Scammers spread wide net in Q-C
Internet scams, or phishing, continues to be a problem in the Quad-City region.
In recent weeks, IH Mississippi Valley Credit Union members in the Quad-City region have been the target of several scams originating in Korea.
In each instance, members and staff were quick to alert customers, said Laura Ernzen, vice president of marketing for the credit union.
One scam warned customers that the credit union had suspended their accounts. Another focused on trying to acquire members’ debit card numbers. That fraudulent e-mail sought confidential information from credit union members by offering members between $50 and $80 for taking an online survey.
Ernzen said the credit union contracted with a fraud specialist to deal with the scams. The fraudulent e-mails were generated internationally from Korea, and the specialist was able to shut down the bogus Web site, she said.
Another e-mail scam circulating last week targeted customers of Wells Fargo Bank. In those e-mails, people were told that there was an “unidentified money transfer” in their online accounts, that Wells Fargo’s online security team had suspended their online banking service, and that the accounts needed to be updated.
“Indeed, phishing is an industry-wide problem. Please be assured that these e-mails are randomly sent and that no Wells Fargo customer information or customer lists have been compromised,” said Sandra Fording Foreman, spokesperson for Wells Fargo Bank.
She offered several pieces of advice, recommending that customers not access wellsfargo.com through any e-mail or pop-up ads; that customers be suspicious of any e-mail that asks for personal information, requests authentication, or indicates a problem with a Wells Fargo account; and that customers use virus protection software, keep their virus list current and use updated browsers and operating systems.
Anyone who has received a hoax e-mail and has not provided any information can report the phish via the e-mail address at reportphish@wellsfargo.com. If a customer believes they have compromised personal information, Wells Fargo’s online customer service can be reached at (800) 956-4442.
“Phishing scams are becoming more and more common, more elaborate; e-mails look better,” Ernzen said. “Sometimes, it is very difficult to differentiate between what is real and what is not real. It is not limited to any certain credit unions. Fraud is very much a disease that does not pay attention to race, creed or gender.”
She said usually there is a period of five to 10 days “when a particular institution might be targeted,” and the scammers might actually flood a particular area. As one phony Web site is closed, the scammers might even progress to a phone version of the scam.
In addition, she said: “Consumers often express concern about how e-mail addresses or phone numbers are obtained. I can’t stress enough that it is not a result of compromised information, but rather phone directories or other e-mail lists.”
Ernzen spoke Thursday at the monthly meeting of the Quad-Cities Security Officers Group, a group made up of employees from area banks, credit unions and law enforcement agencies who share information to help combat various types of fraud in the banking industry.
Kelly Willet, assistant vice president, branch manager of Bank of the West, Davenport, serves as secretary/treasurer of the security officers group.
“The biggest thing would be that banks and credit unions do not initiate e-mails that ask for personal information,” she said. “Don’t respond. Delete.” She said individuals never should respond to a phone number or e-mail in these types of situations.
In a phishing scam, the culprits always are trying to phish for information, “a link to debit or credit card information, a PIN number, or trying to disrupt life,” Willet said.
William Wille, public relations coordinator for the Illinois Credit Union League, said there are 455 credit unions in Illinois that serve more than 2.7 million residents. He said the scammers are getting better and hitting more often.
“It does seem it does happen quite a bit,” he said.
He said when member credit unions get hit with an Internet scam, they can help track down the guilty party, to some degree.
“We have an IT department which usually tells where the e-mail is being hosted,” he said. “By the time we get to them, the phishing scammers have moved that link to another one. They move it so they can keep sending out additional e-mails.”
INTERNET SCAM TYPES
Phishing: A high-tech scam that uses spam or pop-up messages to deceive consumers into disclosing their card numbers, bank or credit union account information, Social Security numbers, passwords, or other personal information. Phishers send an e-mail or pop-up message that claims to be from a business or organization you deal with — for example, your Internet service provider (ISP), bank, online payment service or even a government agency. The message usually says that you need to “update” or “validate” your personal information, such as user names, passwords, credit cards, Social Security numbers, and bank accounts.
The e-mail might threaten some dire consequence if you don’t respond. The e-mail often directs you to visit a “spoofed” or fake Web site that looks just like a legitimate organization’s site, but it isn’t. The purpose of the bogus site? To trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.
Spoofing: In this scam, the spoofer creates a false or shadow copy of a real Web site or e-mail in a way that misleads the recipient. All network traffic between the victim’s browser and the shadow page are sent through the spoofer’s machine. It allows the spoofer to acquire personal information, such as passwords, credit card numbers, and account numbers.
Even though the e-mail looks like the real thing, complete with authentic logos and working Web links, it’s a fake. The Web site where you’re told to enter your account information also is fake. In some instances, really slick phishers and spoofers direct you to the genuine Web site, then pop up a window over the site that captures your personal information. The information entered does not go to the legitimate site, but rather to the spoofer’s account. The information you entered will most likely be sold to criminals, who’ll use it to ruin your credit and drain your account.
Source: Lookstoogoodtobetrue.com
Doug Schorpp can be contacted at (563) 383-2292 or dschorpp@qctimes.com.