Tuesday, February 28, 2006 - Almanac Vol. 52, No. 24
Does Your Email Sometimes Smell "Phishy"?
You may have read about phishing email scams that try to trick you into going to bogus websites and entering personal information like credit card numbers and Social Security numbers. This is one of the most common ways of committing identity theft.
In the past year, the attacks have become more personalized. In May 2005, several hundred people at Penn received e-mail forged to look like it came from the Penn Student Federal Credit Union, informing them that their account had been compromised. The email provided a web link, and advised recipients to go to the website and enter their account and password information. In fact, the email linked to a hacked website which was used to collect victims’ passwords. A similar hoax tried to trick Penn people into going to a hacked website to enter their PennKey and password.
You should maintain a healthy skepticism about email that asks you to go to websites to enter personal financial information or passwords. If you think a request may be legitimate, contact the sender directly at a published phone number or email address, not one included in the email.