Computing with Bifocals - Avoiding Phishing Scams!
by - August 26th, 2005

As I have mentioned in previous columns, there are some days when I get as many as 500 spam messages.  This past July 22nd, I reached a new all time high of 758 in a 24 hour period. 

I guess I am just special. 

Spam is the term applied to unsolicited and unwanted bulk email advertising for everything from porn to vitamins.  Ninety nine percent of it goes straight into my trash because of the great filtering system built into the Mail app that comes with OS X. 

However, I do check through the list about once a day to make sure nothing I need was mistakenly sent to the trash.  This occasional perusal lets me get an idea of the kind of stuff I am being sent.  I get lots of messages trying to part me from my hard earned money.  Chances are you, the reader, already know all about what I am writing about.  However you may have a relative or friend or neighbor who is just getting on the internet for the first time.  You might be doing them a big favor if you share this column with them.

According to a news story written by Peralte C. Paul of The Atlanta Journal-Constitution, consumers lost US$929 million dollars between May 2004 and May 2005 to Internet scams.  The primary target of these scams are new users. 

The thing is, though, that protecting yourself is actually very easy.  Never, never, never give out your personal information in response to an email or an instant message.  Some of them look very authentic, but think about it for a moment:  Why would your bank email you about a problem with your account, much less ask for your account number. They already know your account number. That is not how banks or credit unions, or savings and loans do business. Nor, for that matter, do eBay or PayPal email customers for sensitive information although the scammers love to use both companies to try and trick us.

This activity of trying to get your information so someone can steal your money is known as 'phishing'.  Phishing is defined as follows by the internet encyclopedia Wikipedia.org.

"In computing, phishing (also known as carding and spoofing) is the act of attempting to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business with a real need for such information in a seemingly official electronic notification or message (most often an email, or an instant message).  It is a form of social engineering attack.  The term phishing comes from the fact that Internet scammers are using increasingly sophisticated lures as they 'fish' for users' financial information and password data."

Here is an of the kind of messages that you may get.

And, here is another one.

Example 2
(Click the thumbnail for a larger image)

As a basic guideline, anything or anyone who wants to solicit your money or any account information via email should be suspect.  This includes any emails that purport to come from Nigeria, Ethiopia, Russia, England, or Germany that claim there is money sitting somewhere just waiting to be claimed with your help.  It also includes unsolicited offers to refinance your home.  I particularly like the ones that offer to refinance my condo at 8 times its value.  I wish!

The old saw about "buyer beware" is doubly true when it comes to email.  Question everything.  Anyone with even moderate computer skills can copy and paste a logo from an internet web site like the ones in the examples above and put together a scam message.  They count on the fact that new users won't know how easy it is to do this and they, the new users, will automatically believe that the messages are authentic. 

Here is one more example.  I received this message a couple of days ago.  This one is particularly insidious on a couple of levels, but also gives itself away on a couple of levels.  The trick is to read it twice.

Example 3 (example includes content some may find offensive)
(Click the thumbnail for a larger image)

First of all I am supposed to look at this and see a believable PayPal message.  It was even addressed to the email address that is associated with my legitimate PayPal account. Then I am supposed to see that someone is charging my PayPal account $1139.30.  Then I am supposed to see that I am being charged $552.05 each for two sex toys.  These last two facts are supposed to get me so upset that I will instantly click on the "Log In" button on the left side of the message to try and straighten it out.  (At this point we are going to just fly on past the topics of $500 sex toys and the laughable concept that my PayPal account even has a $1000 balance.)

The spam indicators are these: 

1. PayPal never includes an instant "log in" component as part of their email messages.  A PayPal member must go to the PayPal web site to "log in" to get to their account. 
2. The first sentence tries to indicate that the charges are being made in British pounds (GBP), but they put a U.S. dollar sign ($)  in front of the amount rather than the British pound sign (£), presumably because they don't know how to do it correctly. 
3. The rate of exchange between the British amount of £1,915.51 and the U.S. amount of $1,064.41 is way off.  The U.S. amount should be about $606.  However, the perpetrator of this attempted theft is counting on the fact that I will simply give a knee-jerk response to the outrageous charges and the unacceptable items. 

They win and I loose whatever amount may actually be in my account because within minutes of my replying they would have cleaned out my account by putting through a charge that could not be traced.

Bottom line is you are in control, not the criminals.  Put spam in the trash where it belongs.

Copies of Nancy's book Tips, Hints, and Solutions for Seasoned Beginners Using Apple Macintosh Computers With OS X are available in PDF download versions  for US$9.57 and in print version for $18.15 plus $4.00 shipping.   To view sample pages and get ordering information visit the September 14, 2004 column.

Post your comments below.

Nancy has a Master's degree in Human Services Administration and prior to her retirement she worked for almost 30 years in field of mental health and mental retardation. She has been a Mac user for 11 years, and has recently developed an avocation of teaching basic computer skills in both group and one-to-one settings.

• Of iPod Cases and System Preferences - August 30th
• Cool Tips, Kudos for Bob, & a Review - July 31st
• Two Apps for Reading and Browsing - June 23rd

Other "Computing With Bifocals" Columns