“World's Most Complete Neighborpedia”
Sponsor a CommunityWhat is Localism? | Register or Sign In
Explore:   What's happening in your neck of the woods?
Home

Phishing Season is upon us - Watch for those Spoof e-mails

The following e-mail looks really official. As a matter of fact, the e-mail address it came from looks really official, memberservice@suneast.org. I know it looks official because I checked out SunEast Federal Credit Union on the internet and found that their website is www.suneast.org so the e-mail has to be right, right? Wrong! This is just another example of phishing or spoofing that is happening more and more on the web. These seemingly real e-mails come asking you to access your account through the link provided (this time through a telephone number) and then they have you.

https://hb.suneast.org/images/sunlogo.gif



Our records indicates a bank by phone password does not exist for your account. Please call us immediately at 1-877-280-9439 to activate this feature. We're available 24/7 to take your call.

Please disregard this e-mail if you've already call us since the date this e-mail was sent.

We appreciate your prompt attention to this matter.

Thank you

My first indication that something was wrong was pretty easy, I don't have an account with SunEast. As a matter of fact, I can't figure out why I would possibly have an account with a Pennsylvania Credit Union when I live in Oregon. But they are not the only financial organization being attacked. I have gotten phishing attempts on Washington Mutual, Wells Fargo and Bank of America. The pirates are out there trying to get your information.

What do you do? Well, just deleting the phishing e-mail is OK, but better would be forwarding it to the financial institution that is being phished. Most organizations have a specific email set up at at something like spoof@financialcompany.com. In this case, I called Sun East and found out they want theirs sent to a specific person. If you are getting phishing e-mails, don't respond. Check them out. Forward the e-mail. Help get these guys caught.

UPDATE 1/8/2009: Hi, this is just an update. I got another phishing e-mail this morning on PayPal. Since the e-mail address I received this on is not listed on my paypal account, I knew it was a spoof so I forwarded it to spoof@paypal.com. Here is their response:

Hello Fred Chamberlin,

Thanks for forwarding that suspicious-looking email. You're right - it was a phishing attempt, and we're working on stopping the fraud. By reporting the problem, you've made a difference!

Identity thieves try to trick you into revealing your password or other personal information through phishing emails and fake websites. To learn more about online safety, click "Security Center" on any PayPal webpage.

Every email counts. When you forward suspicious-looking emails to spoof@paypal.com, you help keep yourself and others safe from identity theft.

Your account security is very important to us, so we appreciate your extra effort.

Thanks,

PayPal

This email is sent to you by the contracting entity to your User Agreement, either PayPal Ince, PayPal Pte. Ltd or PayPal (Europe) S.à r.l. & Cie, S.C.A. Société en Commandite par Actions, Registered Office:

5th Floor 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118 349.

authored by Fred Chamberlin, senior mortgage consultant, Eugene/Springfield, OR, 541-342-7576
Posted Monday Jan 05
( 01/05/09 04:44PM ) — Jim Allhiser Salem, Oregon Home Inspector

Fred,   Good info.  That is pretty tricky.


Just can't trust anybody these days.

( 01/05/09 05:10PM ) — Chris Brown - Florida's #1 FHA Mortgage Broker | Syndicated Mortgage Blogger

Fred


 


great blog post - the bad guys are getting smarter and more clever.  thanks for helping the good guys stay up on it as well!


 


chris the implemtner

( 01/05/09 05:20PM ) — Fred Chamberlin - Eugene/Springfield's #1 Experienced FHA Mortgage Consultant

Jim - You got that right, tricky is really the right word. I don't know how they can hijack a website like that, but they sure do.


Chris - I will do my best. Interestingly, Marti just posted a phishing post on his blog too, but about twitter. It must be that time of year. Phishing Season.

( 01/05/09 06:09PM ) — Bo Hussung

Fred, thanks, I am not falling for the crap! there is so much spamming, etc going on with the internet that you have to watch everything you do. Twiiter has been battling spam for passwords and log-ins. All I say is thanks and be careful.


Bo

( 01/05/09 06:51PM ) — Cecily Parks

Crap! You caught me Fred!!! I was hoping to make some extra dough off this fake site!!! Thanks for telling EVERYONE!! Hahaha!

( 01/05/09 06:53PM ) — Fred Chamberlin - Eugene/Springfield's #1 Experienced FHA Mortgage Consultant

Bo - They are always out there lurking.


Cecily - Are you a lurker? LOL.

( 01/05/09 08:20PM ) — Elizabeth Weintraub, Sacramento Short Sale Agent, 916.233.6759, Lyon RE

The really awful thing is you can't set up rules to delete those messages because otherwise you'd be deleting every email you ever send to yourself. I hate these things. I try to do it from subject or message body, but still, I expect a lot of my emails go into the delete folder that shouldn't. It's better than irritating me every day, though. :)


Elizabeth Weintraub Land Park Real Estate Agent in Sacramento

( 01/06/09 12:45AM ) — Meridian Idaho Real Estate ~ Pam Pugmire

Great heads up!  There is some crazy stuff going on and wee need to be aware of the latest scams so we can protect ourselves, and hopefully stop the perps.

( 01/06/09 07:02AM ) — Margaret Oscilia-Home Stager, Salem Oregon

I hadn't thought of advising the existing bank . . . that is a great idea that I'll do next time - Thanks Fred (aren't you always thinking!).

( 01/06/09 07:53AM ) — Sandy Shores, Melbourne/Palm Bay FL, Brevard County Real Estate & Investing

Hi Fred, We are seeing more and more of these turning up all the time. Very scary - I have received several of them also. And they do look very official - but the info they are asking for is bogus.  Thanks for the alert and always keeping us on our toes!

( 01/06/09 09:08AM ) — Eleanor Thorne 919-649-5057 Cary Mortgage Loans

Have quite the problem at Twitter re: this... in fact there's a note that says, "don't login to FAKE Twitter site!"  Apparently there are viruses going around!

( 01/06/09 09:22AM ) — Fred Chamberlin - Eugene/Springfield's #1 Experienced FHA Mortgage Consultant

Eleanor - Often times the rules for these type of e-mails only work for a short time anyway. They are always updating the attempts.


Pam - Reporting the attempts to the banks helps stop them and get them caught.


Margaret - Thanks, always trying to make things safer.


Sandy - Just report all of them that you can. I know it takes a little longer, but it is worth it.


Eleanor - Yes Twitter is having a major attack right now. The link in my response above to Marti should help people that are not aware of it.

( 01/06/09 04:48PM ) — Sean Keene Salem/Keizer Realtor

Thanks for the great info Fred. I have received some of these in the past and I always mark them as Spam.

( 01/06/09 04:58PM ) — Fred Chamberlin - Eugene/Springfield's #1 Experienced FHA Mortgage Consultant

Sean - They are really tricky at times. Just report them if you can, that helps.

( 01/06/09 06:27PM ) — Jon Wnoroski, Summit County Realtor

Hi Fred - Thanks for the information.  I, like most others, just delete those emails or send them to spam.  I never though about sending them on to the "spoofed" company.  I'll try that the next time I get one.

( 01/06/09 06:36PM ) — Fred Chamberlin - Eugene/Springfield's #1 Experienced FHA Mortgage Consultant

You are welcome Jon. Anything we can do to catch these monkeys.

Post a comment

Temporarily disabled — coming soon!