let them know about such activity also.

Previously, I'd look up the address of suspicious email and found some came from Puerto Rico, one was from a page "under construction," and another was a Spammer. I should mention that I'm using a Macintosh PowerBook under OS X, which shoulders malware aside or isn't affected by virii. (Knock on wood, now that Apple itself is switching over to Intel processors!) The usual advice is: "If it looks too good/bad/odd to be true, report/ignore/trash the email message/offer."

Let me close by saying: DEATH TO ALL SPAMMERS! DISMEMBER ALL CRACKERS! INCINERATE ALL PHISHERS! Thank you for reading this email, which contains nothing more than far too much text.

Submitted by: PEA

***********************************************************************

Answer:

also have been receiving many emails requesting information in order to correct or activate my accounts. My personal rule about these types of emails is to always say no. Come to find out, this really is the best policy. Reputable companies will not send you emails asking you for any information. Additionally, because these emails appear to come from companies that I do business with already, I usually have the companys web site saved as a favorite already. Never follow a link from an email asking you for information. Instead, I go to the web on my own and use the link I have saved already for that company. And more often than not, these companies are aware of the problem already and have a message on their home page or a link to a fraud department within their company. They usually provide an email address that you can forward the fraudulent email to so they can investigate it themselves.
Once you identify the senders of these fraud attempts, its easy to create a rule within your own email that automatically forwards the email to the correct companys fraud department, and then deletes the email, thus removing the temptation of opening it or looking at it going forward. If for some unusual reason you actually receive a good email that you ignore or delete, keep in mind that these are companies that you more than likely do business with. If they really need to contact you, they know how and will do so legitimately through other means if necessary. And remember, there isnt anything wrong with actually calling a company and asking them what they need from you.


Submitted by: Christopher E. of St. Petersburg, FLorida

***********************************************************************

Answer:

I am looking forward to the answers that come in on this one.

My first reaction would be that this is phony. I would continue to delete them and report them to reportphishing@antiphising.org. Also the Federal Trade Commission at www.ic.gov which is a complaint center. Also send a copy of this unwanted or deceptive messages to spam@rice.gov.

Never give out that kind of information on the Internet or when contacted by phone. Always expect the worst because thats exactly what these things are. DO NOT RESPOND to them at all. If they get a response from you they will continue.


Submitted by: mskrugel

***********************************************************************

Answer:

There are two ways to check on these emails.
One is to go to the site, eBay, etc, and deal directly with them. Or (which is what I like to do) you can check the background of the email to see if it came from that company or not. Just check the preferences and full headers of the email. If it does not look right, then copy it and send it to the company directly so they can follow up with fraud charges.

I believe that following up with the company is the best strategy, even if there is a wait. Never respond to these phishing letters as they will send them to you again.

Just my 2 cents worth.


Submitted by: Jackie M.

***********************************************************************

Answer:

When you get one of these fake emails:

1. Go to the top of the browser page (different with each one; I use
Netscape) and turn the header option to all. You will see a bunch of goobledegook (my grandma`s word!)

2. Forward the email to the appropriate place:

spoof@ebay.com
spoof@paypal.com
spam@uce.gov (for fraudulent emails...this is a consumer site, I
think)

If the email claims to be from your bank, you can generally call the bank and find out how to have it investigated.

3. Delete it!

If you forward emails with the complete routing information, often it can be traced back to the ISP. Ebay and Paypal take these seriously, as does Earthlink.


Submitted by: Julie D.


***********************************************************************

Answer:

On the phishing email attempts pertaining to Ebay and Paypal, I have gotten my share too. As you know, when sent to Ebay , they thank one for reporting, claim to intend to look into the matter and that is it.

I delete the emails now after checking the email properties, open a browser that I had not been using, and I check my account with paypal activity. Thus far, nothing has been wrong.

I think one is expected to change there info for paypal often-user name and password. Also, as I am sure you have been told by Ebay, to open a separate browser when checking paypal info.

I use qurb for extra spam usage, but have not found a way to stop the phishing emails as it would toss all paypal emails that came in , and I would have to check the delete folder anyway.

