 | |  | |  | |  | |  |
Identity Fraud
In what many are calling America's fastest growing type of robbery, crooks use your
name, social security number or that blank, pre-approved credit application you tossed
out.
Hacking
Hacking is the illegal access by unknown and unauthorized party(s) to a computer
system to destroy or disrupt the system or to use it to carry out illegal activities.
Run Firewall Protection Software
Using a computer without a firewall is like going on vacation and leaving the front door
to your home wide open. A firewall creates a protective barrier between your computer
and the Internet, essentially making your connection invisible to Internet hackers. A
firewall keeps others from seeing that important confidential information. This barrier
helps prevent others from being able to intrude into your computer or home network
and retrieve important information like credit card numbers or passwords.
INTERNET EXTORTION
Internet extortion involves hacking into and controlling various industry databases,
promising to release control back to the company if funds are received, or the subjects
are given web administrator jobs. Similarly, the subject will threaten to compromise
information about consumers in the industry database unless funds are received.
Identity Theft
Identity theft is a criminal offense.
It occurs when a person knowingly transfers or uses, without lawful authority, a means
of identification of another person with the intent to commit or to aid or abet any
unlawful activity that constitutes a violation of federal law or that constitutes a felony
under any applicable state or local law.
In what many are calling America's fastest growing type of robbery, crooks are working
without the usual tools of the trade. Forget sawed-off shotguns and ski masks: your
name and social security number will do the trick, or that blank, pre-approved credit
application you tossed out with the coffee grounds. Even talking on your phone or
surfing the Internet can allow someone you may never meet to rob you of the one thing
you may have thought safe from attack: your identity.
Identity fraud is digging deep into consumers' pockets -- more than $48 billion was lost
in the past year by financial institutions and businesses, and individuals lost an
estimated $5 billion.
The number of ID theft victims and their total losses are probably much higher than
reported. It's hard to pin down, because law enforcement agencies may classify ID theft
differently-- it can involve credit card fraud, Internet fraud, or mail theft, among other
crimes.
The perpetrator may use a variety of tactics to obtain your personal information and
drain your finances: posing as a loan officer and ordering your credit report (which lists
lines of credit); "shoulder surfing" at the ATM or phone booth to get your PIN code;
"dumpster diving" in trash bins behind businesses or apartments for unshredded
credit applications, canceled checks, bank records or any documents containing
personal information; or, stealing mail right out of your own mailbox.
It may take months before you realize you're a victim of identity theft. But, when you get
turned down for credit, a car loan, or a mortgage on your dream house because you've
got a bad credit rating and you know you've paid your bills, beware: The ID thief may
have struck again.
Do you carry your social security number in your wallet? Consider this: That nine-digit
code gives crooks access to your medical, financial, credit, and educational records.
There are no legal restrictions on private company use of social security numbers. In
fact, a database of names with associated social security numbers was recently found
published on the Internet. What's worse, some states still use your social security
number for your driver's license number -- a policy that is, fortunately, changing.
If you think you're safe because you canceled your credit cards and put a "stop" on
your checking account after your wallet was stolen, think again. Once identity thieves
have your information, they may open new accounts or lines of credit - under your
name, for their use.
Last year alone, an estimated ten million Americans were victims of identity theft. The
culprits may be employees (or patrons) of mailrooms, airlines, hotels, or personnel
offices -- anyone who has access to financial information. Thieves may use your credit
card or encoding equipment (sold by business-supply companies) and blank cards with
magnetic strips to record your account number onto a counterfeit card with a different
name. Crooks sometimes seek jobs that will give them access to financial information,
or they may bribe employees in such positions to supply them with the data they want.
Need a phony ID to "prove" you're the person whose name is on the credit card? Try
surfing the Web. There are scores of sites with instructions on how to create a "new
you." If you've got your own computer, scanner, and color printer or copier, you can
create your own false IDs.
Phishing and Spoofing
Phishing and spoofing are somewhat synonymous in that they refer to forged or faked
electronic documents.
Phishing
This is a high-tech scam that uses spam or pop-up messages to deceive consumers
into disclosing their card numbers, bank account information, social security numbers,
passwords, or other personal information. Phishers send an email or pop-up message
that claims to be from a business or organization that you deal with – for example, your
Internet service provider (ISP), bank, online payment service, or even a government
agency. The message usually says that you need to “update” or “validate” your
personal information, such as user names, passwords, credit cards, social security
numbers, and bank accounts.
