MISSISSIPPI (WDAM) - Attorney General Jim Hood advises internet users, particularly customers of websites PayPal and Amazon, about the possibility they could be targets of scammers intending to gather sensitive personal information or infect computers with viruses.
"These online services and businesses make it easy for consumers to shop and pay for items online, but there are people out there who want to use this convenience as a way to steal your money, or even worse, your identity," Hood said.
One such scam involves an email with a link alerting the receiver that his or her PayPal account has been limited for security reasons.
If a consumer follows the link and submits his or her PayPal log in information to that site, the scammer can steal that information. The scammer can then log in to the consumer's legitimate PayPal account to spend any remaining funds, bill credit cards or steal personal information. The link provided in the email directs consumers an insecure spoof PayPal website that even misspells the word PayPal.
Other phishing emails targeting Amazon customers can be an attempt to steal personal information or install malicious software to the user's computer.
These emails show up in various forms: an order confirmation for items customers didn't purchase (can also be an attachment to an order confirmation); a request for username and/or password or for other personal information; a request to update payment information; a message with links to fake websites that look like Amazon but actually prompt the installation of software. These fraudulent emails frequently contain a forged email address from an Internet Service Provider and usually contain many typographical or grammatical errors.
Hood recommends that consumers who have PayPal or Amazon accounts and receive similar emails not click on any links or submit any usernames, passwords or personal information via email. Instead, go to the companies' actual websites and use the sites' secure log in to verify any account activity.
"Although these scams have been around for quite some time, they continue to try to lure victims," Hood said. "I encourage consumers to protect themselves from fraud and identity theft on the internet through education and awareness."
He offered these tips to help protect against phishing emails:
- Do not respond to any unsolicited e-mails of this nature.
- Do not click on any attachments associated with such emails, as they may contain viruses or malware.
- If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message. Legitimate companies don’t ask for this information via email.
- If you are concerned about your account, contact the organization in the email using a telephone number you know to be genuine, or open a new internet browser session and type in the company’s correct web address. Do not cut and paste the link in the message.
- Do not email personal or financial information. Email is not a secure method of transmitting personal information.
- If you initiate a transaction and want to provide your personal or financial information through an organization’s web site, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”).
- Use anti-virus software and keep your computer security up to date. Some phishing emails contain software that can harm your computer or track your activities on the internet without your knowledge. Anti-virus software and a firewall can protect you from inadvertently accepting such unwanted files.