Computing with Bifocals - Avoiding Phishing Scams!
by
- August 26th, 2005
As I have mentioned in previous columns, there are some days when I get as many as 500 spam messages. This past July 22nd, I reached a new all time high of 758 in a 24 hour period.
I guess I am just special.
Spam is the term applied to unsolicited and unwanted bulk email advertising for everything from porn to vitamins. Ninety nine percent of it goes straight into my trash because of the great filtering system built into the Mail app that comes with OS X.
However, I do check through the list about once a day to make sure nothing I need was mistakenly sent to the trash. This occasional perusal lets me get an idea of the kind of stuff I am being sent. I get lots of messages trying to part me from my hard earned money. Chances are you, the reader, already know all about what I am writing about. However you may have a relative or friend or neighbor who is just getting on the internet for the first time. You might be doing them a big favor if you share this column with them.
According to a news story written by Peralte C. Paul of The Atlanta Journal-Constitution, consumers lost US$929 million dollars between May 2004 and May 2005 to Internet scams. The primary target of these scams are new users.
The thing is, though, that protecting yourself is actually very easy. Never, never, never give out your personal information in response to an email or an instant message. Some of them look very authentic, but think about it for a moment: Why would your bank email you about a problem with your account, much less ask for your account number. They already know your account number. That is not how banks or credit unions, or savings and loans do business. Nor, for that matter, do eBay or PayPal email customers for sensitive information although the scammers love to use both companies to try and trick us.
This activity of trying to get your information so someone can steal your money is known as 'phishing'. Phishing is defined as follows by the internet encyclopedia Wikipedia.org.
"In computing, phishing (also known as carding and spoofing) is the act of attempting to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business with a real need for such information in a seemingly official electronic notification or message (most often an email, or an instant message). It is a form of social engineering attack. The term phishing comes from the fact that Internet scammers are using increasingly sophisticated lures as they 'fish' for users' financial information and password data."
Here is an of the kind of messages that you may get.
And, here is another one.
As a basic guideline, anything or anyone who wants to solicit your money or any account information via email should be suspect. This includes any emails that purport to come from Nigeria, Ethiopia, Russia, England, or Germany that claim there is money sitting somewhere just waiting to be claimed with your help. It also includes unsolicited offers to refinance your home. I particularly like the ones that offer to refinance my condo at 8 times its value. I wish!
The old saw about "buyer beware" is doubly true when it comes to email. Question everything. Anyone with even moderate computer skills can copy and paste a logo from an internet web site like the ones in the examples above and put together a scam message. They count on the fact that new users won't know how easy it is to do this and they, the new users, will automatically believe that the messages are authentic.
Here is one more example. I received this message a couple of days ago. This one is particularly insidious on a couple of levels, but also gives itself away on a couple of levels. The trick is to read it twice.

Example 3 (example includes content some may find offensive)
(Click the thumbnail for a larger image)
First of all I am supposed to look at this and see a believable PayPal message. It was even addressed to the email address that is associated with my legitimate PayPal account. Then I am supposed to see that someone is charging my PayPal account $1139.30. Then I am supposed to see that I am being charged $552.05 each for two sex toys. These last two facts are supposed to get me so upset that I will instantly click on the "Log In" button on the left side of the message to try and straighten it out. (At this point we are going to just fly on past the topics of $500 sex toys and the laughable concept that my PayPal account even has a $1000 balance.)
The spam indicators are these:
- PayPal never includes an instant "log in" component as part of their email messages. A PayPal member must go to the PayPal web site to "log in" to get to their account.
- The first sentence tries to indicate that the charges are being made in British pounds (GBP), but they put a U.S. dollar sign ($) in front of the amount rather than the British pound sign (£), presumably because they don't know how to do it correctly.
- The rate of exchange between the British amount of £1,915.51 and the U.S. amount of $1,064.41 is way off. The U.S. amount should be about $606. However, the perpetrator of this attempted theft is counting on the fact that I will simply give a knee-jerk response to the outrageous charges and the unacceptable items.
They win and I loose whatever amount may actually be in my account because within minutes of my replying they would have cleaned out my account by putting through a charge that could not be traced.
Bottom line is you are in control, not the criminals. Put spam in the trash where it belongs.
