Phishing for Protection

By Bryan Rafie, Spring 2016 Student Intern

The Internet is an ocean. Behind every computer’s screen lies hidden treasures, sunken ships, and giant reefs just waiting for the curious browser to experience. This electronic ocean is also host to a variety of predators, hardened by anonymity and isolation, all ready to ravage the unsuspecting victim. One of these predators is the phisherman. Every phisherman understands the key to survival is patience and selecting the right lure.

In our case the lure of a phisherman is a cleverly crafted title to a phishing email. A phishing email is an email from an individual impersonating a trusted business, government agency, or close friend to trick the recipient into passing on personal information. These emails have the general appearance of authenticity. They carry the company’s logo or letterhead. They use words or discuss subject matter related to the business or person they are impersonating. The Federal Trade Commission provides the following examples of phishing email messages: Continue reading

Medicare Phishing Scheme Allegedly Responsible For Stealing Millions from Senior Citizens

By Patricia Uceda, Fall 2014 Graduate Research Assistant

phoneThe FTC recently helped halt a telemarketing phishing scheme that was targeting senior citizens entitled to Medicare benefits. The telemarketers allegedly called consumers and stated that they were calling on behalf of Medicare and that they were providing information about Medicare benefits. They then asked to verify consumers’ identities through use of personal information, including bank account numbers, allegedly assuring consumers that the information was being only used to verify their identity, and they would not be charged for the information provided.

However, the telemarketers allegedly instead used the information to remotely create checks drawn from the consumers’ bank accounts. Continue reading

Wednesday’s Word: Phishing

By Dylan Donley, Spring 2014 Graduate Research Assistant

Phishing is a type of scam in which fraudsters (a.k.a. phishers) use spam emails or other types of communication methods (e.g., automated voicemail messages or cold calls) to obtain sensitive personal and financial information from unsuspecting individuals. Phishers are able to obtain this information through the use of false or exaggerated statements or claims in order to force people to react and give up something of value or some right that they hold.

For more information about phishing, read more here.

How Closely do you Read your Credit Card Statement? New Scam Featuring $9.84 Charges may have hit you Right Under your Nose.

By Dylan Donley, Spring 2014 Graduate Research Assistant

credit cardIf you are anything like me, you probably don’t read your credit card statements as closely as you should, going line by line to make sure each listed charge is one you’ve actually made in that exact amount.  As reported by NPR, in wake of a new scam identified by the Better Business Bureau of northern Illinois and the FTC, there is a new reason to make sure you do. Continue reading

Don’t Become a Victim to Phishing Investment Scams: Tips for Avoiding Phishing

By Dylan Donley, Student Intern Fall 2013

fishing hook 2 clip art microsoft

The following is a list of general guidelines to consider if you ever receive an unsolicited phone-call:

(1)  Be suspicious of any phone call or email with urgent requests for personal financial information.

  • Phishers typically include upsetting or exciting (but false) statements in their emails or phone calls to get people to react immediately.
  • For example, “Is this Mr. Smith?  I am calling from XYC Bank.  Do you have a VISA card?  I need to verify your account number because it appears that someone may be fraudulently charging purchases to your account.  Can you read me the account number and expiration date on the front?  Now, the last four digits on the back…” Continue reading

Phishing and Other Financial Fraud — It’s More of Problem than You Might Think

By Dylan Donley, Student Intern Fall 2013

As discussed in my previous blog posts, a new wave of phishing scams has emerged – phishers are impersonating employees of legitimate brokerage firms and cold-calling individuals, including actual investors, seeking personal financial information under the guise of offering high yielding Certificates of Deposit.

While this is certainly a new take on investment scams that have been reported, the occurrence of financial fraud in the United States has steadily increased over the last decade.  Organized crime frequently uses phishing as a method to commit fraud, and there is a black market for stolen credit card and Social Security numbers. Continue reading

The Anatomy of a Phishing Scam

By Dylan Donley, Student Intern Fall 2013

While scammers have become increasingly sophisticated with their phishing schemes (e.g., creating seemingly authentic emails, Web sites, and making seemingly legitimate phone calls from employees with actual banks and brokerage firms which are actually fraudulent), there are a number of factors that suggest a phone call or email communication is a phishing scam.

Email phishing schemes may include:

  1. A falsified email address
  2. An impersonal email greeting
  3. A sense of urgency
  4. An account status threat
  5. Links embedded in the email or documents attached to the email
  6. Requests for personal information

Similarly, phone call phishing schemes may include:

  1. The Caller ID name and phone number not belonging to the legitimate business or firm
  2. A sense of urgency
  3. An account status threat
  4. Requests for personal information Continue reading