Identify Spoof Emails and Stop Identity Thef
Today`s topic is Identifying Spoof emails and protecting you and your bank
account from online fraud!
Before I begin I will give you a bit of background on this article.
I first wrote the piece about 8 months ago and made it into an e-Book. Since
then Spoof emails have been getting much more advanced and the fraudsters are
getting even smarter, I found this out the hard way 🙁
Take a look at the image below:
Â
That`s a screenshot of my bank statement in January 2006, have a look at the
four charges from “OceanViewSA”. The transactions were all made on
the same day and it wiped £500 straight out of my bank account. These
charges were unauthorized and were not made by me, I had been scammed!
I quickly phoned up the bank and told them what had happened. They quickly
started an investigation into the transactions and found out that someone had
used my card details to deposit the £500 into some sort of online casino
website. Luckily for me the bank returned the £500 to my account but it
just goes to show how easy it is for these scammers to get your details. Thats
why I felt the need to update my article so hopefully the same thing won`t happen
to any of you, enough chat, let`s begin 🙂
What is a spoof email?
Spoof emails (sometimes also called “Phishing”) are emails that pretend
to be from a company or bank. The most common often come from eBay, PayPal,
Barclays Bank etc. These emails will then contain a web link, if you click on
this link then you will be taken to a login page and asked to enter your details.
Most of these scammers go a long way to try and get your details, most spoof
emails contain links to identical websites and users are tricked into entering
their personal information. If you submit your information through one of these
spoof websites then the fraudster has all of your details and can commit crimes
using your identity.
How do they get my email address?
You may wonder how the scammers got your address or knew you were a member
of a particular bank or institution. Often it is just good luck on the part
of the scammers. They normally do not target individuals, but send out thousands
of scam emails to randomly generated email addresses, in the hope that just
a few will be successful. They also trawl the web for valid addresses they can
use, and swap this information with each other. If you have ever posted on an
Internet forum or published something on the web, there’s a good chance your
address is out there somewhere just waiting to be found. If you have fallen
victim before, your address is normally added to a list of ‘easy victims’, and
you are likely to then receive even more scams.
How can I identify these emails?
Here are 4 simple tests that you can perform on any email you suspect is a
spoof. Your email can only pass the test if it passes ALL FOUR of the tests.
If your email passes all of the four tests then you can be 99.9% certain that
it is a genuine email. If your email passes all four of the tests then we would
also advise you to check the “Other Tips” section just to double check
that your email is genuine.
If your email fails
If your email fails JUST ONE of the four tests then the email is a spoof and
shouldn’t be replied to and should be deleted immediately from your computer.
Even if your email fails the test, I would still advise you to check out the
“Other Tips” page for more good ways to spot a spoof email.
If you are still in doubt
Unless you are 100% sure that your email is genuine, DO NOT click on any links
within the email. Contact the company in question (See the “reporting a
spoof” page) and ask them to confirm if the email is genuine or a spoof.
Test 1 – Who is the email addressed to?
Have a look at how the email addresses you. Most spoofs will say something
along the lines of “Dear eBay user”. This is the very first thing
you should look for in a spoof email. Any email that doesn’t address you by
your name is a spoof. Ebay, PayPal and banks always address you by the name
you registered with on their site, they NEVER send out emails saying
“Dear valued customer”, “Dear member” etc.
If your email isn’t addressed to you personally then it is a spoof! If your
email is addressed to you then move onto the next test to see if it is a spoof
email. Some more advanced spoof messages have started to include your name or
email address instead of the generic “Dear member” or “Dear user”.
So even if your email were addressed to you I would strongly advise you to carry
out the 3 other tests.
Test 2 – Where does the link go?
Most spoof emails will contain a link telling you to verify your details. You
can quickly tell if your email is a spoof by hovering your mouse over the link.
When your mouse is over the link, look in the bottom left hand corner of your
screen and you will see the “link destination”. The destination of
a spoof link will usually look something like this:
“http://slp.clinker.net.mx/.sh/.a/index.htm?SignIn&ssPageName=h:h:sin:us”
Compare this with a real eBay link:
http://k2b-bulk.ebay.co.uk/ws/eBayISAPI.dll?MyeBaySellingSummary
And you can see the difference. You can easily check if you email is a fake
by looking at the first part of the link destination, if the destination is
a combination of numbers (102.382.54.23) or a link like the one in my spoof
link above then the chances are that your email is a spoof.
Any non-spoof link will contain the name of the company in the first part of
the link, eg:
http://cgi.ebay.co.uk http://cgi.ebay.com http://cgi.paypal.com
Please note: Some spoof links will contain the words “eBay” or “PayPal”
in the final part of the link. These are also spoofs!
All real emails will only contain the company name in the very first part of
the link; after http://. If you still aren’t sure if you have a spoof email,
move onto the next test.
Test 3 – Who really did send you the email?
This test may seem a little confusing but don’t worry it isn’t as difficult
as it looks. What we are going to do is find out where the email came from.
