In thinking about Easy1's post about Paypal below - I thought I'd mention a couple of items.I've been working with computers and networks for 20 years now. As the IT guy at Panhandle State University, I see a wide range of problems with faculty and staff and students with viruses, malware, Internet scams, etc... One of the girls in the business office recently got a message proclaiming a "problem with her Ebay account" and asking her to verify her info. She was somewhat aware of that type of phishing scam message, but she had several items about to sell, so she immediately logged into the link to make sure there was no problem. She said it was "acting funny", so she decided to just check it out later. Her checking account funding was tied to her Ebay account and the next morning she found out she had been cleaned out by ATM withdrawals in Romania. She cut the funding ties to Ebay, and luckily the bank reimbursed her all but $50 for the scam. BUT in the midst of it all, she forgot to change her Ebay password. A few weeks later, she had an item about to sell worth several thousand dollars. Right towards the end of the sale, the auction was changed with the directions for payment changed to someone else. The scammers had kept her info and waited for a while - and then logged in as her and modified the auction and came fairly close to scamming her twice! THEN - I had been working out at the farm a couple of weekends ago and come in all dusty and itchy after a long day. I was headed for a shower after getting home, when I thought I'd check the email right quick. Lo and behold - I had a big thank you message from "Jetson Electronics" thanking me for my $740 payment! Thinking the wife or daughter had purchased something I hadn't heard about - I immediately charged for the "check item details" button at the bottom and typed in my paypal userid/password. This website, too, started "acting funny" - and it took me about 10-20 seconds to realize I had fallen flat into a phishing scam, too!! I immediately directly typed in www.paypal.com and went there directly - and purposely mis-guessed my password 4-5 times in a row to lock the account. I then went through the unlock procedure and reset the password to a new one - it rattled me enough, I then removed the links to my funding sources... Luckily, I didn't lose any money over it, but it really impressed me how easy it is to fall for a scam - even when you are aware of them... In both cases, we "knew" how a scam works, but they caught us with a plausible sounding pitch in a somewhat emotional state. The scammers knowing the technical ropes of how to rip someone off is now "old hat". It seems like they are focusing more and more on the "social engineering" aspects of preying on human nature. So the next time you see a message trying to provoke you - like "Bush or Kerry" or "Coke or Pepsi" or "thank you for adding this email account to your paypal account" or "thank you for your payment", you might think just a second before you click!
Howard H.
| 
