So you think you’re savvy when it comes to scams, huh? Maybe you’d never click on a link in an email from someone you don’t know with a funny email address asking to send money to Nigeria — but what if it seemed to come from a coworker you know very well including a link that looks totally legit? That’s apparently how the hack of the Associated Press Twitter account went down, with a scam called “spear-phishing.” [More]
The United States Postal Service has a bit of a phishing scam on its hands in Fort Worth, Texas — or really, it’s almost an actual fishing scam. Scammers are apparently coating the blue standalone USPS mailboxes with adhesive, in order to catch outgoing mail and go through it to get money or personal information. [More]
American Airlines is warning customers about a potential email phishing scam that could be trying to steal personal information by posing as the airline. The emails are said to have been sent out as recently as November. [More]
There’s an email that’s been going around that pretends like it’s from Netflix and they’re having trouble with your credit card. Actually, it’s from scammers and they want to steal your credit card. [More]
Thousands of logins for emo-blogging platform Tumblr have been stolen in the past week via a phishing attack that lured users to enter their credentials in exchange for the promise of erotic content. [More]
Here’s a tip: Unless you’re a high-ranking member of the military or government, you’re probably not going to be getting any e-mails sent to you by big-mouthed British Petroleum CEO Tony Hayward. But for those who do see something from ol’ T-Bone in the their inbox, the Attorney General in Florida wants you to know it’s probably a scam. [More]
The BBB says people are reporting seeing a new phishing scam going around that masquerades as an Amazon order alert. It arrives as a confirmation email with a product description, price, and Amazon logo. Naturally, if you click the provided account link to cancel the order or see whether you were actually charged for the item, the login screen you’ll be taken to won’t be Amazon. [More]
How can you electronically drain someone’s bank account while also preventing their bank from contacting them to verify the transaction? Use telephony to flood all of their phone lines with anything from dead air to phone sex promo recordings. According to the Communication Fraud Control Association, these scams are increasing in recent weeks. Be wary. [More]
If you spend a lot of time online, you’re probably aware of phishing scams and know what to look out for. In other words, you’re not one of those ignorant types who clicks on links and starts entering personal information without hesitation. Writer and blogger Cory Doctorow is what you might call hyper-vigilant–he keeps unique passwords, uses a VPN when going online in public, and generally knows not to trust strangers. Still, he got phished a couple of weeks ago. [More]
Jeff received this email from Amazon warning against a phishing scam bent on swiping your password. Here’s the email: [More]
It’s a new day, so there must be a new revelation about another way in which Google Buzz is an affront to the concept of personal privacy, right? But the latest complaint about the Internet giant’s unasked-for answer to Facebook and Twitter goes far beyond making your private contacts public or adding potential personal safety risks to your “followers” list. It looks like the phishers and botnet scammers have already begun taking advantage of the new feature. [More]
I like flowcharts because they appeal to the part of me that wants to be a robot. I also like them because they make multi-step decision paths incredibly simple to follow, even if you don’t have a lot of insight into the big picture. This flowchart from LoginHelper.com will help even your PowerPoint-slideshow-forwarding relative (yes, that one) shoot down phishers as soon as they hit the In Box. [More]
The Centers for Disease Control have issued a warning that there’s a new, swine flu-themed phishing email going around. It says something about an imaginary State Vaccination H1N1 Program, and asks you to create an account on the cdc.gov website–and if you click the link, malicious code may be installed on your system. Obviously you have brain worms if you fall for this. [More]
An email claiming to be from the FDIC is making the rounds on the internet. It supposedly contains a “personal FDIC insurance file” that is really some sort of badness that will ruin your day. Do not click.
Scammers pretending to buy ads for Suzuki tricked Gawker’s ad sales team last week into running malware-laced ads that installed spyware and crashed the browsers of some readers before they were caught and pulled.
Since 2007, the FBI and authorities in Egypt have been running an investigation they’ve called “Operation Phish Phry,” sigh, and this week it paid off with 53 charges against U.S. defendants and 47 against people in Egypt. Three of the 53 in the U.S. have been arrested, and the FBI are looking for the other 50. To prove you’re not one of the remaining 50, please send the FBI your login credentials to your bank. Ha ha, we kid.
William wrote to us this weekend to point out how little Microsoft does to fight phishing attacks on their hugely popular Xbox LIVE network. It’s unfortunate they don’t take this sort of crime more seriously, since so many kids—who by all rights should have less experience with phishing—are on Xbox LIVE. Below is what two different Xbox CSRs told William when he contacted them to complain about phishing attacks.
Hey, we helped get an Ameriprise customer banned from the financial company’s consumer advisory panel! Sorry about that, Brendan.