The email might threaten some dire consequence if you don’t respond. The email often
directs you to visit a “spoofed” or fake website that looks just like a legitimate
organization’s site, but it isn’t. The purpose of the bogus site? To trick you into
divulging your personal information so the operators can steal your identity and run up
bills or commit crimes in your name.
What is Phishing and Pharming?
Phishing attacks use both social engineering and technical subterfuge to steal
consumers' personal identity data and financial account credentials. Social-engineering
schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to
trick recipients into divulging financial data such as credit card numbers, account
usernames, passwords and social security numbers. Hijacking brand names of banks, e-
retailers and credit card companies, phishers often convince recipients to respond.
Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly,
often using Trojan keylogger spyware. Pharming crimeware misdirects users to
fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.
How Not to Get Hooked by a ‘ Phishing’ Scam:
“We suspect an unauthorized transaction on your account.
To ensure that your account is not compromised,
please click the link below and confirm your identity.”
“During our regular verification of accounts, we couldn’t verify your information.
Please click here to update and verify your information.”
Have you received email with a similar message? It’s a scam called “phishing” — and it
involves Internet fraudsters who send spam or pop-up messages to lure personal
information (credit card numbers, bank account information, Social Security number,
passwords, or other sensitive information) from unsuspecting victims.
According to the Federal Trade Commission (FTC), the nation’s consumer protection
agency, phishers send an email or pop-up message that claims to be from a business or
organization that you may deal with — for example, an Internet service provider (ISP),
bank, online payment service, or even a government agency. The message may ask you
to “update,” “validate,” or “confirm” your account information. Some phishing emails
threaten a dire consequence if you don’t respond. The messages direct you to a
website that looks just like a legitimate organization’s site. But it isn’t. It’s a bogus site
whose sole purpose is to trick you into divulging your personal information so the
operators can steal your identity and run up bills or commit crimes in your name.
The FTC suggests these tips to help you avoid getting hooked by a phishing scam:
If you get an email or pop-up message that asks for personal or financial information,
do not reply. And don’t click on the link in the message, either. Legitimate companies
don’t ask for this information via email. If you are concerned about your account,
contact the organization mentioned in the email using a telephone number you know to
be genuine, or open a new Internet browser session and type in the company’s correct
Web address yourself. In any case, don’t cut and paste the link from the message into
your Internet browser — phishers can make links look like they go to one place, but
that actually send you to a different site.
Use anti-virus software and a firewall, and keep them up to date. Some phishing emails
contain software that can harm your computer or track your activities on the Internet
without your knowledge.
Anti-virus software and a firewall can protect you from inadvertently accepting such
unwanted files. Anti-virus software scans incoming communications for troublesome
files. Look for anti-virus software that recognizes current viruses as well as older ones;
that can effectively reverse the damage; and that updates automatically.
A firewall helps make you invisible on the Internet and blocks all communications from
unauthorized sources. It’s especially important to run a firewall if you have a broadband
connection. Operating systems (like Windows or Linux) or browsers (like Internet
Explorer or Netscape) also may offer free software “patches” to close holes in the
system that hackers or phishers could exploit.
Don’t email personal or financial information. Email is not a secure method of
transmitting personal information. If you initiate a transaction and want to provide your
personal or financial information through an organization’s website, look for indicators
that the site is secure, like a lock icon on the browser’s status bar or a URL for a
website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is
foolproof; some phishers have forged security icons.
Review credit card and bank account statements as soon as you receive them to check
for unauthorized charges. If your statement is late by more than a couple of days, call
your credit card company or bank to confirm your billing address and account balances.
Be cautious about opening any attachment or downloading any files from emails you
receive, regardless of who sent them.
Spoofing
In this scam, the spoofer creates a false or shadow copy of a real website or email in a
way that misleads the recipient. All network traffic between the victim’s browser and
the shadow page are sent through the spoofer’s machine. It allows the spoofer to
acquire personal information, such as passwords, credit card numbers, and account
numbers.
