Six Steps to Stop: Sophisticated Spam Scam That Starts Identity Theft

A new, sophisticated e-mail ‘phishing’ scam seeks to lure consumers to phony online sites where they can be fooled into sharing the information needed for a thief to steal their identities, former master forger and leading fraud protection expert Frank Abagnale, Jr. warns.
“This technically advanced scam uses JavaScript to replace your browser’s ‘Address bar’ with a working fake. This means it looks like you are at your bank’s Web site, but in fact you are at a scammer’s site where any information you share could be used to steal your identity,” says Abagnale. “These scams are increasingly common and difficult to detect.” He suggests that consumers:
1. Be suspicious of urgent requests for personal financial information
sent by e-mail;
2. If asked for personal information, never click on a link in an e-mail
to go to a Web page. Instead, go to the company’s Web site and
navigate from there;
3. Never send personal financial information by e-mail. If an e-mail
requests this info, go to the company’s secure Web site and enter it
4. Be sure you are using a secure site whenever you enter any personal
financial data on the Web;
5. When in doubt, use your phone and not your mouse as a quick call can
determine if an e-mail request is legitimate; and
6. Closely monitor your credit history to ensure that all transactions
are legitimate.
“One way to closely monitor your credit history is through a service like PrivacyGuard ( or 1-866-GuardMe [482-7363]), where you can obtain daily updates if someone applies for credit in your name,” says Abagnale. “PrivacyGuard lets you know of a potential problem before an identity thief has time to destroy your credit,” he added. A master thief who once cashed $2.5 million in bad checks while still a young man, Abagnale detailed his crimes in the 1980 autobiography, Catch Me If You Can. He has spent the past 25 years helping the FBI and other law enforcement agencies prevent fraud and respond to changing trends in criminal activity.
One security firm which maintains an extensive database on electronic crime, estimates there have been more than 250 reported phishing attacks on major banks and credit card companies, e-commerce sites and government agencies in the past year. The firm estimates that worldwide economic damage from phishing scams last year will exceed $32.2 billion in customer and productivity losses, business interruptions and brand repair efforts.