Ultra Sales Secrets Newsletter - In This Issue: Identity Theft - Defending Against Internet & Em


by Chris McKay - Date: 2006-11-17 - Word Count: 1362 Share This!

------------------------------------------------------------
Ultra Sales Secrets Newsletter
Feel free to forward our newsletter to friends & colleagues,
provided all content is unchanged, whole, and unedited.
To subscribe, visit our site!
------------------------------------------------------------

In a previous issue, we discussed ways in which to protect
ourselves from fraudulent business offers, cons, and "grifts",
as well as how to recognise when you are being conned.

In this issue, we will be dealing with a much more insidious and
frightening threat. Identity theft.

Why is it that we say this threat is more frightening than a case
of simple fraud? Well, most cases of fraud are quick "hit and
run" schemes that will result in a loss of several hundred or
even thousand dollars, after which the perpetrators typically
disappear with your money and are never heard from again.

In cases of identity theft, though, the perpetrator doesn't just
go away. They continue to plague you. If fact, they continue to
BE you, by stealing access to your bank accounts, PayPal account,
Clickbank, Forex, or any other financial resource you can access,
especially the ones you can access online. And once they've taken
control of these resources, it can be incredibly difficult to rid
yourself of the perpetrator. In fact, just trying to convince angry
creditors that you ARE YOU, and they are not, can be very time
consuming and difficult.

Additionally, some victims never even realise they've become a
victim of identity theft until one day their credit has been revoked
for some debt their doppleganger has run up, or for back taxes that
haven't been paid for years. This can obviously be devastating.


The Latest Generation
---------------------

The newest threat comes via the same route as so many others do
these days - email. This has been termed "phishing". Phishing is
any attempt to gather your login and password for illegal
financial or personal gain through electronic means. Once this
information has been gained, they may easily gain access to your
financial accounts.

Here is a serious point that MUST be mentioned: If a criminal can
gain access to one financial institution, they may gain access to ANY
INSTITUTION THAT IT INTERACTS WITH.

Let's examine just ONE potential avenue of attack: PayPal
accounts. First, let me state that PayPal is incredibly diligent
in protecting their clients, as are all institutions of a similar nature.
Paypal is extremely secure under most circumstances, and this
example does not imply that their security is weak. I personally
have a PayPal account, and trust their system implicitly.

To continue with our example...

For instance, if you have your PayPal account compromised by a
person phishing you for your login and password, then they have
access to not only your Paypal account, but to any credit cards
or bank accounts associated with your PayPal account.

In other words, if you are an online vendor, and you have money
accrued in your Paypal account, a successful scam to obtain your
login information will not only yield the positive balance in
your Paypal account, but they may also debit your bank account
and credit cards. This allows them to completely drain all three
resources, and send the funds to their own account.

An efficient defrauder who has the appropriate tools can send out
hundreds of thousands of fake emails PER MINUTE. Millions
per hour.

Even if they use a highly inefficient to collect data, they may hit
upon an incredible number of valid email account names, typically
from the major free email providers.

With good tools and a bit of know-how, this will be pretty much
undetectable by their ISP.

Now the attacker has (a) sent out millions of fake emails, and
(b) created a list of valid email addresses that he can use for
attacks, ie, potential victims.

If the attacker even a 2% response rate will yield THOUSANDS
of successful phishes. All those logins and passwords will be
saved for future reference.

Finally, over the course of a short period, say 2 or 3 nights,
the thief will act. If two or three people work together, as is
common, they can take the funds from probably in excess of
a thousand victims per hour.

The email list they've made can be used again and again to get
anybody they may have missed in the previous run.

Feel safe yet?

Fortunately, this magnitude of theft is rare. More often than not
the thief is either less capable, or is content with a much less
ambitious attack.

Still, if you're the one they hit, it still stings just as much.


Am I At Risk?
-------------

As usual, those who have a website or business online are the
highest risk - if they accept Paypal, Clickbank, or whatever,
the perpetrators can easily tell simply by creating a transaction
through your website. They needn't complete the transaction,
either. Long before it's complete, they can tell what the ID is
of the business using the financial service in question.