Even though the email looks like the real thing, complete with authentic logos and
working Web links, it's a fake. The website where you're told to enter your account
information is also fake. In some instances, really slick phishers and spoofers direct
you to the genuine website, then pop up a window over the site that captures your
personal information. The information entered does not go to the legitimate site, but
rather to the spoofer’s account. The information you entered will most likely be sold to
criminals, who'll use it to ruin your credit and drain your account.
FBI Says Web "Spoofing" Scams are a Growing Problem
Washington, DC - The FBI, in conjunction with national Internet service provider
Earthlink, the Federal Trade Commission, and the National Consumer's League, began
an initiative today to raise awareness about the growing problem of web spoofing
scams and to give consumers and businesses important tips on how to protect
themselves from these scams.
According to Jana Monroe, Assistant Director of the FBI's Cyber Division, "Bogus e-
mails that try to trick customers into giving out personal information are the hottest,
and most troubling, new scam on the Internet."
The FBI's Internet Fraud Complaint Center (IFCC) has seen a steady increase in
complaints that involve some form of unsolicited e-mail directing consumers to a phony
"Customer Service" type of web site. Assistant Director Monroe said that the scam is
contributing to a rise in identity theft, credit card fraud, and other Internet frauds.
"Spoofing," or "phishing," frauds attempt to make Internet users believe that they are
receiving e-mail from a specific, trusted source, or that they are securely connected to
a trusted web site, when that is not the case. Spoofing is generally used as a means to
convince individuals to provide personal or financial information that enables the
perpetrators to commit credit card/bank fraud or other forms of identity theft. Spoofing
also often involves trademark and other intellectual property violations.
In "E-mail spoofing" the header of an e-mail appears to have originated from someone
or somewhere other than the actual source. Spam distributors and criminals often use
spoofing in an attempt to get recipients to open and possibly even respond to their
solicitations.
"IP Spoofing" is a technique used to gain unauthorized access to computers, whereby
the intruder sends a message to a computer with an IP address indicating that the
message is coming from a trusted port.
"Link alteration" involves altering the return address in a web page sent to a consumer
to make it go to the hacker's site rather than the legitimate site. This is accomplished by
adding the hacker's address before the actual address in any e-mail, or page that has a
request going back to the original site. If an individual unsuspectingly receives a
spoofed e-mail requesting him/her to "click here to update" their account information,
and then are redirected to a site that looks exactly like their Internet Service Provider,
or a commercial site like EBay or PayPal, there is an increasing chance that the
individual will follow through in submitting their personal and/or credit information.
According to Assistant Director Monroe, the FBI's specialized Cyber Squads and Cyber
Crime Task Forces across the country are zeroing in on the spoofing problem. The FBI's
Legal Attaché offices overseas are helping to coordinate investigations that cross
international borders. The IFCC has received complaints that trace back to perpetrators
in England, Romania, and Russia.
The FBI is also working actively with key Internet e-commerce stake-holders such as
EBay/PayPal, Escrow.com, and a variety of Internet merchants via the Merchants Risk
Council to identify common traits of such scams, as well as proactive measures to
rapidly respond.
Tips for Internet users:
. If you encounter an unsolicited e-mail that asks you, either directly, or through a
web site, for personal financial or identity information, such as Social Security
number, passwords, or other identifiers, exercise extreme caution.
. If you need to update your information online, use the normal process you've used
before, or open a new browser window and type in the website address of the
legitimate company's account maintenance page.
. If a website address is unfamiliar, it's probably not real. Only use the address that
you have used before, or start at your normal homepage.
. Always report fraudulent or suspicious e-mail to your ISP. Reporting instances of
spoof web sites will help get these bogus web sites shut down before they can do
any more harm.
. Most companies require you to log in to a secure site. Look for the lock at the
bottom of your browser and "https" in front of the website address.
. Take note of the header address on the web site. Most legitimate sites will have a
relatively short internet address that usually depicts the business name followed
by ".com," or possibly ".org." Spoof sites are more likely to have an excessively
long string of characters in the header, with the legitimate business name
somewhere in the string, or possibly not at all.
. If you have any doubts about an e-mail or website, contact the legitimate
company directly. Make a copy of the questionable web site's URL address, send it
to the legitimate business and ask if the request is legitimate.
. If you've been victimized by a spoofed e-mail or web site, you should contact your
local police or sheriff's department, and file a complaint with the FBI's Internet
Fraud Complaint Center at www.IFCCFBI.gov.
