May 7, 2008

I am a Fool

Filed under: Main — admin @ 12:01 am

Yeah, I’ve written about it often enough. I know how it works. But call it stupid timing. I fell victim to a phishing scam. O the shame!

In case you don’t know, a phishing (say “fishing”) scam is where you get an e-mail message that purports to be one thing but is another. Often the e-mail leads you to a web site that looks like the real thing, but in fact tricks you into divulging things like account names, passwords, PINs, and other vital information.

Normally I don’t fall prey to this type of scam. I get e-mail that looks like it’s from my bank, but it’s not. The give-away is visiting the phishing web site, which looks like the real thing and may even use the real graphics, but it asks some questions you wouldn’t expect, such as your social security number, account password, or mother’s maiden name.

In my case, I just happened to just have purchased something on eBay. I received a confirmation from the vendor with the shipping information. The next e-mail I got looked like it was from eBay itself. It contained a link to “www.ebay.com” but the link actually went to another page. Before I knew it, I had typed in my eBay account name and password on the bogus page. In fact, I noticed that the page wasn’t eBay at all as I clicked the button to “log in.”

I felt terrible.

Immediately I went to eBay — the real site — and changed my password. That saved me. Just for good measure, I changed my password on every other web site I use. I replaced my old passwords, which were typically 8 characters long, with the new ones between 10 and 16 characters long. So far, after a day or two, I’ve not noticed any unusual activities on the any of my web sites, so whoever ended up with the password has useless information.

The reason I’m writing about this is to tell you that it could happen to you, too!
Normally, I’m quite astute about these things, but it was the timing that got me. I had just bought something on eBay so it made sense that they might send me a message. Oh well.

What’s even more surprising to me is that the web browser’s anti-phishing filter didn’t catch the bogus link. The link said “www.ebay.com” but the actual page was something else that had the word “ebay” in it. I’m puzzled as to how this one got by, but that’s not the point. The point is to be careful out there, no matter how good you think you are with computers.

4 Comments

  1. Ah, well. It just goes to show that even the most experienced computer users can get fooled.

    With our Trend Micro Internet Security suite we got with the new computer, it blocks spam messages (Not sure if it blocks the phishing messages), but it will black, by default, known malware and phishing sites. It’s been a lifesaver for me: I was looking for a free shareware download site once: found one that looked promising, and it blocked it and said “This is a spyware/malware site. Run away!” If you haven’t gathered, I like my Trend Micro.

    Comment by Douglas — May 10, 2008 @ 4:30 am

  2. There is a danger is becoming too content with such services. I remember years ago when the Nimda virus hit — and hit hard. Lots of folks thought that they were safe.

    Comment by admin — May 10, 2008 @ 8:11 am

  3. Someone’s been Phishing me and it just goes into my junk mail folder. It’s been a few PayPal notices asking me to click on a link to update some info. I know it’s bogus since I’ve never used PayPal for anything. I clicked on the “report Phishing scam” button in my email program. I guess that’s all I can do, right?

    Comment by Jed — May 14, 2008 @ 8:53 am

  4. That does a lot, actually. Clicking on the Report button adds the site to a database. Hopefully that leads to more action that prevents others from being fooled. On the other hand, it also could cause problems for legitimate sites that merely have people angry with them.

    For example: A woman subscribed to my weekly newsletter a few years back. She couldn’t’ figure out how to un-subscribe, despite it being mentioned in each newsletter at the end. So she marked my newsletter as Spam. When that happened, about 300 other subscribers using AOL e-mail addresses failed to get my newsletter. And my site, GOOKIN.COM, was flagged as a spammer site by AOL. I finally e-mailed the woman and she was arrogant and wrote the whole thing off, uncaring about the reaction she caused. That was one of many factors that caused me to suspend my old newsletter. Anyway, long story short, such databases can have adverse consequences.

    Comment by admin — May 14, 2008 @ 8:59 am

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.


Powered by WordPress