By now every one of you has received an e-mail that alleges it has been sent to inform you that something is wrong with some account you have and that you need to contact Citi Bank, Capital One, Bank of America, PayPal or the like to straighten it out. The general rule of thumb to avoid be scammed by "phishers" is Never give out personal information unless you initiate the process.
A quick way to determine whether an e-mail is really from your bank, credit card company, Pay Pal, etc., is to do a rollover with your mouse of the address the phisher wants you to click on. The sender's address can be manipulated easily, so if you look to the window where that address is displayed it may well look like a legitimate inquiry. For example, the latest phony e-mail of this type that I received was allegedly sent from Bank of America and the sender's address was displayed as
onlinebanking@alert.bankofamerica.com, which looks legitimate. Bad grammar, poor punctuation, and an obvious lack of familiarity with your native tongue are also signs of phishing. Here's a copy of the pitch:
Because of unusual number of invalid login attempts on you account, we had to believe that, their might be some security problem on you account. So we have decided to put an extra verification process to ensure your identity and your account security. Please click on sign in to Online Banking to continue to the verification process and ensure your account security. It is all about your security. Thank you, and visit the customer service section.If you do a mouse rollover on the "sign in to Online Banking" you will see that the URL you are contacting does not belong to Bank of America but to some scammer in Germany with deficient English skills:
http://madrid10.worldbone.de/bankofamerica.com/That address may lead to a page saying there is an error. The phisher has now accomplished what he set out to do. By clicking on that address he may be able to get information from your computer or even slip something malicious into your computer, depending on your security.