PHISHING SCAMS

[Hula]

These are but a few of many that can easily be perceived as legitimate. Not all are as obvious as the 419s, especially those that pop up while one is already on a verified site.

Pop-up window phishing

The lure for this particular form of phishing comes in the form of a pop-up window. Typically occurring as the intended target is viewing a bank or credit card site, the pop-up informs the viewer that their session has expired and that they will need to re-enter their login information. Requiring no installation of malware, and without actually downloading code onto the victim's computer, the scam is a threat to all Web browsers and operating systems. To protect yourself, make sure to never enter banking information into pop-up windows that appear while you're in the middle of an online banking or credit card session. If you get a pop-up window while you're in this situation, close out of your session, then log back in.

Phishing on Twitter

Since the beginning of this year, users of popular micro-blogging site Twitter have fallen prey to two completely separate phishing expeditions. In the first scam, which was identified by the Twitter Eng and Ops team, victims receive direct messages from hacked accounts asking the users to follow a link. The link, of course, directs them to a site mimicking the actual Twitter login page. After login info is entered, the scam spreads throughout that person's contacts. The day after issuing phishing warnings, Twitter suffered another attack, during which numerous celebrity accounts were hacked, disseminating spam and phishing links throughout the site. Watch out for direct messages with links included, especially ones reading, "Check this out" or "Funny blog about you!" If there is a link, make sure the domain is Twitter.com and not something that just includes the word "twitter." Again, as with other phishing scams, don't enter any personal or login info into any URLs you may get on Twitter, and you should be safe.

Airline tickets

If you're not flying anywhere, be on the lookout for any ticket messages from airlines, including major ones like JetBlue, Frontier Airlines, and US Airways. E-mails are currently going out saying that your credit card has been used to purchase a ticket contained in an attached Zip file. If you open the file, your computer will download malware that can be used to steal your personal information. Should you receive an e-mail like this, delete it immediately and contact the proper authorities, particularly if you have already opened it.

IRS tax refund scam

The come-on: You're getting a tax refund from the IRS. Woohoo, free money! The scam: The e-mail, which comes from "[email protected]," provides a link to a page asking you to fill out a special form with personal and financial information. In reality, the IRS will never solicit this kind of info, and you don't have to fill out anything more than your normal tax forms to get the refund. What you can do: Delete the message. If you feel like maybe you deserve the refund, and have questions about it, contact the IRS at 1-800-829-1040 . They'll tell you all you need to know.

Bogus stimulus offers

In this current and timely hustle, scammers seek to take advantage of financial concerns during the ongoing economic crisis. In this case, victims are tempted with promises of stimulus money. Utilizing the dummy Web site technique, the con men inform victims that, after paying a registration fee, the apparently legitimate company will pursue relief funds and expedited stimulus checks on their behalf. Once hooked, the victims are then badgered for additional costs and fraudulent charges.

For protection, if you have any questions or concerns about stimulus benefits, check with official government Web sites like Grants.gov or Recovery.gov. Be sure to remain leery of any sites requesting a fee for their services, and, if you receive emails pertaining to stimulus money, never open an attached link.

Fake McDonald's, Coke, and Hallmark coupons

Trusted brands are usually just that -- to be trusted. But right now there's a particularly sneaky set of e-mails going around purporting to be from McDonald's, Coca-Cola, and Hallmark.

These fake promo messages claim to offer coupons for discounts that actually turn out to be links that download a malicious virus that'll snag all your personal information (like banking information, passwords). According to CNET, similar e-mails appear to be come from Coca-Cola and Hallmark as well -- the latter even including a goofy-looking holiday card! So, watch out for these e-mails, but also make sure your anti-virus software is up-to-date.

[mary]

great info hula...thanx