Welcome to MyCoolSchool.ca

Help Files and Tutorials for Computer Users

Gone Phishing?

One of the characteristics of the Internet, as we know, is that it provides a perceived level of anonymity and detachment from the outside world. As we sit in front of our computer monitors, we have the ability to surreptitiously reach out to the whole world - the best, and the worst of it, to gather what we want. Unfortunately, so too can the world reach back to us, and there are those out there that try any angle and tactic to get what they want from us. Often, it's money. Well... the joke's on them! I don't have any!

E-mail Scams - cont'd

E-mail nuisances have been appearing in a variety of forms, including spam, phishing, pharming, and spyware.

Spam: unsolicited e-mail
Phishing: attempts to acquire sensitive information, (passwords, account numbers, etc.)
Pharming: re-directing website's traffic to a another websites (often one under the spammer's control)
Spyware: software that is deceptively installed on a users computer to gather information

I received an e-mail today from what first appeared to be a bank, Capital One, indicating that I had a message. In order to view the message I would have to log on to my account. I don't have a Capital One account, so it was immediately obvious to me that it was not legitimate. However, there are millions that do have Capital One accounts, so it's not unlikely that some recipients would believe that the message actually came from Capital One. Capital One is certainly not the only financial institution being targeted. If you do a search on "email bank fraud" you will see almost every major bank represented. My advice, if you receive an e-mail from what appears to be your bank, is to contact your bank and any other relevant reporting agency. If you want to minimize your doubts first, you can do the following:

This is an image of my e-mail:

This is the page you are taken to:

Some of the "links" are just images, possibly copied from the real website. Some of the links open up the following message box:

Ironically, the Verisign security link and the "Enroll Now" link actually work - probably an attempt to build confidence. The User Name and Password boxes seem to work!

Here is the Real Capital One site:

So, what do you do if you think you're being scammed?

There are several software programs available that allow you to track down the source of the e-mail - not what it says in the 'From' line, but the original sever I. P. address. I. P. addresses are unique to a machine. Some are dedicated to specific computers, but many are assigned for a specific period of time when a computer user logs on to the Internet. In any event, you can trace to the Internet service provider, and they will always know who has been assigned a particular number.

If you do a search for "email tracking software" or "spam tracking software" you will find a variety of programs that will allow you to track down the source of the unwanted e-mail. Below is a screen shot from a program called eMailTrackerPro. The program tracked the bogus website's Internet Service Provider to an I. P. address in Baltimore, Maryland.

A further function of the software comes up with the Domain Name holder. Either of these sources should be able to take you the name of the person who sent the message.

Back to the real Capital One site:

The above link can be found on the "Contact Us" page of the real Capital One website. I forwarded the scam email to the Real Capital One.

Just for interest's sake, do a search for email bank fraud, and see how prevalent the problem is. Hopefully, this will be the only way to have to find this out.

Back to Home Page