Summit Mortgage - Bend Oregon

About Us

Mortgage Consultants

Staff

Mission Statement

Testimonials

Employment

Purchase

Refinance

Home Equity

Glossary

Calculators

Privacy

1st Time Home Buyers

FAQ's

Forms

Market Condition

News

Newsletters

Phishing Scams: The Next Generation of Fraudulent Data Gathering

Wednesday, October 29, 2008

With fears on the rise about the financial industry, phishing scams have been on a steady targeted rise. There are many ways to identify a phishing scam so that you can avoid sharing any of your personal or private information.

You may be wondering what constitutes a Phishing Scam. A phishing scam is an advertisement, offer, email, or telephone solicitation that is used to gain personal and sometimes seemingly trivial information from you. The purpose of this is to use personal information for data gathering or more seriously, identity theft. The advertisement, offer, email or telephone solicitation looks legitimate, and may even have a legitimate business name on the offer. The goal is to gather your private information ranging from your name and telephone number, email address, and home address to more serious and dangerous collections such as your passwords, account numbers, etc.

Two Types of Phishing

The first less serious type of phishing is done for data collection. There may be an attractive offer and all you have to do to participate is enter your name, address, phone, and email to take part. This is a data capture technique which usually results in increased junk mail and spam mail. The dangers are that with these extra junk options, your information can be sold to anyone, including the more dangerous, predatory parties like the next type of phishing.

The second and more dangerous form of phishing comes in the form of spam or junk email, typically a result from you signing up for some extraneous offer. The email or mail appears legitimate, with a legitimate business. This form preys on the fearful or presents something unbelievable such as an offer.

The most commonly mistaken phishing emails look like they are coming from your bank. In the email it will “alert” you to the fact that someone has stolen your identity or there is an overdraft on your account, etc. The email then prompts you to follow the link to the website to log in and take care of the information. Sophisticated criminals can mask your bank’s web address so that you log in, and then they have your log in information and pin numbers. Some phishing websites will even prompt you to enter in the specific account number the email was regarding. You will click on the link and see a website that looks EXACTLY like your bank’s web-site which makes these scams all the more frightening.

Once the thief has your information, there is no telling what they will do with it.

How Do You Avoid ID Theft?

1. Never give your account numbers, personal identification number (PINs) or other information in email or on phone communications not initiated by you. And even then, please exercise caution.

2. Do not click on embedded links with in emails. The true web site destination can be hidden easily. Always manually type the web site address, or use your known favorites.

3. Do not call a phone number received by email or a phone call. Use phone numbers on your statement, the back of your debit card, or as published in the phone book in regards to your banking, retirement, or other monetary accounts.

4. Maintain up-to-date security software on your computer systems. Email addresses are obtained from unprotected systems, used and sold to scammers. Unprotected systems are also used to spread phishing scams.

5. If an offer appears too good to be true on a website, it probably is. Research that company or product first, preferably with the Better Business Bureau website’s rating system & feedback section (available by business name search).

6. If you visit a website that asks for any personal information before you can see the content of the site, they are collecting your data and the website is dangerous.

7. Make sure to check the Security Certificate on the website. This primarily has to do with your protective software but many websites, especially banks, show you their security certificate up front. Many times your protective software may warn you before you enter the site as well, indicating there is an issue with the safety certificate.

In Closing

Recently we were made aware of an “Article” in a local paper of some sort. It had to do with lending, and contained offers that were too good to be true. It discussed how a local business man (a lender) could help people with poor credit and if he couldn’t he would pay you out of pocket $100 or $500 to a local charity. Another ad on the back of the same page detailed “credit help” to those who needed it, and/or a free credit check. The “articles” had websites which we investigated and found out they were phishing websites.

If you are looking for a credit challenged loan or anything of that nature, please give us a call and we can help you gather reliable information. If you are looking for your free credit report, please visit the following web address for the government’s free offer:

http://www.ftc.gov/bcp/edu/pubs/consumer/credit/cre34.shtm

All other “free credit” offers charge a fee or are a phishing website to which you just disclosed your social security number. The above web link describes more in detail how to obtain your free credit report.

Sadly, this happens in all industries at the current time so please be careful of what you read and what you see. Criminals are becoming more and more sophisticated when it comes to stealing your identity, or gathering your personal information. We encourage you to research ID theft at your local library or on-line through trusted sources so that you can prevent this terrible situation from happening to you.

Back to News Page