Net2Business
articles

Computer Card Fraud and Computer Viruses


What is "Phishing"?

"Phishing" is the term used when spammers, pretending to be your bank or credit card company or mortgage lender, ask everyone on a spamming email list to "update" their personal information.

An example of a phishing expedition email is copied below. Please note that the link given SAYS that it will take you to a sub-page of the USBANK.COM web site. (It does not.) The linked page had already been removed when this particular email arrived but, no doubt, it looked like a US BANK site and used their logo.

The real USBANK.com web site explains that it will never ask for sensitive information like passwords, social security numbers or even account numbers by email. Don't rise to this bait!


Credit Card Fraud & Identity Theft

This attempt to harvest valid credit card numbers for fraudulent usage was really very well done. The original arrived with the graphics and crosslinks of usa.visa.com/index.html. Even the ATM Locator worked! So, how did we recognize it as fraud?

  1. 1. It just didn't 'feel' right. How likely is it that Visa would know my email address, but not credit card #? That they would write thousands of credit card holders an email that says "oops, remind us of your credit card number, please"?
  2. 2. The verification form was not secure. It started with "http:" where it should have been "https:" Visa policy is to yank the Merchant Account from any business that receives its credit card numbers in the clear like that.
  3. 3. The data collection form used a blind IP address rather than staying at usa.visa.com/whatever...
  4. 4. On revisiting the email about the third time, I noticed that the writing didn't use proper English punctuation or capitalization.
  5. 5. A backward trace on the location of the verification form timed out switching through a Korean host.

Finally, we reported this bit of fraud to Visa and to the F.B.I.

If you have already filled out a 'verification of your credit card information' you should call the number on the back of the card and report it stolen, immediately. It has been stolen, even though it is still in your hand.


Virus masquerading as an MS Patch or Upgrade

This is a virus making the rounds, especially for those with KU connections. If you see the subject line "MS Program Security Section" or something similar which seems to come from Microsoft as a recommended patch, you should delete unread. However, if your anti-virus program is up to date, the attachment will be cleaned and do your computer no harm. Note the authenticity of Microsoft graphics and links!