Phishing Scam May Strike Close To Your Home
“Phishing” is a scam that may seem like old news to Consumer Checkpoint readers. I first wrote about this scam in the June 2005 issue of the Wisconsin Energy Cooperative News, which is available at: www.wecnmagazine.com/consumer/2005/ccpjune05.html . In mid-October the Wisconsin Electric Cooperative Managers’ Association discussed the harmful impact new phishing scams could have on electric co-op members.
Phishing is a legitimate-looking e-mail from your bank or other type of financial institution asking you to “update your personal or financial information.” Last month, a number of credit unions were hit by this scam when criminals sent out millions of e-mails seeking personal information from credit union member under the cover that they were from a local credit union. I received some of these e-mails and I was amazed at the high quality of the graphics. The e-mails included logos and other graphics the credit unions use on their real websites. Of course, each e-mail asked me to go to a website to “update my personal financial information.” And, of course, I immediately deleted the e-mail.
Security service company SecureWorks reports a 90-percent increase in Internet phishing attacks against U.S.-based utilities. From January through April of this year, the company blocked an average of 49 attacks per day against each of its more than 100 utility members and the problem has been increasing. From May through September, it has been blocking an average of 93 attacks per day against each of its utility members.
At the same time, SC Magazine, a publication devoted to security issues, reported October 12 that a “record number of phishing attacks were detected in September.” The magazine noted that September’s 9,621 phishing attacks compared with 8,583 in August, a jump of more than 1,000. However, this number is dwarfed by the fact that the number of attacks has more than doubled in the past year. Unfortunately, 39 percent of the attacks were generated from the United States, with China a close second at 34 percent.
This may very well mean criminals will use sophisticated software to allow them to recreate a very real-looking picture of your electric cooperative’s website and to include a message to you seeking your personal financial information.
What should you do if you receive one of these phishing e-mails? First, be aware that your electric cooperative will not send you an e-mail asking you to update your credit card number or account information. Therefore, do not respond to any unsolicited e-mails asking you for such verification. Instead, contact your electric cooperative at its real address and notify security personnel that you received a phishing e-mail using the cooperative’s name.
You may also want to forward the phishing e-mail to the federal law enforcement authorities at firstname.lastname@example.org. Overall, never send personal or financial information in an e-mail because it is not a secure method of sending sensitive items. Finally, use antivirus software and maintain an effective computer firewall to the outside.
I doubt this will be the last time I write about phishing scams. The Internet is a great tool for so many things, but it has also greatly increased the speed by which criminals can separate you from your money or identity. Be careful out there in cyberspace.