Have You Seen The Latest Round Of Phising Emails?
Image by factoryjoe via Flickr
This morning I received an email from my hosting company—the one that is home to this blog and to some of my other sites. It seems there’s a new batch of phishing emails.
The subject line jumped out at me. VERY URGENT spoof asking for your login details
It seems that a message went out to some of the company’s customers. The message said in part…
At this point we can not charge money from your credit card for membership fees.
Is your credit card ending 3158? Please check again and let me know.
Once again, the phrasing suggests a non-native English speaker.
No reputable company will ask for you login information. In my professional Information Technology career, I founded and managed a computer support department. I preached not giving out your account or password to anyone.
I served as system administrator (at a different time). Trust me. Your hosting company owns your account. They can get in any time they want. (Don’t worry, they don’t have time to be poking around.)
When you are paying for your hosting, you have a contract with the company. They take your account security very seriously. Their business depends on it.
The message was sent from an email account that looked like the support email address. However, it was a Gmail account.
Anyone can get a Gmail account in any available name. That’s why you should reserve your name wherever you can (Gmail, Yahoo, Hot Mail, etc.).
Look carefully at the originating email address of questionable messages you receive. Remember that the person who hacked my email got an address at Yahoo and use ymail.com instead of my gmail.com address. Lower case y and g in small print can be mistaken at first glance.
Smart companies (and smart writers) use their own domain to brand themselves.
Also, no company will call you on the telephone and ask for your account access information. Never give out information unless you originated the call.
Even when you call and companies do need your information, they will question you to make sure you are who you say you are.
Use your judgment whenever anyone contacts you asking for information. When in doubt, contact the company yourself to verify the contact came from them.
Also, report any phising attempts to the company whose identity if being spoofed. Most companies have an email address where you can report phising emails. If you can’t find an address, send a message to webmaster@company domain.
Write on,
Lynn
Thanks for this up date. It seems that now matter how many times folks are warned… there are always some that fall for the ploy. The offending party must get enough “victims” to make it worth their time and money.
Thanks again.
Great reminder! The one that gets me is the one that says a friend has been mugged in London and needs money wired immediately. Talk about preying on people’s fears! Like Kathryn said, they must get enough people to respond to keep trying. Love reading your blog, even if I don’t comment.