Posted on: Tuesday, November 30, 2004
When checking e-mail, beware of phishing
By Jeff Gelles
Knight Ridder News Service
When most of us contemplate the holidays, we think of friends, family and fellowship. But not Susan Larson. Larson has phishing on her mind.
Larson works for SurfControl P.L.C., an Internet and e-mail security company. In the past year, she's watched this oddly named high-tech crime go from being a curiosity to a ubiquitous threat.
Every day, untold millions of spam e-mails are sent that don't advertise the latest "male enhancement" product — or anything else. For phishers, even sucker ads would be too honest.
Instead, they send out slick e-mails that seem to be from companies such as Citibank, eBay or America Online. The e-mails warn of dire things, such as account suspensions, that demand action. And they link to fake Web sites that ask for personal data: account numbers, PIN codes, Social Security numbers. Provide them, and you open yourself to identity theft.
So far, customers of financial-services firms have been phishers' prime targets. But Larson believes the holidays could spur a new wave of attacks, aimed at online shoppers.
She's right. So remember: That e-mail may seem to be from Amazon, Macy's or BestBuy.com. But that's exactly why phishing works.
Don't take the bait.
Online crime also is on the mind of Philadelphia District Attorney Lynne Abraham, who shares Larson's phishing concerns and warns that fake e-mails from charities may crop up, too.
But as the city's chief prosecutor, Abraham has some valuable advice to add about criminals who operate on Earth rather than in cyberspace, and who keep busy around the holidays.
Some of Abraham's shopping tips:
At the risk of sounding too much like Scrooge, this is a good time to remind you of another holiday risk: the vanishing gift card or certificate.
Gift cards abound, for stores, restaurants, Web sites, even entire malls. Banks issue them, too, with the lure that theirs can be used anywhere, just like a credit card.
But if you give a card or get one, watch the fine print. Although laws in some states prevent gift certificates from simply expiring, some issuers get around this by charging service fees that eat away at a card's value if it goes unused.
Another drawback is that some merchants say "tough luck" if a card is lost or stolen. But not all.
The good news is that many retailers have eased up on onerous practices, according to a recent survey of 34 cards by the Division of Consumer Affairs in Montgomery County, Md.
Chains that replace cards and don't impose so-called dormancy fees include Borders, Circuit City, CompUSA, Gap, Home Depot, Lowe's, Old Navy, Sears, Sports Authority, Starbucks, and Wal-Mart.
Chains that won't replace cards include Barnes & Noble, Blockbuster, Kmart and KB Toys. Kmart and KB are among those that also impose fees after extended periods of non-use.
The four bank-issued cards in the survey were by far the worst. All charged fees at issuance and to replace lost cards, and monthly maintenance fees in some circumstances.