Changing names and passwords used on Ebay and in paypal seem to be the way to cut down and never clicking on the phishing emails.

It is unfair that thieves make life so complicated such as having to change passwords and user names, but it seems a wave of crime that is not waning.

Ebay and paypal seem to only send emails to entice more buying from favorite sellers', offer credit cards, and try to get one to be a seller, however, I always check - at some point-when I get a phishing one to make sure nothing has happened.

Again,one can check the email properties and see where the email originated and tell by that it not really a authentic email. That makes you know quicking that nothing has been sent by Ebay and paypal and saves you time in checking.Click on the mail to just highlight, go to properties, go to details, if using outlook express, and one can see all info of where the mail originated.

I know this has not said how to stop them, but changing the user info will slow it, checking proerties save time in having to check paypal accounts right away, and good luck to us all going thought the internet crime wave attempts.

If anyone know how to stop them completely and forever, I would be interested big-time.

Submitted by: Page

***********************************************************************

Answer:

I've been getting these phisher emails almost daily for several years now. Actually fell for the first of them--before the scam became public--and very nearly lost $4,500 in one fell swoop. Fortunately the good folks at Paypal, my bank and credit card companies took immediate action to block the withdrawals--but it was too close for comfort.

When I receive such emails now--and they are cake to spot, being poorly written and coming out of nowhere--I immediately forward them to those who can take appropriate action: spoof@ebay,com or spoof@paypal.com, etc. It doesn't help to block the sender because email blocker will also block legitimate emails from those agents, e.g. eBay and Paypal. Remember that no agent will ask for personal information via email.

Although this behavior on the part of some virtual dirtbags is infuriating, there's no reason to panic or run for the hills. Forwarding and then deleting all that's required to get a potential crook out of your hair. But there are two VERY important things to remember each and every time such an email appears in your inbox:

1. NEVER EVER RESPOND! It'll only further identify you.
2. NEVER EVER CLICK ON A SINGLE LINK CONTAINED IN THE EMAIL!

Be alert. Be smart. And remember that curiosity killed the cat.

Submitted by: Julia B.

***********************************************************************

Answer:

It is quite easy and I thought most everyone knows about this. In Outlook Express, click on the File tab in the top left toolbar. Go down to "Properties" and click on "Details in the box that comes up. There you can see all of the addresses that it went though to get to you. If you don't see the address that it was supposed to from, PayPal, Ebay, etc don't reply to it. Delete it!

Submitted by: wmartel

***********************************************************************

Answer:

Ive also received this e-mail several times, and you are right. It is most likely a phishing scam.

PayPal states in their user agreement and privacy statement that they would never ask you for personal information in such a way. In fact, most service providers on the internet, whether messaging, e-mail, payment, or banking services, will never directly solicit your password or any such information. Its hard to understand because how else would they contact you, right? However, in todays world of identity theft and information theft, it never hurts to be too careful.

What I do is forward the e-mail to spoof@paypal.com, close and delete the e-mail, and then go to PayPal on my own (not using the link in the message) to login and check the activity myself on the account. I havent found any unusual activity that actually coincides with the receiving of the e-mail (in fact, I havent found any unusual activity at all in the years that Ive had PayPal), so clicking on the link included in the message is most likely a bad idea.

With any service online, its best to check their spoof mail information. Online Banks, PayPal, Yahoo, and several other popular online services have been spoofed many times in the past in phishing scams such as this. Most of them have some sort of policy on how they want their customers to treat suspected e-mails, which usually includes forwarding the complete mail (with headers) to a special address before deleting and ignoring it. Whenever I receive these e-mails, I close the e-mail and then research the targeted service so I know where to send the offending piece of mail. I dont even have accounts with certain banks and Ive received e-mails asking to confirm my information. For a while, I had Citibank in my address book despite not being a customer because I got tired of typing in spoof@citibank.com four times a day. And I made sure to send every e-mail I got to them. Every little bit helps as they try to locate the sources of these scams, find out whats involved in creating the mails, and stop them from happening.


