FAQs  |  Site Search  |  Contact Us

Identity Theft

Fraudsters take advantage of innocent consumers daily through check, ATM (automated teller machine), and Internet scams. These gifted scammers use the latest technology to make it harder and harder to detect if your transactions are legit. Knowing the latest trends in the scamming industry can help you protect yourself from being victimized.

Phishing

Phishing incidents take center stage in Internet scams as they've increased dramatically in popularity in the past year. Phishers use the Internet to steal money and personal identities. Victims usually receive fraudulent e-mails containing authentic looking company logos and familiar graphics and are asked to divulge financial information. A study by the Gartner technology research firm shows 52 million U.S. Internet users received phishing e-mail during the past 12 months, from which 1.8 million consumers divulged information and one million fell victim. While consumers at banks and credit unions are prime targets, AOL and eBay users also are victims of frequent attacks. Elizabeth was a victim of an AOL attack when she discovered her credit card number had been stolen from her online AOL wallet. She now enters her credit card number and password each time she makes a purchase, no longer keeping them saved. Elizabeth responded to "What's Your Story?" on the Home and Family Finance Resource Center Web site, as did other contributors in this article.

"Fifty-two million U.S. Internet users received phishing e-mail during the past 12 months."

As consumers such as Elizabeth catch on, phishers develop new ways to scam their victims. Many phishers now are trying techniques that have worked well for virus writers. The newest phishing scam is activated when you simply open an e-mail, no clicking required. Once infected, the scammers change the IP (Internet Protocol) address in your PC's Hosts file to their choosing. The fraudsters then associate the IP address with bogus bank/credit union Web sites, which forces your browser to go to fake Web sites that look like your financial institution's site.

A phisher using the name Robotecteur is responsible for sending out the e-mail virus "I Still Love You" to three million people. The virus recorded user names and passwords when the user visited any of 30 online banks and payment Web sites programmed in the virus. Robotecteur then received e-mails containing the sensitive information.

This form of phishing is different because the scammers don't have to lure you to a specific Web site. Instead, they get your username and password once you log in to a banking Web site. A keylogger then records your information and takes screen shots of your PC activity.

Unfortunately, most PC users will not detect a problem until it's too late, because most are not knowledgeable with Hosts files. While the attacks have only occurred in Brazil, Australia, and the United Kingdom, security experts expect to see the scam soon in the U.S. However, experts also say all phishing scams, these included, are preventable. As always, run and update antivirus software frequently and, if you don't have one already, install a firewall. More information about phishing is available on the Anti-Phishing Working Group Web site.

While phishing remains a high concern, experts also caution consumers against high-risk Internet use. The FTC (Federal Trade Commission) reports 55% of filed complaints are related to Internet fraud. The median loss for an Internet attack is $195. While online banking is safe, consumers still are more fearful of online banking transactions than giving out financial information for online shopping. Experts advise consumers to monitor their accounts regularly rather than wait for the monthly mailed statement.

"The most common check scam is the "Nigerian Advance Fee Fraud," with 100 victims daily."

Brad, from Maryland, noticed unusual activity on his card, which he hadn't used in several months. Brad noticed the suspicious charges when he checked his online account. His quick action allowed him to resolve the matter before anything was posted on his account.

Experts say it's also a good idea to change your online banking and shopping account passwords every three to six months. And to avoid being led to fraudulent Web sites, retype the Web address in your browser rather than click through e-mail links. These simple steps can protect you from serious hassles down the road.

Check Scams

While scammers increasingly turn to the Internet, consumers still are targets of check scams. During a five-month period from January to June 2004, check scams collected an average $5,000 loss per consumer. Fraudsters increasingly use e-mail to contact their victims.

There are several variations of the check scam; the most common strategy is the "Nigerian Advance Fee Fraud," with 100 victims daily. The scammer proposes to send the victim a check for an extra sum and requests the victim wire back the excess money. The scammers often are from--or at least claim to be from--other countries, which explains why it is too difficult for them to make direct payment. Scammers offer to buy something you have for sale, offer you collection of a sweepstakes you won, or pay you to work at home.

Victims often send the product or money to the scammer once they receive payment. However, the realistic looking checks sent to victims are forgeries and, unfortunately, the victims are responsible for the money they withdraw against the bad check. Experts advise sellers to not send refunds or deliver goods in the period it takes cashiers' checks to clear.

ATM Scams

Like all scammers, those who target ATM users use the latest technology to their advantage. The newest ATM scam involves skimming. Fraudsters make counterfeit ATM cards by using a skimmer, which is a card-swipe device that reads the information on a consumer's ATM card. Scammers take a blank card and encode all the information from an ATM card when they swipe immediately after the machine's last transaction. The skimmer catches the PIN (personal identification number) through a small camera mounted on the ATM. The consumer is unaware they've been scammed because the ATM card has not been stolen and still works at other machines.

"Fifty-five percent of filed complaints are related to Internet fraud."

Joyce, from Colorado, fell victim to such an attack. Because her card wasn't stolen, she didn't detect a problem until her checking account was down almost $800. After contacting Bellco Financial Services, Joyce was able to erase the damage done by the shopping spree she never took.

The "Lebanese Loop" is another popular ATM scam. Scammers insert a portable steel loop into an ATM card slot. The scammer usually approaches the victim while at the machine, and poses as the person next in line. Victims are advised to enter their PINs three times and then hit cancel to get the machine to accept the cards. The scammer is able to memorize the PIN for future use and the machine keeps the card because of the excessive number of attempts to enter the correct PIN. Victims leave in frustration because they couldn't get any money and they've lost their card. Once the loop is taken out of the ATM the scammer has the card and the PIN number for future transactions. This is a relatively new scam that many experts believe will be short-lived due to fast technology upgrades.

While it is difficult to guarantee protection from ATM scammers, there are security tips that lessen the risk. Be on the lookout for anything out of the ordinary at the ATM, such as odd- looking equipment or wires. As always, monitor your accounts regularly to make sure there is no unusual activity.

If you've been scammed, the FTC Web site has information on the steps you need to take to clear your name and protect your identity.