Relay: Phish Bowl

How to spot an Internet “phishing” scam

    There were maybe 30 of us at GeekHampton in Sag Harbor the other night, watching a PowerPoint presentation on how to spot an Internet “phishing” scam.

    Not a virus, not a bug, not a worm, not even the so-called “Nigerian 419” shakedown (419 is the number of the Nigerian Criminal Code section dealing with fraud — thank you, Wikipedia), where somebody in Lagos urgently desires to give you a big chunk of his rich uncle’s money in exchange for a little of yours to bribe it out of the country.

    No, the scams we were learning about are far less obvious and infinitely more devious, and their numbers are exploding.

    Phishermen, we learned, create Web pages that look almost exactly like they come from a real place — PayPal.com, eBay.com, T.J. Maxx, U.P.S., Verizon, iTunes, the state lottery, any and all banks, anything at all, really — hoping to entice us into giving away key personal information: passwords, credit card numbers, bank account details, and the like.

    Did you, for example, get a warning from your “bank” last week about a bounced check? Did it maybe look like this (an actual scam, subject line: Insufficient Funds Notice)?
    
    Date: September 25, 2013
    Insufficient Funds Notice
    
    Unfortunately, on 9/25/2013 your available balance in your Wells Fargo account XXXXXX4653 was insufficient to cover one or more of your checks, Debit Card purchases, or other transactions.

    An important notice regarding one or more of your payments is now in your Messages & Alerts inbox. To read the message, click HERE, and first confirm your identity.

    Please make deposits to cover your payments, fees, and any other withdrawals or transactions you have initiated. If you have already taken care of this, please disregard this notice.

    We appreciate your business and thank you for your prompt attention to this matter.

    If you have questions after reading the notice in your inbox, please refer to the contact information in the notice. Please do not reply to this automated email.

    Sincerely.
    Wells Fargo Online Customer Service
    wellsfargo.com | Fraud Information Center
    4f57e44c-5d00-4673-8eae-9123909604b6

    “Always look at the return email address,” instructed our friendly geek, Eliot. “If the address looks weird, you may be in the wrong place.”

    wellsfargo.com/za, for example, would mean the e-mail originated in Zambia. Would your bank be writing to you from Zambia? Definitely a wrong place. If the last part of the name makes no sense, he said, read no further, hit the delete button.
    
    Speaking of look no further:

    From: Internal Revenue Sevice
    Reply-To: irs@sevice.com
    Subject: Refund Notification

    “sevice.com”? Not just one weirdness there. The misspelling is easy to spot; the “com” needs common sense. The e-mail address of the I.R.S. ends in .gov, like all federal government department addresses, not .com.

    Bad spelling, and especially bad English, are dead giveaways that a phisherman is casting out a line. So is a warning of dire consequences. This next one makes it on all three counts:

    UNITED STATES OFFICE OF HOMELAND SECURITY
    MG Timothy J. Lowenberg, Adjutant General and Director State Military Department
    Washington Military Dept., Bldg 1 Camp Murry, Wash 98430-5000

    Attn,
    It has come to our notice that your ATM card to you is still in Georgia because you have refused to comply with the US Customs and Boarder Protection. I wish to remind you the consequences if you fail to comply. With the power invested in me as the Secretary General of the Homeland Security I advise you to comply with the Custom immediately to avoid having your ATM card confiscated and charging you for money laundry.

    However i the agent Mr. Paul Smith will advice you to immediately respond back to my E=mail so that he will help you to obtain the needed certificate the only fees required is $480 after that your ATM card will be released to you unless you have decided to loose your ATM card. Contact information is listed below. . . .
    
    With, of course, a helpful link.

    How anybody could fall for that one is hard to fathom, but it happens every minute. Unemployed people looking for work are taken in by lottery scams, elderly people put their trust in “Your Social Security Refund,” even supposedly savvy teens click on that treacherous link that promises a free iPod just for submitting a review. Global losses from phishing in 2012 were estimated at $1.5 billion.

    “It’s going to get harder to figure out who’s going to screw you over, so just trust your gut,” Eliot concluded. “Common sense is the best way to stay safe, in the real world and on the Internet.”

    We were getting our stuff together, ready to leave, when someone’s cellphone rang, and rang, and didn’t stop ringing.

    “Could you help me?” came a voice from the back. “I don’t know how to turn this off.”

    Better never turn it on, or your computer either, is my advice.


    Irene Silverman is The Star’s editor-at-large. She is at large in East Hampton at the moment.