Submitted by: Jessica S. of Yaphank, NY

***********************************************************************

Answer:

Andrew,

The FIRST thing you want to do is Save the fake-suspect-spoof e-mails for submission to the proper authorities,make sure you run a virus scan on the e-mail and don't save or open any attachments if there is any with it. You can also do some digging on your own with the original. Second immediately Contact E-Bay and Paypal ,the links to their sites and Help with suspect e-mail is available for,EBay at http://pages.ebay.com/securitycenter/index.html and for Paypal at http://www.paypal.com/cgi-bin/webscr?cmd=_help-ext&eloc=1224&loc=1188&unique_id=2104&source_page=_home&flow=. You can also forward the entire e-mail to spoof@ebay.com for E-bay and spoof@paypal.com for Paypal,remember do not change anything in the email.More info is available at each website above.Another option is they're some really Great IP Trace Programs out there and Cnet Downloads has some of the Best available for download.These allow you to back trace the IP address of the email sender.There is WhereIsIP 2.2, Whois 1.8, Visualware.com has a bunch of Great Programs, Also Quis Lite 1.1.1 and Who Is Web Pro.the list goes on. These are all available at the Cnet site www.download.com. just enter IP trace in the search downloads box. Some are free, most are free to try.The nuts and bolts are in the spoof email "if your using Outlook, Outlook Express ect." click on file then on Properties, then at the top Details, then down at the bottom Message Source. A new box opens with all the info about the e-mail, about 5 or 6 lines down is the Message Source which lists an e-mail address then the IP address of the sender. With one of the above downloaded programs you can Back Trace the IP address to the sender. Usually it lists the email address of the Service Provider for you to Report Abuse too, which I recommend you do! One thing to remember though is that spammers and in your case spammers that are trying to steal your personal information are committing a Felony, A Federal Crime so most use fake e-mail addresses,and are therefore hard to backtrace and identify!! E-bay and Paypal can do a better job than you can really.Last but not least are the Spam Blockers also available for download at Cnet's download.com.and off the shelf. These are perfect for spam But one of the problems with your case is that the spoof E-bay and Paypal e-mail's look so good that if you block them you probably will block real e-mail from the legitimate parties so this option may not work. The number one choice is report them and send a copy of the e-mail to the real companies,not by forwarding but with a new e-mail that you type the address in, Really they have the resources to identify and prosecute the offenders. Hope this Help's?

Take Care

Submitted by: Ganash

***********************************************************************

Answer:

The main thing to remember is to not be faked out by these spoof phising emails. PayPal, banks, Ebay, etc., will NEVER ask you to enter any sensitive account, personal or password information via email. When I receive these (usually from PayPal or Ebay or even a credit card company I don't even do business with) I immediately forward them to spoof@ebay.com or spoof@paypal.com (or the appropriate email address) so they are reported and can be investigated. If you have any questions, always call the entity involved and ask if the email is legit or not.

Another thing to remember is NEVER to click the links in the spoof emails. Open a new browser window and then type in the website address before going in and checking your account information.


Submitted by: Maddiecakes in Texas

***********************************************************************

Answer:

One of the best things I ever did when I first got PayPal was find a way to report spoof emails. The address is spoof@paypal.com. I was aware that someone might try to gain my PayPal information but wasn't sure how far they would go. Now comes phishing and with it a whole new way to try to pry your private information from you.

PayPal just sent me an email how to detect whether or not PayPal is sending these messages.
https://www.paypal.com/cgi-bin/webscr?cmd=xpt/general/SecuritySpoof-outside

Mainly remember that PayPal will never ask you for private information through an email. Spoofed emails use generic greetings, have a sense of urgency and use fake links to direct you to a "pay pal" site. If you mouse over [place your pointer or arrow over] the link and look at the status bar you will see that the link might say it takes you to PayPal but the site is far from it. They will even go so far as to put PayPal in the address somewhere so it could possibly be from PayPal.