Most people don’t know this but you can trace the origin of your emails in most
mail programs. To do this we have to view the “FULL message header”,
here is how you do this in the following email programs. If your program isn’t
listed here please contact your email provider for instructions:
Hotmai – 1. Click on “Options” 2. Click on “Mail display settings”
3. The 3rd option can be used to display the header settings, select “Full”
from the check boxes 4. Click on “OK” to save your settings
Outlook Express – 1. Right click on the email and select “Properties”
2. Select the “Details” tab
Now that we can view the message headers, here is how you identify a spoof:
Look in the part of the header that says “Received From”. If the
email has come from anyone other than the sender it’s a spoof. I had a spoof
email and performed this test and notice that the email had been sent from a
Yahoo account. Obviously a real email from eBay would not have been sent from
a Yahoo address!
Test 4 – Click on the link
Only try this if your email has passed the previous 3 tests. Some spoof emails
have been known to contain viruses that are activated by clicking on the link.
Please ensure that you have a good virus scanner installed on your PC before
proceeding. If you have important data on your PC you may also wish to backup
that data on a removable backup device.
When you click the link in your email a web browser will open and take you
to what looks like a legitimate login page. There are two ways to identify a
spoof login page, and I will show you both of them! Have a look in the address
bar at the top of the login page. Have a look at the http:// part of the URL.
Any genuine login page from eBay, PayPal or your bank WONT start with “http://”
it will start with:
“https://”
The “s” in https:// stands for “secure” and is there to
show you that you are about to submit data over a secure connection.
Any page not starting with https:// is a spoof. The second difference between
the two pages is the padlock icon in the bottom right hand of the screen. Notice
that the spoof login page doesn’t have a padlock, and the genuine eBay login
page does. This padlock appears to show you that you are about to submit data
over a secure connection. If your login page DOESNT have a padlock icon in the
bottom corner of the screen then it is a spoof!
Other Tips for spotting Spoofs
1. Punctuation – Read your email carefully and look for any spelling
mistakes. You can be sure that any genuine emails wont contain simple spelling
mistakes.
2. Adverts? – Real emails from eBay don’t contain adverts for burger
king!
3. Hotmail identity check – A new feature in hotmail now warns you
if a senderID could not be verified. Any spoof email will contain this warning.
(please note that recently I received a genuine email from eBay that contained
this warning, so don’t judge an email purely by this method)
4. PIN number – Any website asking for your PIN (personal identification
number) is a spoof. Do not enter your PIN number! If you have entered and submitted
your PIN then contact your bank immediately.
5. Popup boxes – Some spoof sites will include popup message boxes
like the one below. Genuine sites don’t use popup boxes telling you to enter
details.
6. False sense of urgency – Most spoof emails will make you think
that your account is at threat if you don’t act quickly. This is not the case.
7. eBay Messages – Any genuine email sent to you from eBay will also
appear in the “My Messages” section of eBay. To access your eBay messages,
login to ebay and click on “My eBay”. On the left hand side of the
screen you will see a “My Messages” link. Click on this; if the email
you received in your inbox isn’t listed there then it is a spoof email.
8. Ignore the email address – Ignore the email address that the email
was sent from. Almost all spoof emails will appear as if they are from a genuine
address. Some of the emails I receive are “from”:
service@paypal.com memberservices@paypal.com awconfirm@ebay.com safeharbour@ebay.com
operator_862736743@halifax.com
9. Download the eBay toolbar – The eBay toolbar is a great piece of
software that can be used to spot spoofs. As soon as you enter a spoof website
from eBay or PayPal the toolbar will give you a warning telling you that web
page is a spoof. The Ebay toolbar is FREE to download.
That`s the end of the article, thanks for reading! If you have any questions
or would like to make a comment on the article, as always feel free. I read
every comment that you post and do my very best to reply to them!
Free E-Books Collection Number 1
We all love Free e-Books! Here are some new e-Books created by friends of mine. If you have any comments on any of the e-Books feel free to post!
To download the e-Books click on the images below.
How To Spot Shill Bidding on eBay
Welcome once again to another of my eBay artilcles. This week I have decided to take a look at shill bidders and what you can do to spot them. Shill bidding is a major problem on eBay and can cost you a lot of money, chances are that you have already been a victim of shill bidding without you even know it!
Anyway enough chit chat, here is my latest article below:-
If you are a user of eBay then the chances are, that you have already come across the term “shill biddingâ€. Shill bidding, is bidding that is used to artificially inflate the price of a certain item. Shill bidding usually takes place when the seller of an item wishes to increase the price, or generate interest in the item. The seller would usually get a friend or family member to bid on the item in question so that it looks like the item is more popular than it actually is, sometimes the seller may also use a second eBay account to increase the price of the item.
Shill bidding is prohibited by eBay and rightfully so. In my time I have been the victim of a shill bidding eBay scam. I was bidding on a digital camera and was surprised to see the price increase dramatically every time I made a bid, each bid that I made was followed by a new bid from an eBay user without any feedback. I thought this was very strange so I contacted eBay, they confirmed to me that the seller was using a second account to increase the price of the item, in the hopes that I would keep bidding and be made to pay a higher price. The listing was pulled by eBay and the seller had both of their accounts suspended. I was lucky but unfortunately many others are not so fortunate.
