“World's Most Complete Neighborpedia”
Sponsor a CommunityWhat is Localism? | Register or Sign In
Explore:   What's happening in your neck of the woods?
Home Phishing Season is upon us - Watch for tho...

Phishing Season is upon us - Watch for those Spoof e-mails

The following e-mail looks really official. As a matter of fact, the e-mail address it came from looks really official, memberservice@suneast.org. I know it looks official because I checked out SunEast Federal Credit Union on the internet and found that their website is www.suneast.org so the e-mail has to be right, right? Wrong! This is just another example of phishing or spoofing that is happening more and more on the web. These seemingly real e-mails come asking you to access your account through the link provided (this time through a telephone number) and then they have you.

https://hb.suneast.org/images/sunlogo.gif



Our records indicates a bank by phone password does not exist for your account. Please call us immediately at 1-877-280-9439 to activate this feature. We're available 24/7 to take your call.

Please disregard this e-mail if you've already call us since the date this e-mail was sent.

We appreciate your prompt attention to this matter.

Thank you

My first indication that something was wrong was pretty easy, I don't have an account with SunEast. As a matter of fact, I can't figure out why I would possibly have an account with a Pennsylvania Credit Union when I live in Oregon. But they are not the only financial organization being attacked. I have gotten phishing attempts on Washington Mutual, Wells Fargo and Bank of America. The pirates are out there trying to get your information.

What do you do? Well, just deleting the phishing e-mail is OK, but better would be forwarding it to the financial institution that is being phished. Most organizations have a specific email set up at at something like spoof@financialcompany.com. In this case, I called Sun East and found out they want theirs sent to a specific person. If you are getting phishing e-mails, don't respond. Check them out. Forward the e-mail. Help get these guys caught.

UPDATE 1/8/2009: Hi, this is just an update. I got another phishing e-mail this morning on PayPal. Since the e-mail address I received this on is not listed on my paypal account, I knew it was a spoof so I forwarded it to spoof@paypal.com. Here is their response:

Hello Fred Chamberlin,

Thanks for forwarding that suspicious-looking email. You're right - it was a phishing attempt, and we're working on stopping the fraud. By reporting the problem, you've made a difference!

Identity thieves try to trick you into revealing your password or other personal information through phishing emails and fake websites. To learn more about online safety, click "Security Center" on any PayPal webpage.

Every email counts. When you forward suspicious-looking emails to spoof@paypal.com, you help keep yourself and others safe from identity theft.

Your account security is very important to us, so we appreciate your extra effort.

Thanks,

PayPal

This email is sent to you by the contracting entity to your User Agreement, either PayPal Ince, PayPal Pte. Ltd or PayPal (Europe) S.à r.l. & Cie, S.C.A. Société en Commandite par Actions, Registered Office:

5th Floor 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118 349.

authored by Fred Chamberlin, senior mortgage consultant, Eugene/Springfield, OR, 541-342-7576
Posted Monday Jan 05