In what many are calling America's fastest growing type of robbery, crooks use your
name, social security number or that blank, pre-approved credit application you tossed
out.
Hacking
Hacking is the illegal access by unknown and unauthorized party(s) to a computer
system to destroy or disrupt the system or to use it to carry out illegal activities.
Run Firewall Protection Software
Using a computer without a firewall is like going on vacation and leaving the front door
to your home wide open. A firewall creates a protective barrier between your computer
and the Internet, essentially making your connection invisible to Internet hackers. A
firewall keeps others from seeing that important confidential information. This barrier
helps prevent others from being able to intrude into your computer or home network
and retrieve important information like credit card numbers or passwords.
INTERNET EXTORTION
Internet extortion involves hacking into and controlling various industry databases,
promising to release control back to the company if funds are received, or the subjects
are given web administrator jobs. Similarly, the subject will threaten to compromise
information about consumers in the industry database unless funds are received.
Identity Theft
Identity theft is a criminal offense.
It occurs when a person knowingly transfers or uses, without lawful authority, a means
of identification of another person with the intent to commit or to aid or abet any
unlawful activity that constitutes a violation of federal law or that constitutes a felony
under any applicable state or local law.
In what many are calling America's fastest growing type of robbery, crooks are working
without the usual tools of the trade. Forget sawed-off shotguns and ski masks: your
name and social security number will do the trick, or that blank, pre-approved credit
application you tossed out with the coffee grounds. Even talking on your phone or
surfing the Internet can allow someone you may never meet to rob you of the one thing
you may have thought safe from attack: your identity.
Identity fraud is digging deep into consumers' pockets -- more than $48 billion was lost
in the past year by financial institutions and businesses, and individuals lost an
estimated $5 billion.
The number of ID theft victims and their total losses are probably much higher than
reported. It's hard to pin down, because law enforcement agencies may classify ID theft
differently-- it can involve credit card fraud, Internet fraud, or mail theft, among other
crimes.
The perpetrator may use a variety of tactics to obtain your personal information and
drain your finances: posing as a loan officer and ordering your credit report (which lists
lines of credit); "shoulder surfing" at the ATM or phone booth to get your PIN code;
"dumpster diving" in trash bins behind businesses or apartments for unshredded
credit applications, canceled checks, bank records or any documents containing
personal information; or, stealing mail right out of your own mailbox.
It may take months before you realize you're a victim of identity theft. But, when you get
turned down for credit, a car loan, or a mortgage on your dream house because you've
got a bad credit rating and you know you've paid your bills, beware: The ID thief may
have struck again.
Do you carry your social security number in your wallet? Consider this: That nine-digit
code gives crooks access to your medical, financial, credit, and educational records.
There are no legal restrictions on private company use of social security numbers. In
fact, a database of names with associated social security numbers was recently found
published on the Internet. What's worse, some states still use your social security
number for your driver's license number -- a policy that is, fortunately, changing.
If you think you're safe because you canceled your credit cards and put a "stop" on
your checking account after your wallet was stolen, think again. Once identity thieves
have your information, they may open new accounts or lines of credit - under your
name, for their use.
Last year alone, an estimated ten million Americans were victims of identity theft. The
culprits may be employees (or patrons) of mailrooms, airlines, hotels, or personnel
offices -- anyone who has access to financial information. Thieves may use your credit
card or encoding equipment (sold by business-supply companies) and blank cards with
magnetic strips to record your account number onto a counterfeit card with a different
name. Crooks sometimes seek jobs that will give them access to financial information,
or they may bribe employees in such positions to supply them with the data they want.
Need a phony ID to "prove" you're the person whose name is on the credit card? Try
surfing the Web. There are scores of sites with instructions on how to create a "new
you." If you've got your own computer, scanner, and color printer or copier, you can
create your own false IDs.
Phishing and Spoofing
Phishing and spoofing are somewhat synonymous in that they refer to forged or faked
electronic documents.
Phishing
This is a high-tech scam that uses spam or pop-up messages to deceive consumers
into disclosing their card numbers, bank account information, social security numbers,
passwords, or other personal information. Phishers send an email or pop-up message
that claims to be from a business or organization that you deal with – for example, your
Internet service provider (ISP), bank, online payment service, or even a government
agency. The message usually says that you need to “update” or “validate” your
personal information, such as user names, passwords, credit cards, social security
numbers, and bank accounts.