For that matter, a lot of site owners have their ID visibly
coded into their buttons and links. It's easy to obtain your
account ID if that's the case.

Eventually, you will receive emails saying things like "We
suspect an unauthorized transaction on your account. To ensure
that your account is not compromised, please click the link
below and confirm your identity." Or perhaps, "During our regular
verification of accounts, we couldn't verify your information.
Please click here to update and verify your information."

Often you are told that they have detected abnormal account
activity, or that your account has been accessed from somewhere
overseas. I've gotten one that said someone in France had tried
to access my account.

The frightening thing is that these emails are ALMOST impossible
to distinguish from a genuine email from that company, because
the criminals in question have taken great pains to duplicate
the exact format these companies use for their messages,
including logos and nearly identical web addresses. Holding your
mouse over the links will even show a mouseover box with the
real company's web address, adding to the authenticity of the
lie.

So, if you receive a comminuque from your payment processor or
banking institution, how should you proceed?


Is This Email For Real?
-----------------------

Firstly, none of the real banking institutions or payment
processors will EVER, EVER, EVER ask you to click a link to log
into your account, or ask you to enter you user name and password
via either EMAIL OR PHONE. Anyone who does is NOT the genuine
article.

DO NOT EVER CLICK ON A LINK THAT HAS BEEN PRESENTED
TO YOU ASKING YOU TO LOG INTO YOUR BANK, CREDIT
CARD COMPANY, OR PAYMENT PROCESSOR WEBSITE.

All such links are an attempt to steal your login and password.

Secondly, the emails will typically use either just your first
name or your email address in their salutation, since this is
normally all the information they can get about you. Sometimes
they will use your business name.

Banks and other institutions will identify themselves to you and
greet you by your complete, full name. This aids you in
identifying them as genuine.

WARNING: This does not always work, since some people make the
mistake of posting their full name on their website in the same
format as it appears on the statements from their financial
institutions. That means it's now public domain, and the person
trying to trick you may now have access to your full name, which
they will then use to aid in looking more genuine.

Thirdly, most payment processors have an address you can forward
emails to in order to verify their authenticity. If you receive
a questionable email, forward it to this address in order to let
your institution know that you've received it, and to verify
whether it's genuine.

What If I Receive Such An Email?
--------------------------------

First, if you've received such an email, do NOT click the link.

Secondly, forward the email to spam@uce.gov, and also to the
company, bank, or financial institution that the con artist has
attempted to impersonate. For example, spam@paypal.com

Thirdly, delete the email without any delay.


What If I've Already Become A Victim???
---------------------------------------

Unfortunately, sometimes information doesn't arrive in time, or
a new form of attack is developed befroe the word can get out.
Every year, thousands of people are still victimised by identity
thieves, and their livelihood or bank accounts are compromised.

What should you do if you suspect you've become another victim of
this form of theft?

According to the FTC, the following steps should be your
imediate response:

- Placing Fraud Alerts on Your Credit Report
- Closing Accounts
- Filing a Police Report
- Filing a Complaint with the Federal Trade Commission
Filing An Identity Theft Report

You can find details about how to perform each of these steps by
visiting the FTC site, by subscribing to our newsletter, or visiting our
website.

Until our next issue,
Chris McKay, Editor.

----------
If you have questions, comments or suggestions for our
newsletter, please send them to editor@ultrasales.org

You can subscribe to our newsletter by

Clicking HERE To Visit Our Homepage!.

Related Tags: identity theft, marketing, mlm, network marketing, free advertising, online marketing, fraud, identity fraud, phishing, business marketing, free marketing, email fraud, internet fraud, cons, theft protection, email attack, con artists, mlm marketing

Your Article Search Directory : Find in Articles

© The article above is copyrighted by it's author. You're allowed to distribute this work according to the Creative Commons Attribution-NoDerivs license.
 

Recent articles in this category:



Most viewed articles in this category: