Financial Institution Scams & Hoaxes (FISH)

Along the same line as the unsolicited update scam is "phishing" -- that is trying to get you to divulge your financial information to unscrupulous parties posing as legitimate businesses or financial institutions.

Financial institutions and other businesses will not ask you for security information over the Internet.

The scammers pose as legitimate business and offer the guise of a software upgrade or a "reconfirmation" of your account information. They claim if you don't participate, you will lose your ability to use their services on line. If you click on the link you are asked to confirm your account information.

If you get one of these scams, forward it to spam@uce.gov.

If you've fallen into a trap, and you have been scammed. File a complaint at www.ftc.gov and then visit the FTC's website at www.consumer.gov/idtheft/ to learn how to limit the damage of ID theft.

Below are a couple of e-mails I received recently.

The first came from someone claiming to be SunTrust.

Clicking on the link yielded the following screen.

Aside from being so blatant, this screen is also rather amateurish. Checking the URL in the browser's address line shows the following:

There are two things to note here. Although the scammer was good enough to fake a URL, he couldn't fake the SunTrust URL. Also note that this is a regular http instead of a https. Secure sites have an "s" on the end. Another giveaway happened when I tried to click on the fine print on the lower left side of the screen. This link works on the SunTrust site. All this means is the scammer wasn't thorough enough to get all the links right. Bad links are another giveaway on scamed sites.

The final indicator that this was an unsecured site was the lack of the security "lock" on the lower right of the screen:

The other scam was from a scammer claiming to be Regions Bank

The interesting thing about this scammer is that he's really good. I placed the mouse over the link without depressing it. This technique is called "hovering" and it will tell you where the link will really take you if you click on it. Well, mostly. When I hovered over this link I saw:

The scammer was able to spoof hovering into thinking that clicking on this link would really take you to the indicated URL. Clicking on the link brought you to:

The numbers are an IP address. Anytime you see an IP address, it is a sure sign that the URL is temporary, and most likely not a legitimate business. Anyone can tap onto the Internet using an IP address.

Scammers are getting better all the time. As you see, they can spoof what looks like a normal URL even if it isn't the one for the institution the claim to be. They can spoof hovering, and it would not surprise me if they couldn't spoof being an https and display the security lock.

The only protection against this kind of hoax is common sense. Your bank or ebay, or anyone else you have an account with will not ask for login names, PINs, and account numbers over the Internet. If you have any reason to suspect that there is some sort of problem with your Internet account, call the company and ask.