Thursday, March 16, 2006

I was Phished Today, With "e-mail" from BANKONE

This is what I got:
Dear Bank One valued member,

The security of your information, transactions, and money is the core of
our business and our top priority at Bank One.


Our policy is to protect personal or financial information which comes
into our possession during the normal course of business.
It has come to our attention that your account information needs
to be updated due to inactive members, frauds and spoof reports.
If you could please take 5-10 minutes out of your online experience and renew
your records you will not run into any future problems with the online service.
However, failure to update your records will result in account erasure.
This notification expires on March 25, 2006.


Please follow the link below and renew your account information.

http://www.bankone.com

Once you have updated your account records your internet banking
service will not be interrupted and will continue as normal.


Online Department
Bank One


www.suntimes.com
Back to regular view
http://www.suntimes.com/output/savage/cst-fin-terry105.html

Print this page


Of 'phishing' for data and fishing for gifts

June 10, 2004

BY TERRY SAVAGE SUN-TIMES COLUMNIST




It's summertime. A season of vacations and weddings, and today's column includes not one, but two financial stories along that theme.

The first should be titled, "Gone Phishing." That's not a misspelling, nor is it a vacation idea. It's the name of a new identity theft scam that is sweeping the Internet.

I've heard about e-mails that purport to be from your financial institution, asking for personal information. But when one landed in my own e-mailbox this week, I didn't immediately recognize the scam.

The logo of my bank, Bank One, was identical to messages I sometimes receive about new features in their online bill pay service. And the return e-mail said it came from service@bankone.com. The message started out as an official sounding warning: "Because of our concern about the safety and integrity of the online banking community..." So I read further.

The e-mail asked me to "take a few minutes to review and update" my information as a security precaution. It advised me that if I did not reply within a week, my account would be deleted. It asked me to click on a link in the message to input my information.

A clear scam



It was clearly a scam. A bank would never delete an account. A bank always has your information and never asks you to input information over an insecure e-mail link. And the word "delete" was misspelled as "deletation."

But people do follow those instructions. The link leads you directly into a trap. Once you input your account and PIN, you've given away the keys to your financial life.

Note: This scam has nothing to do with the safety of online bill pay! Your online bill pay account is secure and guaranteed against fraud. This has everything to do with Internet scams and identity theft.

Every major bank has been hit with this "phishing" scam. Con artists blast massive amounts of e-mails, hoping they'll land in the box of someone who actually does have an online bill-pay account at the bank. It only takes a few responses to make this scam profitable. So here are some tips to avoid being taken:

*Be alert for scams. Check at your bank's Web site for warnings. Citibank and Bank One even post examples of e-mail phishing scams.

*Never reply with information. Never give out information when someone asks for it. Never use a link.

*Report attempts to the bank. Every bank Web site has a link or a toll-free number to report these attempts. And don't be embarrassed if you were tricked into giving away information. If you report it immediately, your account will be protected until you can choose a new PIN.

*Forward scam e-mails to the Federal Trade Commission. Send that e-mail to the FTC so they can take action and see how huge the problem is becoming. The address to forward that scam email is: uce@ftc.gov

*Change your password and PINs. Banks advise that you use separate PINs and passwords for different accounts, so if one is stolen, your entire financial life is not revealed. And though it's a pain to remember new PINs, they advise changing those codes twice a year.

Remember, your grandparents probably didn't lock their front door. And the first automobiles didn't have individual keys. But we live in a different era now. The message is not to avoid technology, but to use it wisely.

Perfect wedding gift



And that reminder leads me to mention a new idea for that wedding or graduation gift this summer. It's a Web site called www.GiftofStock.com. In fact, if you're the one getting married, you can register for shares of stock you'd like to receive.

The stock gift includes automatic enrollment in the company-sponsored Dividend Reinvestment Plan or DRIP. So this is a gift that can keep growing as part of a long-term investment plan. About 1,300 major companies offer these DRIP plans, and they're all listed at the Web site.

The recipient gets a mock stock certificate announcing the gift, but more importantly, the right to continue investing in shares of the company stock without paying commission or going through a broker. Check the Web site for details on ordering and pricing.

The Internet can bring great financial benefits, as well as challenges. And it requires new skills at discerning the real from the fake. But it's worth it. That's The Savage Truth.


Terry Savage is a registered investment adviser, and appears weekly on WMAQ-Channel 5's 4:30 p.m. newscast. Distributed by Creators Syndicate.



Copyright © Terry Savage Productions

No comments: