Phishing warning
November 5, 2008 – 6:17 pmWe are seeing more reports from customers about “phishing” emails. These are attempts to steal personal information by misleading you into replying with sensitive personal or banking data.
One type of message claims to be from Sonic.net itself, and says something along the lines of:
> We are currently carrying-out a maintenance process to your sonic.net
> account to fight against SPAM MAILS,to complete this process and if
> you are the rightful owner of this account you required to reply with
> below information of your email
>
> User Name here:(**********)
> Password here(**********)
I love it. Well written stuff, “you required to reply”! Another example:
> We are currently upgrading our data base and e-mail
> account center. We are canceling unused web mail email
> account to create more space for new accounts.
>
> To prevent your account from closing you will have to update
> it below to know it’s status as a currently used account.
>
> CONFIRM YOUR EMAIL IDENTITY BELOW
> Email Username :
> Email Password :
> Date of Birth :
It’s funny in a way, they say “to create more space”, like “it’s getting crowded over here on the Internet, sorry, we’ve got to delete you to make more room in the tubes!”
Another message attempts to create credibility via a signature line, “COMFIRMATION CODE: Sonic.net-/93-1A388-480 Technical Support Team. Another, “Sonic Support/Maintainance Team TSR. I am not sure what a “Team TSR” is, but if we meet them, I can assure you the real Sonic.net staff will beat them soundly at a game of Street Fighter.
The point is, there is an urgent call to action that is totally contrived, but which is intended to get people to react.
They are simply trying to fool customers into providing sensitive information. When these phishing emails arrive, we react and block them, and we block the reply address so any responses customers might send do not make it back to the phish’s sender, but it’s an ongoing and reactive process.
Please, don’t be fooled. Sonic.net will never ask for your password. We will not ever email and ask for it, and we will not call you and ask for it. (BTW, when these type of things are done over the phone, it’s called “social engineering”, as opposed to email, where it’s called “phishing”. Either way, think before you respond!)
The senders are hoping to gain access to your email box. They would presumably then use this to attempt to gain access to online banking and other sensitive resources. Always use a strong password for your email, and never give it to anyone under any circumstances.
Phishing is a growing problem on the Internet, with criminals engaging in all sorts of ruses in an attempt to steal personal and banking information. The Department of Justice advises email users to “stop, look and call” if they receive a suspicious email.
- Stop: Resist the urge to immediately respond to a suspicious email – and to provide the information requested – despite urgent or exaggerated claims.
- Look: Read the text of the email several times and ask yourself why the information requested would really be needed.
- Call: Telephone the organization identified, using a number that you know to be legitimate.
If you have been “phished”, and believe that you have provided sensitive information about yourself through a phishing scam, you should:
- Contact the business or financial institution affected.
- Contact the three major credit bureaus and request that a fraud alert be placed on your credit report. The credit bureaus and phone numbers are: Equifax, 1-800-525-6285; Experian, 1-888-397-3742; and TransUnion, 1-800-680-7289.
- File a complaint with the Federal Trade Commission at www.ftc.gov or 1-877-382-4357.
Consumers should never provide their personal information in response to an unsolicited telephone call, fax, letter, email or Internet advertisement. Don’t get hooked by fraudulent phishing attempts!
To learn more about phishing, see the Wikipedia phishing page.
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=897c1025-4958-4e30-84ec-760a111d69c4)
10 Responses to “Phishing warning”
This is an ongoing issue that is starting hit home for Sonic users.
It is very important that users do not open their information to anyone over the internet without having some understanding of security steps and procedures used to protect that information.
Also, if anyone has heard about or has information leading to the location of phishing implementers, send that information to the FTC.
Maybe Sonic can also get that information so we can enjoy a StreetFighter smackdown of justice.
By Tim Preston on Nov 6, 2008
Should we Forward these emails to you (Sonic)?
By Terry Sneller on Nov 6, 2008
Yup, Terry, if you see any, forward to support@sonic.net and they’ll blackhole the reply-to address. If you can forward with full headers, that helps a lot. Thanks!
-Dane
By Dane Jasper on Nov 6, 2008
I work as an IT consultant at a CSU, and we see this a lot, too.
When a crowd this big gets phished, and a few respond, a gazillion spams are immediately sent from the compromised account in our domain, an .edu address.
That can cause hotmail, msn, and other service providers to blacklist the entire campus domain for several days. Let’s keep those passwords to ourselves.
Never send your password by email. Those are your credentials. The “I forgot my password” button on websites too often emails a password to you, or to someone with your password.
And keep up the good work, sonic. Your response is thoughtful and well written.
-Chris
(Happy with Sonic.net since 1995)
By Chris Hansen on Nov 6, 2008
Turn these scumbags in. I use spamcop.net. Do not click on anything in the body of the message. Practice safe computing.
By tony on Nov 6, 2008
As Dane said I’ve actually sent a couple that got through back with headers. Funny, they never showed up after that. Thanks Sonic!
By Don W. on Nov 6, 2008
Whenever I see a return address or name I do not recognize, I delete it immediately, without opening. I’ve noticed that when I roll my cursor over the e-mails in my inbox, the first few lines of the message are shown. I hope this does not mean that the message is opened, or that any viruses, phishes, Trojan Horses, or anything else is “gifted” to me. I’m very careful about the e-mails I open. If it happens that I delete something I shouldn’t have, well, if it’s important, someone will send it again. If not, I don’t think I wanted to see it anyway.
By Sam on Nov 6, 2008
Yes, our Street Fighter foo is strong!
By John Kerr on Nov 11, 2008
received just the e-mail you wrote about. I was kind of suprised it didn’t get picked up in the graymail filter as it wa in my inbox Monday. No – I didn’t and don’t ever respond to these SA requests.
Thanks
By Michael Reeser on Nov 19, 2008
At home, I’ve received numerous e-mails from someone or some place in Africa telling me that I’d won $2,000,000. All I had to do was provide them with was a lot of my personal information. The e-mail’s always sent by a different person. Then what they wanted me to believe is that the check was coming by FedEx and that I had to provide them (FedEx)with all my personal info before it could be delivered. I don’t even open these anymore. They go to the trash can just as soon as I can. However, at first I wasn’t paying attention until I got into reading the body of the e-mail and figured out what a scam it was. I wonder if anyone else has been receiving these e-mails.
By Sande on Dec 16, 2008