Using a little common sense with your personal information and reporting these emails to PayPal will help them help you in the future. Oh, once you've sent an email to PayPal about the spoofed email use your spam blocker to block all other correspondence from this email address.
Cheers,

Submitted by: Wayne N. of Etna, Wyoming

***********************************************************************

Answer:

One way I found to eliminate some of these scams is your email address
and cut down on the number of bogus email advertisements is to.
thread them through another server and here's what I do....works like a gem!
Get free disposable email addresses, and a spam blocker!
http://www.spamgourmet.com/
Now, I maybe get 1 a week that leaks through to my INBOX - wow this is great!

Submitted by: Sherry R.
***********************************************************************

Answer:

99.9% of the time, these emails are fakes, designed to lead you to a site which will then ask you to enter personal information and disclose your password. When you do actually receive a legit email from either Paypal or eBay, the message will address you by your full name - the name you registered for these accounts. The fake emails never address you by name (i.e. "To George Smith") and another clue is that they typically have some misspelled words included in the text. The best way to confirm that the email you received is a fake is to forward it to either spoof@paypal.com or spoof@ebay.com. After you send it, you will receive a response (usually within a few minutes) which will confirm that the message you receive was not sent by the source you believe it had come from (Paypal or eBay), and they will then take over in investigating who is sending these notes and take action against them.

Unfortunately, there is no effective way to block these emails because they do appear to come from legit sources, and you certainly don't want to risk blocking real email from either Paypal or eBay. So just keep in mind that if you don't get a message that addresses you by name, it is more than likely a fake and you should absolutely not click on any links in the email, but simply forward it to the appropriate place to verify that it is indeed a spoof. The senders are, of course, phishing for info and will continue to send these messages until they are caught. While it is certainly annoying to have your inbox filled with these messages, there is no danger that you will compromise your account as long as you do not click on any of the links and just forward the email to Paypal or eBay to deal with the situation. Once you've forwarded a few and are on to the scam, then just use your "delete" key to trash all these emails that you now know are fakes.


Submitted by: Lisa S. of New York, NY

***********************************************************************

Answer:

Im always getting malicious email from the maggots that put out the eBay warning. I never open the mail. I always Forward these letters to eBay to investigate the source. Their investigative address is spoof@ebay.com. A recent response from eBay is included below.


Hello,

Thank you for writing to eBay regarding the unsolicited email you
received.

It is impossible to determine exactly how your email address was
obtained as there are many ways. I have done some checking and let me
tell you what I have found.

It appears that you have put in a direct link to your email in your
auction. I am sure you did this for better customer contact on your
part, however, it allows anyone (including spammers) to use a spider to
"read" the html of the webpage and harvest your email address. At this
point, I can only suggest that you remove this from your auctions and/or About Me page.

Unfortunately, it appears your email address has been harvested and just by changing your email address or removing it from your auction pages
will not stop the spam from coming to your inbox. One option you may
need to consider is obtaining a new email address solely for eBay use.
You should save your ISP email account for personal usage and do not use it for registering on websites, entering contests or for downloading. If you do receive spam through the new email address, it can be more easily removed, filtered and ignored.

In addition, you might want to take the time to familiarize yourself
with the junk mail filters of your email program. Often times you may
block specific email addresses, emails containing certain text or even
entire domain names. This should help to prevent the majority of
unwanted emails from entering your email inbox. We would also like to
suggest that you do not reply nor unsubscribe to the message because
this can sometimes generate even more unwanted email.

Again, thank you for your efforts to help keep eBay a safe place to
trade.


Regards,

Tina
eBay SafeHarbor
Investigations Team
______________________________
eBay Inc.
The World's Online Marketplace


Submitted by: Jeff P.

***********************************************************************

Answer:

Forward any e-mail suspected as phishing or unsolicited to spam@uce.gov . I also use a site http://www.spamcop.com/ which usually can give the REAL source of the e-mail. I send a letter of complaint to the e-mail provided by the SPAMCOP search.

Several years ago when phishing was new, I may have responded to one very official PayPal. Shortly thereafter , PAYPAL CALLED me on the phone. After asking me a complicated series of questions to verify my identity. they asked me if I had just won a huge sum of money, something like $100,000. I laughed and said "I wish." Someone apparently was using my account as a "pass-through" to other sources, and it was a person in US.

