I’ve been alarmed over the emails that I received for the past two weeks; it seems that online scam artists are doubling their efforts.
I used to get only about 2 or 3 emails a month from scam artists and they are usually from somebody who wants you to help them “hide” their money from a terrorist government or somebody who wants to entrust you with huge amount of fortune they received. I’ve also received emails selling black market medicines.
However recently I have received two emails that made me raise my eyebrows. These are not ordinary scam emails where you might be somewhat forewarned that they are scams. This type of online fraud is sure to get an uninformed user hook line and sinker.
What I am talking about is what security experts aptly name as “phishing.” According to Wikipedia, phishing is defined as “an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. eBay, PayPal and online banks are common targets.” It is typically carried out by email or instant messaging.
The email I got was supposedly from paypal. According to the email my paypal account was “flagged” as supposedly somebody tried to access my personal account. The message looks like this:
An uknowing user will then click on the alleged paypal link and will then taken to a copycat “paypal” website where he enters his user name and password. What he just did is give the con artists his user name and password in his actual paypal account.
Another email I received was supposedly from Citibank wherein it says “Citibank eStatement.” The scammers gives me this message:
“Dear Valued Client,
Please be advised that your current Citibank Visa/Mastercard Classic Electronic Statement is available for viewing.
If you have opted to receive your statement by email, please click on the attached pdf file and view your statement using your Electronic Statement password.
You can also view your statement by signing on to Citibank Online at www.citibank.com.ph.
For new enrollees, please refer to the following guide on the use of your password:
• Enrolled by Phone. Your default password is your birth date, plus the last 4 digits of your credit card, in the format mmddyyyynnnn.
• Enrolled through Citibank Online. Your password is the 8-13 character password you created.
Your password in Citibank Online can now be from 8 – 13 characters. To change your password, simply sign on to Citibank Online at www.citibank.com.ph, click on Account Information > Change, See or Cancel eStatement.
For inquiries, you may send us a message by signing on to Citibank Online and clicking on the Mail icon. You may also call our 24-hour CitiPhone at:
Metro Manila: 995-9999
Metro Cebu: 234-9999
Toll-Free from Other Provinces: 1-800-10-9959999
From Abroad: +63 (2) 995-9999
Thank you for using Citibank Electronic Statements.”
If you click the links provided you will be taken to a fake Citibank Philippines site where you type the user name and password for your account after which the scammers then retrieve such information with a big smile on their face.
I will probably talk about how to detect online fraud and what you could do to avoid being a victim of online fraud in later post, so check in once in a while !