The Spam Report

These kinds of scams are called “phishing” scams because the people who attempt to victimize others with these scams are, in a sense, fishing for victims by sending out e-mail messages that might be compared to a fishing line.

They hope that the “fish,” or in this case, potential human victims will “bite” by visiting the web sites that the “phishers,” as they are sometimes called, are attempting to lure them to. At that point, their victims could be considered “hooked” and the phisher reels them in by using the account name and password to the user’s online bank account or other online service to take the victim’s money.

Most phishing e-mail messages are very cleverly constructed to look as though they have come from a legitimate company. Online companies like PayPal and eBay are very popular targets for phishers to use in their phony e-mail messages.

Oftentimes, the e-mail that is claiming to be from a legitimate company is used to inform potential victims that there is some kind of problem with their account and that the potential victim needs to log into that account through the company’s web site to resolve the problem.

That is the ultimate goal of just about every type of phishing e-mail message. They are trying to lure you to a web site that they have set up to look just like a legitimate web site but is actually just a trap used to capture the usernames and passwords of their victims as they attempt to log into the phony web site.

Most often, the phony web site will simply return an error message and will not allow the victim to actually log in. In some cases, I suppose the phishers may be clever enough to present their victims with a message that says “Thank You. Your account information has now been updated.” Or something to that effect.

The phishers can then use the usernames and passwords they have collected to log into the accounts belonging to the victims and transfer money to their own accounts or whatever other illegal activities cause them to get their hands on your money. They might also use your identity and information to purchase things for themselves.

The links in phishing e-mail messages can sometimes appear very close to the web site address of the legitimate company the phishers are trying to emulate. The latest e-mail programs like Outlook 2007 have built-in safeguards that warn you in many cases when you receive a phishing e-mail message.

Here’s the bottom line: If you get an e-mail message concerning an online bank account or any other online account that is instructing you to visit a web site, do NOT visit that site.

It is possible that even visiting the site and not entering any information on it could result in your computer being invaded by harmful programs by taking advantage of weaknesses in Internet browser software.

Instead of visiting any of those web sites, call the company that the e-mail claims to be from on the telephone or contact them through their actual web site (NOT the web site that is referenced in the e-mail message!) and ask them if the message is legitimate.