The email might threaten some dire consequence if you don’t respond. The email often
directs you to visit a “spoofed” or fake website that looks just like a legitimate
organization’s site, but it isn’t. The purpose of the bogus site? To trick you into
divulging your personal information so the operators can steal your identity and run up
bills or commit crimes in your name.
What is Phishing and Pharming?
Phishing attacks use both social engineering and technical subterfuge to steal
consumers' personal identity data and financial account credentials. Social-engineering
schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to
trick recipients into divulging financial data such as credit card numbers, account
usernames, passwords and social security numbers. Hijacking brand names of banks, e-
retailers and credit card companies, phishers often convince recipients to respond.
Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly,
often using Trojan keylogger spyware. Pharming crimeware misdirects users to
fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.
How Not to Get Hooked by a ‘ Phishing’ Scam:
“We suspect an unauthorized transaction on your account.
To ensure that your account is not compromised,
please click the link below and confirm your identity.”
“During our regular verification of accounts, we couldn’t verify your information.
Please click here to update and verify your information.”
Have you received email with a similar message? It’s a scam called “phishing” — and it
involves Internet fraudsters who send spam or pop-up messages to lure personal
information (credit card numbers, bank account information, Social Security number,
passwords, or other sensitive information) from unsuspecting victims.
According to the Federal Trade Commission (FTC), the nation’s consumer protection
agency, phishers send an email or pop-up message that claims to be from a business or
organization that you may deal with — for example, an Internet service provider (ISP),
bank, online payment service, or even a government agency. The message may ask you
to “update,” “validate,” or “confirm” your account information. Some phishing emails
threaten a dire consequence if you don’t respond. The messages direct you to a
website that looks just like a legitimate organization’s site. But it isn’t. It’s a bogus site
whose sole purpose is to trick you into divulging your personal information so the
operators can steal your identity and run up bills or commit crimes in your name.
The FTC suggests these tips to help you avoid getting hooked by a phishing scam:
If you get an email or pop-up message that asks for personal or financial information,
do not reply. And don’t click on the link in the message, either. Legitimate companies
don’t ask for this information via email. If you are concerned about your account,
contact the organization mentioned in the email using a telephone number you know to
be genuine, or open a new Internet browser session and type in the company’s correct
Web address yourself. In any case, don’t cut and paste the link from the message into
your Internet browser — phishers can make links look like they go to one place, but
that actually send you to a different site.
Use anti-virus software and a firewall, and keep them up to date. Some phishing emails
contain software that can harm your computer or track your activities on the Internet
without your knowledge.
Anti-virus software and a firewall can protect you from inadvertently accepting such
unwanted files. Anti-virus software scans incoming communications for troublesome
files. Look for anti-virus software that recognizes current viruses as well as older ones;
that can effectively reverse the damage; and that updates automatically.
A firewall helps make you invisible on the Internet and blocks all communications from
unauthorized sources. It’s especially important to run a firewall if you have a broadband
connection. Operating systems (like Windows or Linux) or browsers (like Internet
Explorer or Netscape) also may offer free software “patches” to close holes in the
system that hackers or phishers could exploit.
Don’t email personal or financial information. Email is not a secure method of
transmitting personal information. If you initiate a transaction and want to provide your
personal or financial information through an organization’s website, look for indicators
that the site is secure, like a lock icon on the browser’s status bar or a URL for a
website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is
foolproof; some phishers have forged security icons.
Review credit card and bank account statements as soon as you receive them to check
for unauthorized charges. If your statement is late by more than a couple of days, call
your credit card company or bank to confirm your billing address and account balances.
Be cautious about opening any attachment or downloading any files from emails you
receive, regardless of who sent them.
Spoofing
In this scam, the spoofer creates a false or shadow copy of a real website or email in a
way that misleads the recipient. All network traffic between the victim’s browser and
the shadow page are sent through the spoofer’s machine. It allows the spoofer to
acquire personal information, such as passwords, credit card numbers, and account
numbers.
Even though the email looks like the real thing, complete with authentic logos and
working Web links, it's a fake. The website where you're told to enter your account
information is also fake. In some instances, really slick phishers and spoofers direct
you to the genuine website, then pop up a window over the site that captures your
personal information. The information entered does not go to the legitimate site, but
rather to the spoofer’s account. The information you entered will most likely be sold to
criminals, who'll use it to ruin your credit and drain your account.