Copies of Nancy's book Tips, Hints, and Solutions for Seasoned Beginners Using Apple Macintosh Computers With OS X are available in PDF download versions for US$9.57 and in print version for $18.15 plus $4.00 shipping. To view sample pages and get ordering information visit the September 14, 2004 column.
| Check out Nancy's complete index of all her columns for the most complete list of tips anywhere. The list is categorized and is a great reference when you are looking for help!
|
Nancy has a Master's degree in Human Services Administration and prior to her retirement she worked for almost 30 years in field of mental health and mental retardation. She has been a Mac user for 11 years, and has recently developed an avocation of teaching basic computer skills in both group and one-to-one settings.
Most Recent Computing With Bifocals Columns
- Of iPod Cases and System Preferences - August 30th
- Cool Tips, Kudos for Bob, & a Review - July 31st
- Two Apps for Reading and Browsing - June 23rd
Other "Computing With Bifocals" Columns
Observer Comments
Fri Aug 26, 2005 3:54 pm Subject: Another basic error--the totals are incorrect.
Fri Aug 26, 2005 4:03 pm Subject: Don't post your email on a web page
Use formmail if you can. It won't stop you from receiving spam, but it helps keep spammers from gleaning an address off of a web page.
As to phishing. Ebay/PayPal seems to be a popular ploy and their web site has an address to where you can forward spam. The same applies for most banking institutions. There are has been some arrests for spamming recently, making progress one step at a time.
I enjoy your articles, keep up the good work.
Fri Aug 26, 2005 6:18 pm Subject: Re: It's 'lose' not 'loose'
Fri Aug 26, 2005 7:58 pm Subject: … and check you currency calculator …
Sat Aug 27, 2005 9:42 pm Subject: Better than trashing
Go to the phisher’s bogus page, and enter bogus data. Make up a bogus username and password (any will do since they can’t know it’s wrong; you will move on to the next fake page to enter your credit card info), and enter bogus credit card info, etc.
Think of it as SPAM for the Phishers.
If everybody did this, it would make phishing unprofitable, and possibly lead to apprehending this guys.
Just make sure you have Java and Javascript disabled before going to their bogus site.
Comments are currently closed. Please email the author instead.
Recent Headlines - Updated November 21st
- Fri, 7:07 PM
- Games - Soccer Sim Championship Manager 2010 Released for Mac
- 6:47 PM
- Games - EA Publishes Original Monopoly for iPhone
- 6:15 PM
- News - Original Apple I on Ebay for $50K, w/Letter from Steve Jobs
- 6:11 PM
- Games - New iPhone Games: Secret of the Lost Cavern Ep 1, New DJ Nights, More
- 5:47 PM
- Games - Star Trek D-A-C Game Headed to the Mac Next Month
- 4:57 PM
- Product News - TidBITS Releases “Take Control of Syncing Data in Snow Leopard”
- 4:26 PM
- John Martellaro's Blog - Particle Debris (week ending 11/20) Stationery Pads Go Poof
- 2:59 PM
- Free on iTunes - Musée du Louvre, Art Lite, SketchBook Mobile X and More.
- 1:50 PM
- Deal Brothers - Acer P215H bmid 21.5” Widescreen LCD Monitor: $139.99
- 11:24 AM
- TMO Appearances - Jeff Gamet Shares More Holiday Gift Ideas on MacJury
- 10:43 AM
- Product News - Cocktail 4.5 for Leopard Adds QuickLook Cache Clearing
- 10:06 AM
- News - Hack Enables Mac OS X 10.6.2 on Netbooks
The Mac Observer Reader Specials
- TypeStyler For Mac OS X is Now Shipping! Download The Free Fully Functional 60 Day Tryout at www.typestyler.com
OWC: Get the Right Memory / Ram for your Mac. Top Quality, Competitive Prices, Lifetime Warranty. Expert Support and Video Installation Guidies too! 4.0GB Matched Sets from $87.99, Options up to 32GB. Click here
If you're using a Mac, then you've gotta check out Full Tilt Poker for Mac. This Full Tilt Poker bonus code does the unthinkable, it actually rewards!For the latest Apple products use Ciao, a price comparison website, to find laptops like MacBook Air. Then find the best prices on MP3 players and use our comparison tool to evaluate mobile phones like the Apple iPhone.
Laptop Hardware Provided by TechRestore - Overnight Mac & iPod Repairs.