As I never put money in the PayPal account, only used my bank debit/credit card through PayPal, it was unusual. PayPal does it best to monitor all its accounts for unusual activity.

I had to change my entire account, not using any part of my original I.D. and password.

I don't bank anywhere online, but I check my personal bank accounts on-line. The encryption and methods of using I.D. and passwords are incredibly complicated. If I mistyped any part more than 2 times I am denied access and have to personally call to reactivate the on-line portion of my account using a new password.

If in doubt, CALL PayPal or E-Bay. DON'T PROVIDE EVEN YOUR FIRST NAME TO any e-mail you cannot identify!

Submitted by: Carol C.

***********************************************************************

Answer:

Andrew,

I too have received a number of these. I currently use Spam Killer to catch many of the spam messages I receive in conjunction with new spam filters that my ISP uses. What I do with any message that I get from PayPal is look at the source code in Spam Killer (click the details button in the version I
have) and look at all of the URLs in the message. If even ONE of them has a domain that is not PayPal, I send it to spoof@paypal.com so that they know about it. Spam Killer automates the task of finding this address too with it's address lookup feature. They will investigate where it came from and attempt to stop the person sending out the Phishing messages. I also use Spam Killer to send out a faked 500 error message that makes them think that the address they sent to is invalid. All of these tactics have helped me to not only reduce my spam by at least 70%, but it has also resulted in much fewer phishing messages coming to my inbox. There are many programs to choose from out there and I recommend starting with a good search (CNET Download.com has over 390 programs listed with a search on just the word spam). I chose Spam Killer when it was a free program, now you have to pay
$39.95 for the latest version (see it at www.spamkiller.com) but it is a worthwhile investment so you don't have to wade through so much junk in your inbox. The program is pretty easy to use and McAfee states that they have automated more of the tasks. Ultimately the decision is yours, but I recommend some form of spam killing software on your computer. These programs will keep the spammers and phishers from knowing that you opened the message because they never download the graphics in the message. This is very important as they use small GIF or JPG images in emails to alert them when an addressed recipient has opened an email they sent. This helps you remain anonymous, spoof them back (with a 500 error), report them to their ISP and not get caught up losing your personal data to vermin.



Submitted by: Chris S. of Tucker, GA


***********************************************************************

Answer:

You can look at the hyperlink properties of the email links. It will usually say another domain as opposed to paypal.com or ebay.com. If the hyperlink is not from the company claiming they are the real company.
You can choose to delete it or you can report it to the "actual" company.

For PC users you can hover the mouse pointer on the actual link and it will show you an IP address or a bogus address that has some form of the supposed company. You can type anything on the email i.e. paypay or ebay but when you actually hover the mouse on this links, it will have a different adddress.

Also any reputable company will never ask you for your username, password or your credit card number anyway. They usually have a password hint that they will tell you but actually will not reveal it or at least ask you for it.

Good luck and thanks for the mailing!


Submitted by: Amando M.

***********************************************************************

Answer:

I received a fake email the same day I received this from Cnet. It was askin me to very simply "click on the link to update my billing info" DUH, I don't pay this bill, yet the primary user on my account does.

It's subject was "Earthlink Billing Support".
I immediately right clicked on the sender and viewed "message source". These people are Goooood,, The source was identified as "Earthlink-center.com"... NOT Earthlink. com, but to the naked eye appears to be.
I immediately sent it to Earthlink fraud dept.
Got an email back from the Real Earthlink,that said "since the sender is not under Earthlink's control, there is nothing they can do, Sorry."
I'm sorry, too, since Earthlink doesn't care about my account, I best move on to another ISP that does.
Kind regards,

Submitted by: Deb D.

***********************************************************************

Answer:

You can see where an email came from in Outlook by right-clicking on the message and selecting Options. The header information will be displayed. If the message did not come from the purported source the return path will have nothing to do with the real site and a lot will be from a foreign country.
As for how to know whether it is really from the site, most legitimate sites will NOT give you a link to follow-they will tell you to go to the web site and log in. Many sites, such as Ebay will leave a message in your mailbox with them. Many sites are also posting information about current phishihg using their name and have a link to report the incident. Assume all such emails are fake and check it out by the header and going to the site via the address bar.