FBI Says Web "Spoofing" Scams are a Growing Problem
Washington, DC - The FBI, in conjunction with national Internet service provider
Earthlink, the Federal Trade Commission, and the National Consumer's League, began
an initiative today to raise awareness about the growing problem of web spoofing
scams and to give consumers and businesses important tips on how to protect
themselves from these scams.
According to Jana Monroe, Assistant Director of the FBI's Cyber Division, "Bogus e-
mails that try to trick customers into giving out personal information are the hottest,
and most troubling, new scam on the Internet."
The FBI's Internet Fraud Complaint Center (IFCC) has seen a steady increase in
complaints that involve some form of unsolicited e-mail directing consumers to a phony
"Customer Service" type of web site. Assistant Director Monroe said that the scam is
contributing to a rise in identity theft, credit card fraud, and other Internet frauds.
"Spoofing," or "phishing," frauds attempt to make Internet users believe that they are
receiving e-mail from a specific, trusted source, or that they are securely connected to
a trusted web site, when that is not the case. Spoofing is generally used as a means to
convince individuals to provide personal or financial information that enables the
perpetrators to commit credit card/bank fraud or other forms of identity theft. Spoofing
also often involves trademark and other intellectual property violations.
In "E-mail spoofing" the header of an e-mail appears to have originated from someone
or somewhere other than the actual source. Spam distributors and criminals often use
spoofing in an attempt to get recipients to open and possibly even respond to their
solicitations.
"IP Spoofing" is a technique used to gain unauthorized access to computers, whereby
the intruder sends a message to a computer with an IP address indicating that the
message is coming from a trusted port.
"Link alteration" involves altering the return address in a web page sent to a consumer
to make it go to the hacker's site rather than the legitimate site. This is accomplished by
adding the hacker's address before the actual address in any e-mail, or page that has a
request going back to the original site. If an individual unsuspectingly receives a
spoofed e-mail requesting him/her to "click here to update" their account information,
and then are redirected to a site that looks exactly like their Internet Service Provider,
or a commercial site like EBay or PayPal, there is an increasing chance that the
individual will follow through in submitting their personal and/or credit information.
According to Assistant Director Monroe, the FBI's specialized Cyber Squads and Cyber
Crime Task Forces across the country are zeroing in on the spoofing problem. The FBI's
Legal Attaché offices overseas are helping to coordinate investigations that cross
international borders. The IFCC has received complaints that trace back to perpetrators
in England, Romania, and Russia.
The FBI is also working actively with key Internet e-commerce stake-holders such as
EBay/PayPal, Escrow.com, and a variety of Internet merchants via the Merchants Risk
Council to identify common traits of such scams, as well as proactive measures to
rapidly respond.
Tips for Internet users:
. If you encounter an unsolicited e-mail that asks you, either directly, or through a
web site, for personal financial or identity information, such as Social Security
number, passwords, or other identifiers, exercise extreme caution.
. If you need to update your information online, use the normal process you've used
before, or open a new browser window and type in the website address of the
legitimate company's account maintenance page.
. If a website address is unfamiliar, it's probably not real. Only use the address that
you have used before, or start at your normal homepage.
. Always report fraudulent or suspicious e-mail to your ISP. Reporting instances of
spoof web sites will help get these bogus web sites shut down before they can do
any more harm.
. Most companies require you to log in to a secure site. Look for the lock at the
bottom of your browser and "https" in front of the website address.
. Take note of the header address on the web site. Most legitimate sites will have a
relatively short internet address that usually depicts the business name followed
by ".com," or possibly ".org." Spoof sites are more likely to have an excessively
long string of characters in the header, with the legitimate business name
somewhere in the string, or possibly not at all.
. If you have any doubts about an e-mail or website, contact the legitimate
company directly. Make a copy of the questionable web site's URL address, send it
to the legitimate business and ask if the request is legitimate.
. If you've been victimized by a spoofed e-mail or web site, you should contact your
local police or sheriff's department, and file a complaint with the FBI's Internet
Fraud Complaint Center at www.IFCCFBI.gov.
Copyright © 2006 Metropolitan Security & Investigations All Rights Reserved
