Scam of the day -October 18, 2015 – Phishing alert

Phishing is the name for the scam where an identity thief lures you through a phony email that purports to be from a  legitimate source such as your bank, a company with which you do business or even the IRS or some other governmental agency to a phony website that looks like the website of that legitimate company, but actually is just a scam intended to entice you into providing personal information that can lead to your identity being stolen.  Often there will be links in these phishing emails or text messages which you are advised to click on which will take you to a legitimate looking page where you are prompted to provide your personal information.  In other instances, clicking on the link will download malware such as keystroke logging programs that, once installed on your computer, will provide the scammer with all of your personal information from your computer. This information can be used to make you a victim of identity theft or even to empty your bank accounts if you use your computer for online banking.

In almost all of the major data breaches of recent years, the malware was downloaded when unwary employees clicked on links in phishing emails.  Phishing emails are always trying to convince you to open the email and click on the link with subject lines designed to get you to open the email.  Here is a list compiled by Fraudwatch International, a leading online protection company of some of the most effective phishing emails indicating from whom they are purported to be sent and the content of the subject line.

Bank of America – Important Notice

Westpac Bank – Your Account Has Been Blocked

PayPal – Resolve remote access


Apple Store  – About your last Transaction

Wells Fargo Bank – Deposit Hold Alert


Never click on a link to a website unless you are totally sure that it is legitimate.  Trust me you can’t trust anyone.  Even if you receive an email from someone you trust, it may not be from them at all, but rather from someone who has hijacked their email or even if it is from them, they may have, in turn, fallen prey to a scam artist and may be passing along dangerous malware without even knowing it.  Never click on a link unless you have confirmed that it is legitimate.  Another good preventative step is to install antiphishing software on your computer to warn you before going to a website that may be tainted.  A good, free antiphishing software program can be found at

Scam of the day – January 7, 2013 – Most dangerous websites

Phishing is the name of the scam whereby you are lured to a phony website that appears to be legitimate, however when you click on links in these phony websites, download material from these websites or provide information to these websites, you put yourself in danger of identity theft or of downloading dangerous keystroke logging malware that can steal all of the information on your computer including credit card numbers, your Social Security number, passwords and various account information.  In addition, you may unwittingly have your computer taken over as a part of a botnet (for more information about botnets, check out other postings on or in “50 Ways to Protect Your Identity in a Digital Age”) whereby your computer is made part of the botnet circulating scams around the world.


Recently Trend Micro issued a list of the most common websites that were the subjects of phony phishing websites during the past month.  The top ten websites of which you should be particularly wary of to make sure that you are dealing with the legitimate company are:  PayPal, Wells Fargo, Visa, Citibank, Bank of America, Aol, Yahoo, Hotmail, Gmail and Mastercard.  Things to look out for to avoid phishing websites are when you are directed to a website through an email that does not refer to you by name or if the email contains spelling errors or poor grammar that may indicate the email is coming from a foreign scammer (or a poorly educated American scammer).  A good rule to follow is to not click on links in emails or text messages to go to a website.  If you consider the email or message worth following up on, go to the website of the legitimate company by typing the URL that you know is correct into your browser.