Thursday, November 19, 2009

How to identify a phishing scam

An experienced patron who has had an email account for over a decade told me the other day that he'd received an email asking him to "verify" his account. He had created an "anonymous" account--not given his full name--and the message said that the service was purging these to make room for new accounts. I said to him, "You didn't answer it, did you?" and he said "Yes, I did." So he showed me the message, which asked for his password and his birth date. I had him change his password and his security question and answer, but the damage was already done, I'm sure. "They" now have his birth date and the contents of his address book--more people to phish. I asked him to call Equifax and put a three-month freeze on new credit accounts opened in his name, and I think he did do that.

http://howto.wired.com/wiki/Identify_a_Phishing_Scam

No comments:

Post a Comment