Common methods used to steal your identity


Explanation

When personal documents and mail are thrown in the trash, they become an easy target for dumpster divers.

Email scam letters purporting to be from banks or financial services, such as PayPal or eBay are "phishing" for personal information by having you click on a link to update your personal information.

CAUTION: Be aware of your surroundings as thieves will use picture phones to snap photos of your credit card information while you are shopping.

EXAMPLE:

Emails from people trying to infect your system and steal your friends' email addresses for spam

  • Pictures of Osama bin Laden hanging or Arnold Schwarzenegger's suicide note
    • Name: Hackarmy
    • The bait: An email or news article claiming to offer you copies of pictures of Osama bin Laden being hanged. A second form comes claiming to have a suicide note from Arnold Schwarzenegger.
    • Infection method: You click on a link that downloads a zip file. You execute the file thinking you will see the pictures.
    • What it does: Gives attackers remote control of your computer so they can use it in attacks on other people, or harvest email names for spam.
    • Detailed information: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.hacarmy.d.html

Email from your system administrator or other familiar sender that says your email could not be delivered, or some similar statement

  • Name: Mydoom-O
  • The bait: An email from your mail or system administrator or other familiar sender with any one of the following subjects:
    • (1) say helo to my litl friend
    • (2) click me baby
    • (3) one more time
    • (4) hello
    • (5)error
    • (6) status
    • (7) test
    • (8) report, delivery failed
    • (9) Message could not be delivered
    • (10) Mail System Error - Returned Mail
    • (11) Delivery reports about your e-mail
    • (12) Returned mail: see transcript for details
    • (13) Returned mail: Data format error. Each has an attachment.
  • Infection method: You download and open the attachment.
  • What it does: It steals all email addresses from you to be sold to spammers, spreads to other sites from your machine. It also uses your system to send requests to search engines like Google to look for more email addresses.
  • Detailed information: http://securityresponse.symantec.com/avcenter/venc/data/w32.mydoom.m@mm.html

Email with subject "Against!" or "Revenge"

  • Name: Atak-C
  • The bait: An email that arrives with the subject "Attack!" or "Revenge" and a zipped attachment
  • Infection method: You download and open the attachment.
  • What it does: It steals all email addresses from you to be sold to spammers.
  • Detailed information: http://www.sophos.com/virusinfo/analyses/w32atakc.html

Email with subject "Re_" and body with "animals" or "foto" or other subjects

  • Name: Beagle
  • The bait: An email that arrives subject "Re_" and with an attachment.
  • Infection method: You download and open the attachment.
  • What it does: It disables antivirus and other important software, mass mails itself to others, steals email addresses from throughout your files, gives attacker remote control of your computer to use to attack other systems.
  • Detailed information: http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=39641

Phishing emails from people trying to steal your identity and your money

Wells Fargo Customer Support
  • The bait: An email coming from Wells Fargo asking you to confirm your ATM PIN.
  • The scam: You click on a link and tell them personal information and credit card or debit card data.
Update Your Billing Information (from eBay)
  • The bait: An email coming from eBay saying the company has "detected a slight error in your billing information" and saying that you must fix it within 48¬†hours to continue to buy or sell on eBay.
  • The scam: You click on a link and tell them your eBay and PayPal username and password, and your credit/debit card information
Your account at eBay has been suspended
  • The bait: An email coming from eBay saying your account has been suspended and "We had to block your eBay account"
  • The scam: You click on a link and tell them your eBay and PayPal username and password, and your credit/debit card information
Your account at Wells Fargo has been suspended
  • The bait: An email coming from eBay saying your account has been suspended and "Your account has been compromised by outside parties."
  • The scam: You click on a link and tell them your username, password, and credit card information
Notification of US Bank Internet Banking
  • The bait: An email coming from US Bank saying, "as a preventative measure, we have temporarily limited access to some features"
  • The scam: You click on a link and tell them username, password, credit card data or debit card data.
Attn: Citibank Update
  • The bait: "Click here" link in an email that seems to come from Citibank.
  • The scam: You click on a link and tell them personal information and credit card or debit card data.
Confirm AOL Billing Info
  • The bait: An email coming from AOL saying your billing information is out of date and asking you to "spend several minutes and update your billing records"
  • The scam: You click on a link and tell them personal information and credit card or debit card data.
  • Visit the Anti-Phishing Working Group¬†(APWG) website at http://www.antiphishing.org.

Emails from people trying to fool you into damaging your computer

Subject: "jdbg" Virus: how to detect and remove
  • jdbg Hoax
  • The bait: An email telling you about a virus and how to remove it.

EXAMPLE:

NOTE: This information was provided by the SANS Institute.