INAC ANTI PHISHING AND IDENTITY THEFT PREVENTION TOOL   
Anti-Phishing and Identity Theft Protection Logo
Use Identity Defender, Prevent Identity Theft
Anti-Phishing and Identity Theft Protection News

APWG Phishing and eCrime Newswire


Anti-Phishing and Identity Theft Protection Quote

"...recovering from identity theft can be difficult, costly, and stressful, but what is most alarming is that despite the time, money, and personal duress victims go through, resolution is not always achieved."

Kirk Herath, the associate general counsel for Nationwide

INAC E-Zine

Manage your INAC E-Zine subscription


Your Email Address:


Subscribe
Unsubscribe

Many Faces of Identity Theft

Phish-ing (phish, noun/verb; phisher, noun). Phishing is technique, a high-tech scam, that uses spam to deceive consumers into disclosing their credit card numbers, bank account information, Social Security numbers, passwords, and other sensitive personal information, or it introduces a virus attack in order to commit Identity.

Identity theft is the fastest growing white collar crime in America today and the costs of clearing your credit if your identity is stolen can run into the thousands of dollars. Identity theft is a crime that has been around for years and in fact predates computers. It used to be done over the phone for years. It was called social engineering.

The contemporary form of the identity theft crime is called 'phishing' and it includes deceptive e-mails and fraudulent websites are used instead of phones. Phishing is a high-tech scam that uses spam to deceive consumers into disclosing their credit card numbers, bank account information, Social Security numbers, passwords, and other sensitive personal information, or introduce a virus attack in order to commit Identity Theft.

Phishing e-mail Telltales

  1. Deceptive subject lines.
    For example Important Notice, or more deceptive eBay Customer Notice … In order to bypass spam filters Phishing fraudsters put numerals, other characters (!? #@) in the subject line. Sometimes they even misspell some words.
  2. Forged address of the sender.
    This is done in order to deceive people into believing that the e-mail really came from eBay, Wells Fargo, Bank of America...
  3. Forged links.
    The idea is to put genuinely looking links so people are tricked into visiting the Web page which will ask them for their personal information. So the URL is long containing a lot of words among which there is also the actual web site. For example
    http://www.wellsfargo.com.official_site.com_to_be_verified.secure-and-protected-site.com?
    This link may look valid because it contains the name of the valid business, namely, Wells Fargo bank, however, it is bogus.
  4. Authentic looking content.
    These e-mails usually start with ‘Dear Valued Customer’ or for example 'Dear Valued eBay/Amazon … Customer'.
  5. Authentic looking e-mail form.
    The e-mail usually has a logo of the business it attempts to misrepresent. Some e-mails even have a bogus signature making people believe the e-mail was sent by a high ranking official.

Phishing Web site Telltales

  1. URL: incorrect URL, authentic looking URL to identical URL
    The Phishing fraudsters may register a domain name that is similar to the one they are trying to misrepresent. Or they include the name of the misrepresented business / organization in the sub-domain (example: www.fraudsters.wellsfargo.co.uk). Some do not even go through all that trouble and put a completely incorrect URL hoping that users will not notice.
  2. Authentic looking content
    Sometimes Phishing fraudsters simply mirror the original Web site, with all the links and logos.
  3. Appearance of Form
    The authentic looking Web page contains a form which the user is asked to fill out giving his SSN#, bank account number etc.
  4. Fake address bar
    A pop-up is constructed so that there is not real address bar and real URL but a fake address bar in place of the original.
  5. Pop-ups
    A genuine Web page belonging to a real business / organization appears in the background, while a pop-up window opens in front of it with a form to be filled out in attempt to harvest users’ personal information. Users are led to believe that he pop-up is directly connected with the genuine Web page.

How to Prevent Identity Theft

  • Be suspicious of any e-mails with urgent requests for personal financial information. Be suspicious of unsolicited phone calls, visits, or e-mail messages from individuals asking about personal information.
  • Do not use the links from the e-mail to get to any Web page.
  • Avoid filling out forms in e-mail messages that ask for personal financial information. Do not reply to such e-mails.
  • Always make sure that you are using a secure website when submitting credit card information through Internet.
  • Keep your security related software up-to-date (anti-virus, firewall, anti-spyware).
  • And the last, but the most important - install and use identity theft protection software. While anti-virus software protects your computer anti-phishing software protects you and your good credit. The little investment in Identity Defense Kit can save much more than just a computer!

Click Here to order Identity Defense Kit or Identity Defender

All material and trademarks are copyright International Net Applications Corp, 2002-2005.