Submitted by: Susan V.

***********************************************************************

Answer:

I'm a very satisfied subscriber to RoadRunner here in North Carolina. In the last couple of weeks, I've received an average of 6 to 8 Emails a day supposedly from RoadRunner telling me various warnings; my account is over limit, my account is being canceled; my account is about to expire, etc., etc. When I called my local RoadRunner representative, only asked one question: "Is there an attachment to the Email?" I replied there was, to each and every one. He said that was the big warning sign; RoadRunner never, ever sends an Email like that to subscribers with an attachment. The attachment is where the phishers or spammers catch you. He told me to forward the Emails as an attachment to a security site he gave me; that way they'll be able to trace the source. Thanks,

Submitted by: Bill W of Lewisville, NC

I got many messages from a company called Worldwide Marketing Services LLC, asking for payment for information about on-line jobs. First I noticed that the domain name of the sender was 'ureach.com'. I looked up the WMS LLC in Google and there was no info about such a company, secondly I looked up ureach.com which happened to be an Internet Service Provider (ISP). I thought it is the wrong business for WMS to be in the ISP domain. I found 'ureach' to be a dubious company which is not doing enough in controlling suspicious accounts and asked them to shut down WMS account which they did. Besides that, because I have a blog, I made a posting describing my experiences. Since then I got a few hits through Google and other search engines from people who were trying to find things about WMS. You can do the same: google around the company (if it is not eBay or PayPal) the ISP of the email you get and if you find something, act on the info. Try to get the account suspended, write about it if you have a blog, open a blog (it is free!) and write about it. This way you can help keeping the Internet clean of the phishers.
Julius

I just tried the phishing iq test and got 9 out of 10 correct! Interesting that I erred on the side of caution and selected a legitimate one as a scam, too...

be careful out there!

Did you ever reply to any emails and give phony data? What happened? I'm curious, and furious too because I no longer trust any email from ebay, paypal, or my bank!

The 'phisher' doesn't know if you have a PayPal account or not; they don't care! They cast their net far and wide hoping to catch the unsuspecting person.

Michael

Although I've come close at times due to the official look of the email, I've never actually responded. I check my email through Yahoo before storing it on my PC, then add the spammers' domains to the list of blocked addresses right away and phone the bank, eBay, PayPal customer service to report the spam. Whenever possible, I kick my bf off his Mac and check my email there. He actually clicks on spammers' links and has fun trying to find out where they go. Claims Macs are totally immune. :o)

OTOH, I check my mother's email daily for spammers, etc. and have never found anything in the year she's been online. However, she had a long list of viruses on her PC, and, on a recent visit, I reformatted her hdd, reinstalled all of her apps (which basically consists only of AOL and printer software), and downloaded a firewall, virus scan app, adware/malware blockers, etc. Looks like this will be a yearly project - luckily manufacturer provided CDs that ghosted her system when we purchased, making the process really simple.

I just took the MailFrontier Phishing IQ Test, which is a great tool for educating people on what to look out for. I scored 80%. The two I got wrong were ones I thought were scams, but were in fact legit. First, it doesn't bother me much that I got those wrong, since I was erring on the side of caution. However, the reasons I was wary of those messages is what concerns me about the practices of these companies.

The two test emails I mistakenly flagged as phishing scams had bogus-looking URLs: Bank of America used the domain "bankofamerica1.com", and the CapitalOne message had a link to the domain "bfi0.com". The test answers even pointed out that thest were suspicious looking.

What concerns me is that if companies continue to use such odd-looking domains to conduct legitimate business, people will get used to seeing them, so they won't raise the red flags that the should. I'm sure the phishers love this, since these companies are conditioning people to fall for their scams.

I understand that companies need to load-balance their servers, or track the responses to various messages. However, there are many other ways to do that without creating new domains.