Deceptive Internet or e-commerce scams are on the rise in Utah. In fact, according to the Utah Department of Commerce, the scams topped the list of Utah consumer complaints based on statistics for the fiscal year that ended in June 2010.
In a news release, the agency reported that 27 percent of all complaints registered with the Utah Division of Consumer Protection were related to Internet transactions, including unauthorized debiting from bank accounts and automatic billings.
No doubt you've heard about the "phishing" phone messages by callers claiming to represent Wells Fargo, which include a voice message that tries to trick customers into divulging details about their debit and credit cards. Of late, scammers have even attempted to use text messaging to gain account information.
Bank officials claim the scam is "nothing new." However, it is the first time scammers have attempted to use text messaging to gain account information.
"You've got a fraudster who sends out a mass email or mass phone call or text message just to random phone numbers and emails," said Mark Chapman, spokesman for Utah Wells Fargo.
The scammers, Chapman explained, are just "throwing out a big net" to get Wells Fargo customers. "They don't know who they are; they are just hoping there's enough (Wells Fargo customers) in the mix that they will be able to get some people to think it's legitimate and be scammed by it."
The email/phone/text message scam told customers that their account had been compromised, or that their debit limit was reduced.
Without question, scammers are creative!
What Is a Phishing Scam?
Basically, these scams are fraudulent emails and Web sites that masquerade as messages from familiar institutions. By tricking you into disclosing your Social Security Number, PIN number, a password, or an account number, identity thieves can drain your bank account or run up bills on your credit card.
The email might state: "We suspect an unauthorized transaction on your account. To ensure that your account is not compromised please click the line below and confirm your identity."
Or, "During our regular verification of accounts, we couldn't verify your information. Please click her to update and verify your information."
Caller ID scams are phishing via the telephone.
How Do You Know It's a Phishing Scam?
Business writer Wendy Boswell (About.com Guide) lists five ways you'll be able to spot a phishing scam:
A phishing scam will ask you for personal information . Any email from a reputable institution will NEVER, EVER ask you for your password or your personal security information! Period!
A phishing email, if clicked, will open up to an insecure site . "Every site that uses security encryption will have the HTTS protocol at the beginning of the URL." If it doesn't have it, it is not legitimate.
Misspelled words in the site's URL address . If the name of the site is misspelled (example: www.gooogle.com), it is a pretty good indication that it's a scam.
Personal information asked for over the phone . "You'll get an email from your banking institution, asking you to call a 'secure' number in order to confirm your account number, billing address, or other personal information." This is NOT a legitimate request.
Generic greeting in the phishing email . For example, "Dear eBay Customer." Legitimate institutions know and use your name.
How Do You Avoid Phishing Attempts?
The Anti-Phishing Working Group lists these recommendations to avoid becoming a victim of these scams:
Be suspicious of any email with urgent requests for personal financial information Don't use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don't know the sender or user's handle.
Avoid filling out forms in email messages that ask for personal financial information.
Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser.
Remember not all scam sites will try to show the "https://" and/or the security lock. Get in the habit of looking at the address line, too.
Consider installing a Web browser tool bar to help protect you from known fraudulent websites. These toolbars match where you are going with lists of known phisher Web sites and will alert you.
Regularly log into your online accounts.
Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate.
Ensure that your browser is up to date and security patches applied.
Always report "phishing" or "spoofed" e-mails to reportphishing@antiphishing.org , to the Federal Trade Commission at spam@uce.gov, or to the Utah Division of Consumer Protection.
