Wells Fargo Phishing ScamWritten by Kevin A. Lloyd
First off I should explain what phishing is. Phishing is basically act of tricking a victim into divulging information. It involves receiving of an email message with a link to a website where victim would enter personal information. In this particular scam, you get an email from "Personal Banking: firstname.lastname@example.org " stating that there may have been some unauthorized access to your account and that you should click link and enter your account and verify some information. When you click link you are taken to a site which looks identical to Wells Fargo site. If you look at HTML code of site, you'll notice that they are almost identical. One thing about this scam which was somewhat surprising is that message made it past my G-mail spam filter. This is slightly different to scams I have seen before in that they don't ask you to reply to this email with your account number like most others, and they don't ask for passwords or anything like that. They simply request that you log in, as you normally do, which would not raise eyebrow of normal users. On a closer inspection of site you will notice that forms submit data entered (user name and password) to some foreign script and not to Well Fargo. Most probably, scammer is having all usernames and passwords emailed to him. After submission of your information site responds that your password is incorrect. Here an unsuspecting victim would assume that this was because of supposed unauthorized access mentioned in email.
If you try to submit information a few more times, it takes you to another Wells Fargo look-alike page called “Online Banking Verification”. Here they ask for SSN number, your ATM card number, expiration date, pin number and CVV2# (4 digit verification). With ATM information scammer could max out your debit card. With all rest of information he has gathered it would not be at all difficult to call up Wells Fargo and basically take over your account. He could change billing addresses, get checks for you account, and simply wipe it out.
How to spot scams like this
Scams like these are usually easy to spot, but this one in particular was a bit tricky, however there are some basic methods you can use to spot these types of scams.
First of all, check link. Although it looks like link is going to Wells Fargo’s website, if you let mouse hover over link for a while and look in status bar, you will get real address of link. In this case scammer used just an IP address of his domain or machine. This, however, can be overridden on internet (if scammer changes status bar) and sometimes even in your email, depending on what your security settings are.
Charity FraudWritten by Kevin Carraway
Charity fraud does a lot of harm. The con artist takes advantage of people's good will and takes their cash - money that was meant for people in need. You can make sure that any money you give gets into right hands. Just remember these tips when somebody asks you for a donation.
·Ask for identification - organization AND solicitor. Find out what purpose of charity is and how funds are used.
·Ask if contributions are tax deductible.
·If you're not satisfied with answers-don't give.
·Give to charities that you know.
·Check out ones you've never heard of before, or others whose names are similar to a well-known charity.
·Don't fall for high-pressure tactics. If solicitors won't take no for an answer, tell them NO anyway - BUT DON'T GIVE THEM YOUR MONEY.
·Be suspicious of charities that only accept cash.
·Always send a check made out to charity and not individual requesting donation.
THE PIGEON DROP A person approaches you and says that he just found a large amount of money. What should he do with it? Maybe his "boss" can suggest something. He then leaves to check with his "boss" and comes back a few minutes later. His boss said to divide money, but first, each of you must put up some, "good faith money". Once you hand over your share, you'll never see it or con artist again.