Prevent Identity Theft

How to Spot an E-Mail Scam

Unsavory characters may be attempting to steal your identity by sending spam email to thousands of unwary recipients. Due to the popular nature of these accounts, hundreds of thousands of Internet users are account holders. By sending such e-mails en masse, at least a few newbies will probably fall victim to their ruse. Make sure you are not one of them.

There are several identifying markers of a phishing (pronounced "fishing") scheme used in Identity Theft. Here are a few of the more obvious traits:

1.) "Undisclosed Recipients" - Check the "to" field of the email. Is it addressed specifically to you? A legitimate source would not send a specific threat to account holders in bulk. Confirm that the message was sent specifically to the address you have on file with the company and/or addresses you by the name on file with them.

2.) Sense of Urgency - Many emails attempting to steal your identity will do so by creating a sense of urgency. They may threaten to limit or restrict your account if you do not comply with their request within a short period of time (midnight tonight, within 48 hours, etc.)

3.) Misspelling of words - It's hard to believe with the many spell-check programs available today that a scammer would go to the trouble of sending out a mass-email without checking the spelling of common words first. A poorly written email sent to you by a major legitimate corporation would not be a good public relations move. They understand that Identity Theft is a huge concern and tend to be extra careful to alleviate this concern. As such, correspondence from an honest vendor should be error free.

4.) Request for account login information - Such an email scam will undoubtedly include a request for you to click on a link and provide your account information. Many legitimate requests from a company may also include such a link, so this is not always a tell-tale sign.

5.) URL redirect of link is an IP numeric address - (e.g., http://92.148.60.20/...) While we don't recommend clicking on a link in a suspect email, a good way to check where the link connects is to "hover" your mouse over the link itself and see if the URL address links back to the known address for the company (e.g., eBay = www.ebay.com). This may not always work, and scammers are getting more creative in their disguise of the link. We don't recommend clicking on the link itself as it may open up a website designed simply to execute a virus on your computer. Believe it or not, some scammers are more eager to "mess with you" than to steal your confidential information.

6.) "No Reply" message - Many email scams will instruct that you not reply back. Look for a statement such as: "Please do not reply back to this email as your message will not be seen/read." The only link provided is the one on which they want you to click which will redirect you to a phony site. From here they will ask you for confidential information to confirm your account.

To see an example of an eBay scam letter attempting to secure eBay account information Click Here. We have highlighted several of the traits to look for and added our comments as well. You'll notice that the message appears to have been written by someone for whom English is a second language. Note too the misspelling of common words and grammatical mistakes (if legitimate, they should fire the eBay employee who wrote it!)

Here are a few more examples:

Paypal Scam
VISA Scam
Wells Fargo/Bank Scam

Scammers are getting more creative in their attempts to steal confidential data. Hopefully these tips will thwart at least a few of their successes and prevent identity theft. An educated public is their worst enemy.