Goin' Phishing

by Bill McCloskey, Oct 14, 2004, 12:00 AM

• Comment
• Recommend (2)
• Tweet
• 

When you think about it, we've come a long way in only a few short years and I'm already starting to wonder how we got anything done without the ability to communicate quickly using e-mail.

For example, just this week I was able to quickly resolve a problem I was having with my eBay account. It seems that somebody had been using the account for some fraudulent purposes but after getting a polite notice I was able to go online, give them my checking account numbers, PIN codes, and my mother's maiden name and things should be all set now.

I also had some good fortune come my way in the form of an e-mail from the son of the former President of Zaire. I can't give too many details, but apparently after his father's death a very large sum of money was frozen by the government and with my help he's going to be able to get to the funds. I won't tell you how much I stand to make, but let's just say that my retirement has gotten a lot closer.

Of course, I'm being tongue-in-cheek here. Scam offers like these seem to be a big part of my in-box these days and I wouldn't touch them with a virtual 10-foot pole. As obvious as these fraudulent offers seem to me, however, they're taking their toll on others who aren't that savvy when dealing with sudden news that seems too good to be true.

According to Gartner Group, phishing and identity theft using e-mail has resulted in the loss of $1.2 billion dollars in the U.S. during the past year with over 1.4 million victims. According to their data, 54 million Americans believe they have received a phishing e-mail at least once during the past year.

But even with such high numbers of saturation, the number of phishing e-mails sent rose 50 percent per month between January 2004 and July 2004 resulting in just over 1,974 unique attacks in July according to the Anti-Phishing Working Group. They estimate as many as 5 percent of all recipients get suckered and end up giving away their personal information.

While this is a huge problem for consumers, it's also a huge problem for the companies who are being used to disguise the fraud. According to the Anti-Phishing Working Group, the No. 1 company of hijack choice is currently Citibank with U.S. Bank and eBay taking up positions 2 and 3.

Not surprising is the fact that banking and financial institutions top the list of companies who are most targeted for this type of offer accounting for 1,642 of the 1,974 unique phishing e-mails in July 2004. The vast majority of these offers also originate in the U.S. (with South Korea and China vying for 2nd place).

To their credit, the Citibank Web site provides a tutorial of sorts that explains to customers what phishing is and how to spot fraudulent requests for information. They also have an internal watchdog group that monitors fraudulent offers in their name.

According to the Citibank site, the best form of defense against being a victim of fraud is to learn how to stay protected by being aware of fraudulent offers. They also recommend not following e-mail links but instead going directly to the site in question, to change passwords and PIN numbers every few months and to avoid giving away any personal information without first being able to verify that the offer or need is legit.

While this may be a problem without an immediate solution, we can hopefully find ways to spread the knowledge around to protect those people who might still be a bit too trusting or willing to believe that with their minimal effort and access to a personal checking account they too can become overnight millionaires.

• Comment
• Recommend (2)
• Tweet
• 

Be the first to comment on "Goin' Phishing"

Leave a Comment