Attorney General Jim Hood today warned Internet users, particularly customers of websites PayPal and Amazon, about the possibility they could be targets of scammers intending to gather sensitive personal information or infect computers with viruses.
“These online services and businesses make it easy for consumers to shop and pay for items online, but there are people out there who want to use this convenience as a way to steal your money, or even worse, your identity,” Attorney General Hood said.
One such scam that has surfaced in recent weeks involves an email with a link alerting the receiver that his or her PayPal account has been limited for security reasons. If a consumer clicks the link contained in the email and submits his or her PayPal username and password to that site, the scammer can steal the consumer’s log-in information. The scammer can then log in to the consumer’s legitimate PayPal account to spend any remaining funds, bill credit cards or steal personal information. The link provided in the email directs consumers to the spoof PayPal website, which is not secure. It even misspells the word ‘PayPal’.
Other phishing emails that are sent by scammers targeting Amazon customers can be an attempt to steal personal information or install malicious software to the user’s computer. These emails, which look like they are coming from Amazon, show up in various forms: an order confirmation for items customers didn’t purchase (can also be an attachment to an order confirmation); a request for username and/or password or for other personal information; a request to update payment information; a message with links to fake websites that look like Amazon.com but actually prompt the installation of software. These fraudulent emails frequently contain a forged email address from an Internet Service Provider and usually contain many typographical or grammatical errors.
Attorney General Hood recommends that consumers who have PayPal or Amazon accounts and receive similar emails not click on any links or submit any usernames, passwords or personal information via email. Instead, go to the companies’ actual websites and use the sites’ secure login to verify any account activity.
“Although these scams have been around for quite some time, they continue to try to lure victims,” Attorney General Hood said. “I encourage consumers to protect themselves from fraud and identity theft on the internet through education and awareness.”
Attorney General Hood offers these tips to help protect against phishing emails:
Do not respond to any unsolicited e-mails of this nature.
Do not click on any attachments associated with such emails, as they may contain viruses or malware.
If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email.
If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address. In any case, don’t cut and paste the link in the message.
Don’t email personal or financial information. Email is not a secure method of transmitting personal information.
If you initiate a transaction and want to provide your personal or financial information through an organization’s Web site, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”).
Use anti-virus software and keep your computer security up to date. Some phishing emails contain software that can harm your computer or track your activities on the Internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files.