Identity theft has been spreading at alarming proportions - and thieves continue to employ new schemes to obtain personal information about their victims. Their aim is to obtain names, addresses, Social Security numbers (SSN), bank or credit card account numbers without your knowledge, and use that information to commit crimes in your name.
One of the newest and fastest growing tools employed by identity thieves is called "phishing." Here is how it works. The con artist sends an email to consumers that looks like it originated from a legitimate source such as a bank, credit card company or brokerage firm. The message will ask you to confirm personal information about your account with the sender, and may even direct you to a website that looks completely genuine, right down to the logo, typeface and company colors. It may even include links to the real web pages of the broker, bank or credit card firm that supposedly has requested your information.
These phony e-mails suggest an "urgent" need for your personal information, sometimes claiming that your account will become inactive unless you confirm the required details. Recently they have adopted another clever ruse, saying that they need the detailed personal information in order to protect your account against identity theft.
But it is all a scam - and now it has captured the attention of the NASD as well as the Federal Trade Commission. Spam e-mails have begun to proliferate, "phishing" for personal information. According to one industry group, the spasm increased from 176 in January 2004 to 1,197 in May 2004. See www.antiphishing.org.
The NASD is warning investors to be on the lookout for these scams, as well as other devices used by Internet con artists to obtain valuable personal data. According to the NASD, some of these scamsters have been copying brokerage firm web sites - creating phony web sites that misappropriate the name or web site content of legitimate brokerage firms to solicit business from unwary investors.
The NASD also warns investors to be wary of other online identity theft scams, such as Trojan Horses - malicious software programs that hide in files attached to an email or that you download from the Internet. Trojan Horses used in identity theft scams often take the form of "keystroke loggers" - programs that log the keystrokes the investor types, allowing criminals to find the investor's user names and passwords and giving them access to the investor's online accounts.
The NASD offers the following tips to help investors guard against identity theft:
1. Beware of e-mail requesting personal information. Never reply to an unsolicited email that asks for your credit card, bank or brokerage account information, passwords or PINs, social security number, or other types of confidential information, even if it looks like the email comes from a financial institution with which you do business. Instead, contact the bank or brokerage firm directly, using the telephone number that appears on your monthly bill, and inquire about the request.
2. Leave suspicious Web sites. If you think a Web site is not legitimate, leave it immediately and close your browser.
3. Keep your personal and financial information secure online. To protect the security and integrity of information on your computer you should take the following precautions:
One of the newest and fastest growing tools employed by identity thieves is called "phishing." Here is how it works. The con artist sends an email to consumers that looks like it originated from a legitimate source such as a bank, credit card company or brokerage firm. The message will ask you to confirm personal information about your account with the sender, and may even direct you to a website that looks completely genuine, right down to the logo, typeface and company colors. It may even include links to the real web pages of the broker, bank or credit card firm that supposedly has requested your information.
These phony e-mails suggest an "urgent" need for your personal information, sometimes claiming that your account will become inactive unless you confirm the required details. Recently they have adopted another clever ruse, saying that they need the detailed personal information in order to protect your account against identity theft.
But it is all a scam - and now it has captured the attention of the NASD as well as the Federal Trade Commission. Spam e-mails have begun to proliferate, "phishing" for personal information. According to one industry group, the spasm increased from 176 in January 2004 to 1,197 in May 2004. See www.antiphishing.org.
The NASD is warning investors to be on the lookout for these scams, as well as other devices used by Internet con artists to obtain valuable personal data. According to the NASD, some of these scamsters have been copying brokerage firm web sites - creating phony web sites that misappropriate the name or web site content of legitimate brokerage firms to solicit business from unwary investors.
The NASD also warns investors to be wary of other online identity theft scams, such as Trojan Horses - malicious software programs that hide in files attached to an email or that you download from the Internet. Trojan Horses used in identity theft scams often take the form of "keystroke loggers" - programs that log the keystrokes the investor types, allowing criminals to find the investor's user names and passwords and giving them access to the investor's online accounts.
The NASD offers the following tips to help investors guard against identity theft:
1. Beware of e-mail requesting personal information. Never reply to an unsolicited email that asks for your credit card, bank or brokerage account information, passwords or PINs, social security number, or other types of confidential information, even if it looks like the email comes from a financial institution with which you do business. Instead, contact the bank or brokerage firm directly, using the telephone number that appears on your monthly bill, and inquire about the request.
2. Leave suspicious Web sites. If you think a Web site is not legitimate, leave it immediately and close your browser.
3. Keep your personal and financial information secure online. To protect the security and integrity of information on your computer you should take the following precautions:
- Download the latest security patches for your system;
- Install anti-virus and spyware detection software and update those programs frequently;
- Install a personal firewall software to ward off intruders;
- Never download software or files from an unknown source;
- Change your passwords on a regular basis. Never send your password to anyone in an e-mail;
- Never e-mailing personal or financial information;
- Review the online security policies of your bank and brokerage firm;
- Before submitting personal or financial information through a Web site, look for the locked padlock image on your browser's status bar or look for "https://" [note the "s"] at the beginning of the Internet address. While a padlock image and "https://" does not mean that the Web site is authentic or secure, the absence of either the padlock or the https:// does mean that the site is not secure;
- Log off of any secure legitimate Web site after completing a transaction.
4. Know who you are doing business with. Before you open an account with a brokerage firm, check with the NASD at NASD BrokerCheck to make sure the brokerage firm and broker are properly registered.
5. Order a copy of your credit report. This should be done at least once a year - and more often if you have been a victim of identity theft. You can obtain a copy of your credit report from Equifax (800) 685-1111, Experian (888) 397-3742, and Trans-Union (800)888-4213.
6. Review your account statements. Review all online accounts regularly, checking for unauthorized transactions or withdrawals. Then check your monthly statements for the same information when they arrive in the mail.
7. Act quickly if you believe you've been scammed. If you believe that you have been a victim of Internet identity theft contact the appropriate regulator immediately. If your identity has been stolen contact the Federal Trade Commission's Identity Theft Web site for detailed instructions. If you have been victimized by brokerage firm identity theft, contact- NASD, the Securities and Exchange Commission or your state securities regulator.
The complete text of NASD's advisory can be viewed at http://www.nasd.com/Investor/Alerts/alert_hacker.htm.
IF YOU HAVE QUESTIONS OR COMMENTS FOR STOCKPATROL.COM, CONTACT US AT editor@stockpatrol.com
5. Order a copy of your credit report. This should be done at least once a year - and more often if you have been a victim of identity theft. You can obtain a copy of your credit report from Equifax (800) 685-1111, Experian (888) 397-3742, and Trans-Union (800)888-4213.
6. Review your account statements. Review all online accounts regularly, checking for unauthorized transactions or withdrawals. Then check your monthly statements for the same information when they arrive in the mail.
7. Act quickly if you believe you've been scammed. If you believe that you have been a victim of Internet identity theft contact the appropriate regulator immediately. If your identity has been stolen contact the Federal Trade Commission's Identity Theft Web site for detailed instructions. If you have been victimized by brokerage firm identity theft, contact- NASD, the Securities and Exchange Commission or your state securities regulator.
The complete text of NASD's advisory can be viewed at http://www.nasd.com/Investor/Alerts/alert_hacker.htm.
IF YOU HAVE QUESTIONS OR COMMENTS FOR STOCKPATROL.COM, CONTACT US AT editor@stockpatrol.com
0 comments:
Post a Comment