by Matt Stephens
We have all heard about email scams before. The threat of identity theft grows each day leaving us all in a blind fog wondering how to prevent it. People everyday close their online trading accounts, or online bill pay, or even their internet accounts thinking they are safe inside the little bubble of their own lives.
At Blue Mountain Internet, we know that it's a growing concern for you, and we have gone to great lengths to help combat the frequently changing approach to identity theft. But still, I think there is more we can do. We have warned in the past about it, and given brief examples of it, such as "watch out for the eBay emails" and such. Today, I will give you a very clear example of an attempt at identity theft known as "phishing". The following is an email that I received moments ago, and it is a clear attempt towards identity theft to me, but to some of you it may seem legitimate:
"We recently reviewed your account, and suspect that youre e-gold online account may have been accessed by an unauthorized third party.
Protecting the security of your account and of the e-gold network is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive account features.
To restore your account access , please take the following steps to ensure that your account has not been compromised:
1. Login to youre-gold online account. In case you are not enrolled yet for Internet account, you will have to use your Social Security Number as both your Personal ID and Password and fill in the required information, including your name and account number.
2. Review your recent account history for any unauthorized withdrawals or deposits, and check your account profile to make sure no changes have been made. If any unauthorized activity has taken place on your account, report to e-gold staff immediately.
To get started, please click the link below:
We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire e-gold system. Thank your for your prompt attention to this matter.
The gold Online Team.
We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire e-gold online system. Thank your for your prompt attention to this matter.
Please do not reply to this email. Mails sent to this address cannot be answered. For assistance, log in to your e-gold Onlineaccount and choose the "Help" link in the header of any page."
Now, to some of you I'm sure that looks like a legitimate letter. From a very concerned client trying to get you to update your information. However, have you really ever heard of these people? I hadn't. So I looked a little closer and here is what I found.
First of all, there are mis-spelled words in the first sentence. Never a good sign. Most legitimate companies have a spell checker, and if they don't, you should probably not be doing business with them.
The second red flag is that if I am doing business online, I would hope that it would be secure enough that an "unknown third party" would not have access to my account. Even if I gave permission to someone to use my account (for instance an eBay selling account) they would have to log on as me, therefore there would be no record of an "unknown third party">.
In the instructions for resolution, the business asked that I log in with my social security number as the login and password. Are they serious? They want me to go to an unsecure website and use my social security number for login information? I don't think so.
"Never, ever use your social security number for anything. It doesn't matter how secure the website is, this is simply unacceptable."
Another red flag to look for is the link in the website. People who are trying to steal your identity don't want you to open your web browser and manually type in a known URL address (http://www.whatevercompany.com), rather they want you to use the link they provide to forward you to their site so that the information you enter can be retrieved. Never use a link in an email that is requesting you to update personal information. If the email you have received is from a legitimate company, the chances of them giving you a link to click on are very slim. Most reputable companies will phone you to update information, or they will give you instructions on contacting them by telephone to update information
So, as you can see there are many ways to tell if an email is a scam or not. First of all, if you don't recognize the company, it's more than likely a scam. Next, look for misspelled words, active links, or the request for personal information such as social security numbers or account numbers. Frequently credit card numbers are also requested and that is also a no-no. Don't ever give a credit card number unless you know the company, and you are on a secure site.
Should you have any questions, please feel free to contact our tech support at 800-485-5006, live chat, or firstname.lastname@example.org. We are happy to answer any questions you have.