I almost fell off my seat when I read Paypal’s letter to me.
“Issa, many different computers have logged into your account and that there were multiple password failures before the login and thus, we have limited your account. Please download the form attached to this email, open it in a web browser and it will provide you with steps so you can restore your account access.” It ended with a plea for my understanding because they only desire the safety of my account.
My heart started pounding – huh, wah, how….? My Paypal account has been compromised!
I could not believe it.
Stemming the panic, I read the letter again and noted the words, “multiple password failures”. Failures – so they did not get in? I allowed myself to breathe. I then thought about my Paypal account, what was in there, what was my last transaction, what was my password, and did I remove my credit card and bank account information as I intended to (did I?)? I realized I did not. Panic crept in. I tried to fight it.
I opened the attachment and it confirmed that my account access is limited and that I should fill out the form to remove the limitation. It then assured me that the information will be for verification purposes only and that my credit card will not be charged. Credit card? Warning bells sounded in my head.
Because why will Paypal ask for my credit card information? And isn’t Paypal a secure site?
I turned my attention to the form and what it is asking from me. My fear turned to understanding when I saw prompts for my email address, Paypal password, full name, card type, card number, expiration date, card verification number (the gall!), street, city, state, country, zip code, telephone, social security number, date of birth and mother’s maiden name. Everything but the kitchen sink.
I slowly exhaled. It was a phishing scam. I almost was had by a phishing scam.
How could I have missed the warning signs: the sender’s email address was some form of gibberish and Paypal was PaypaI. I hope you noted the capital “i” instead of the “L”. Because initially, I did not.
Internet scam experts said misspelled words are a clue that the e-mail is fraudulent.
Furious now, I went to Paypal and looked at its Security Center. It asked me to forward phishing emails to [email protected] and to delete the offending email. I did this and more: I also deleted my bank and credit card information from the Paypal site. I could not leave anything to chance.
It was thus almost uncanny that on the same day, my husband received a letter from a client asking him for USD$1,750 because he lost his bags and his passport in some foreign land (Scotland) and that for sure he will pay my husband back.
What is astonishing is that this email came from the client’s email account.
Alarmed (because it did come from the client’s email account and he was afraid that the client’s security may have been compromised), my husband immediately forwarded the email to the client. Minutes after, the client responded and said he never left the country and that he was okay but that yes, his email account has been hacked.
What is going on with the world?
I need only to look at my spam folder and my 139 spam emails to realize that these scams are not few and far between, and that the scammers have been getting bolder and that a lot of thought and resources are being put into this. My financial planner told me that he emailed one scammer, saying, “it is more fulfilling to do good and honest work rather than scam people out of their money”. To his surprise, the spammer had the temerity to respond: “What if you finally get this fund, what should I do to you? Do you want your payment or not?”
Indeed, what can they do to us?
The dark side of the internet. Every now and then, it shows its ugly head. Because of the relative ease in getting an email address and because people can remain anonymous over the internet, even invisible (invincible?), there will always be those who will attempt to swindle good, honest people off their hard earned money.
Here are some tips from the Federal Trade Commission to help you avoid getting scammed:
- If you get an email that asks for personal or financial information, do not reply. Legitimate companies do not ask for this information via email. Also, do not email your personal or financial information.
- Do not click on the links. Phishers frighten or entice you to visit a phony web page and entering your ID and password, which, they will then be able to get and use.
- Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge.
- Review credit card and bank account statements as soon as you receive them to check for unauthorized charges.
- Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer’s security.
- Forward spam that is phishing for information to the company, bank, or organization impersonated in the phishing email.
Education is the first line of defense against fraud and deception. Read and be aware so you can keep up with the latest scams and the latest ways to protect yourself. And there is identity theft protection too. IdentityHawk offers a comprehensive identity theft solution.
Because part of wealth creation is wealth protection.
Article by Issa. Art by D. Copyright 2009.
Email: [email protected]