In desperate times, scammers pounce

Times Staff Writer

The economic meltdown is not devoid of economic opportunities. There’s one group of folks who might do just fine: scammers.

Security experts have spotted an increase in phishing, the scam that uses fake e-mails to get people to hand over personal financial information that could be used to drain bank accounts or for identity theft.

It was no surprise to Dave Marcus, director of security research at McAfee Inc., one of the largest computer security firms.

“Whatever is happening out there in the world, you will see scams that take advantage of that,” he said.


The banking crisis -- with its mergers and takeovers -- was tailor-made for phishing. It gives scammers the opportunity to send out e-mails claiming that personal account information is needed because of the changes.

McAfee began seeing phishing reports related to the crisis shortly after the well publicized failure and sale of Washington Mutual Bank in late September.

“Generally, if the issue is in the news on Monday morning, we’ll start seeing the phishing start on Monday evening or Tuesday,” Marcus said.

Even a bank deal that falls apart can generate phishing scams. This month, several security websites warned that an e-mail supposedly from Wachovia bank was being circulated.


“Citigroup announced a buyout of Wachovia brokered by the FDIC moments ago,” the e-mail said. Bank customers were directed to go to a site where they would fill in account information in preparation for the takeover.

But the Citigroup buyout never happened -- Wells Fargo instead made a deal to acquire Wachovia. And the e-mails were bogus.

Wachovia put a warning on its website, stating that it never sends e-mails asking customers to “provide, update or verify your personal, business, account or other confidential information.”

Phishing scams often begin with a spoofed e-mail that appears to come from a legitimate source.


In some cases, fraudsters exploit security loopholes to hijack a genuine e-mail address, making it appear that is where their messages are originating. Or they simply resort to using addresses that are close to the real thing.

Examples sited by security experts include misspellings that use a double “v” to simulate a “w,” as in the fake Also, the number “1" has been used as a stand-in for the letter “l,” as in

But in many cases, the scammers don’t even bother to make addresses look legitimate. They rely on alarming or alluring messages.

The text might say that if personal information isn’t immediately disclosed, the account will be frozen or shut down. Another variation is an urgent warning that an account is under attack by hackers and the information is needed to “verify” the true account holder.


Money is sometimes used as a lure. For the last couple of years, fake messages supposedly from the Internal Revenue Service have promised recipients a tax refund. But to deposit this windfall, the individual’s banking information is needed.

Some of the e-mails are laughably poor attempts at fooling the public. A recent one read, “Recommends banks to process Visa card to renew your data quickly before being delete your Visa card.”

It’s like spam from Yoda.

But a link on the e-mail led to a legitimate-looking Citibank Web page where banking information was requested. These simulated sites, which can be created using simple Web tools, are the second part of the phishing scam.


They can be so convincing that, in an academic study presented in 2006 at the Conference On Human Factors in Computer Systems, well-crafted phishing websites were able to fool 90% of participants.

Obviously, the public needs to be educated about phishing, which seemed to be the aim of an e-mail in wide circulation in England. It was addressed to customers of Barclays, one of the country’s largest banks.

“Like other UK based banks, we are currently seeing very large numbers of ‘phishing e-mails’ in circulation,” it said. “Many of these look as if they are from Barclays, typically encouraging you to click a link and type in your login details.”

The e-mail went on to explain how phishing works and requested, “please spend a few minutes to upgrade to our latest security.”


Then it gave the link to a website. And as you guessed, it was a phishing site, designed by scammers to get their hands on account information. The e-mail was a fake, but so polite.

At the very bottom it said, “We apologize for the inconvenience and thank you for your co-operation.”

You could almost hear them laughing, literally all the way to the bank.





No phishing


The banking crisis offers all too many opportunities for phishing -- fake e-mails sent by scammers trying to trick consumers into giving out personal financial information. Here’s advice on the scam from the Federal Trade Commission.

* Don’t reply to any e-mails asking for bank account, Social Security or other personal financial numbers. If you think the message might be legitimate, call the financial institution it supposedly came from and check.

* Don’t click on links in questionable e-mails.

* Go directly to bank websites when necessary -- don’t use Web addresses for these institutions that are not familiar.


* Review your bank statements, whether in print or online, regularly to check for unauthorized charges.

* If you think you’ve been scammed, visit the FTC’s website at for advice.

Source: Federal Trade Commission