Shill bidding is a huge problem on eBay and you may have already been a victim of this scam without even realising it! Hopefully after reading this guide you will be able to spot if a shill bidder is bidding on one of your auctions.
– – -/ / /- – –
Look out for my email next Thursday.
I have teamed up with Bold Business Talk Radio
to bring you an exlcusive deal on their latest product.
– – -/ / /- – –
The first step to take if you feel you have been a victim of shill bidding is to look at the “Bidders List†for the item that you are bidding on. Usually an account that is used for shill bidding will have very little, if any feedback. The account could even have been created within the last 30 days with the sole intention of shill bidding for the seller, you can see if the member is new as they will have a small orange icon next to their user ID.
You should also do some research into the sellers other sales. Look at the sellers other sales via their feedback profile and see if the shill bidder was bidding on those items as well. If the shill bidder was bidding then the chances are that the seller is using a second account, or the account of a friend to shill bid.
Finally, another favoured method to spot a shill bidder is to look at how much the bids are increasing by. Usually a shill bidder will only place a “Nibbler†bid, this is a bid that is only slightly higher than your bid but then puts the impetuous on you to bid on the item again. The shill bidder will keep on bidding until you stop, they will then retract their final bid leaving you to pay for the item at a higher price than you should have paid!
If you believe that you have been a victim of a shill bidding scam or think that an eBay member may be shill bidding then you need to contact eBay. You can contact eBay using the contact form on their site, if eBay finds that the user has indeed been shill bidding then the all of the accounts associated with the shill bidder will be suspended.
The End 🙂
I hope that you liked the article, I spent a couple of hours putting it altogether. It was definatly one of the hardest subjects for me to research but I hope I have given you some valuable information. Pick an easier subject for me next time 🙂
As always I will be reading the comments you leave and will do my best to reply to them all. So if you have any feelings (good or bad) for my newsletters please let me know!
Until next week,
Dan
My Pictures – 21st June 2006
I wasn`t planning on having a big pictures section but I really wanted too see how long Imageshack would store my pictures for. So this seems like as good a way as any!
These pictures were taken by me, today. As soon as I started snapping it started to rain so I only managed to get a couple of half decent pics!
Both of the snaps were taken in a top secret location in North Yorkshire, England. If anyone can guess where it is I may even give you a prize!
Why England have no chance of Winning the Wold Cup
I don`t just post about Internet Marketing and E-Books you know, i`m also a football (soccer for you yanks!) fan. Here are my views on England so far in this world cup.
As I sit here typing, we are just 8 hours away from Englands final group stage game against Sweden. England are already through to the knock out stages after struggling past two of the lesser teams in the competition – Trinidad & Tobago and Paraguay.
These two lesser teams have already been able to expose the weeknesses and the predictability of the England team. I hate to think what will happen if England (im English and support England by the way!) come up a half decent team.
Don`t get me wrong, I hope England do well but do I think it will happen – NOT A CHANCE!
This England team have been hyped up to the moon by the so called “experts in the know”, saying we have the best crop of players since we last won the competition in 1966……have they been watching the same group of players as the rest of us?
I am constantly hearing about how we have the best midfield in the world, but I can`t see one of those midfielders that has an ounce of creativity, well unless playing the long ball upto 2 5ft stikers counts 😉
-
Let`s take a closer look:
Beckham:
Arguably the best crosser of a ball in the world but is past his best. What pace he had is now gone, but he is still probably Englands best midfield player – a scary thought!
Gerrard:
I will get slated for this BUT what on earth is all the fuss about? When was the last time Gerrard had a decent game for England? And since when has Gerrard been on eof the best midfielders in the world. The amount of times he wastes a pass or gives the ball away is laughable, next time you watch England make a note everytime Gerrard gives the ball away, you will be surprised at how often it happens.
Lampard:
Out of the 2 I would start Lampard infront of Gerrard every time, he is much more of an all round midfielder and doesn`t waste the ball as much. However if we come up against a good, or even average team I feel they will be able to exploit his weeknesses, mainly his predictability – get the ball pass it over the top of the defence and hope Owen can catch the ball!
Cole:
Mr Over-rated himself! All tricks and no end product, granted Mourinho has made him into a better player than he was but he still doesn`t have that vision to unlock a defence with a single pass, and he isn`t a left sided midfield player.
The worrying thing for me is that these players honestly believe they are the best in the world, is it their fault for thinking this? I don`t think it is, I blame the media for all of the hype. I think they are so used to hearing how good they are in the papers they are starting to believe the hype.
If you were the Argentina manager (in my opinion the best team in the tournament) how many of the England squad would get in that team? – NONE
England are nothing more than an average football team in the same league as Sweeden, Portugal and the Czech`s. There is no way England can be mentioned in the same breath as Argentina, Brazil, Holland, Spain or dare I say it Germany!
Rant over, feel free to slate me 🙂