Consumer Payment Card News

Hack Phish

The recent news that a credit card processor may have compromised as many as 40 million credit card accounts created a gold mine for phishers. Within 24 hours of the news fraudsters began sending out phony account notices. MasterCard issued a press release late Friday afternoon detailing the scope of the fraud and by Saturday afternoon Web users were bombarded with emails from phishing gangs moving to exploit the vulnerabilities using the MasterCard brand. San Jose-based Secure Computing Corporation captured one of the first as follows:
Dear User,
During our regular update and verification of the accounts, we couldn’t verify your current information. Either your information has changed or it is incomplete. If the account information is not updated to current information within 5 days then, your access will be restricted. Go to this link below or copy and paste it on your address tool bar.

MasterCard offers these suggestions to safeguard against phishing:

– Be wary of phishing e-mail. Banks do not contact customers to ask them to provide sensitive information such as passwords and PINs online. Look for indications such as spelling and grammatical errors that expose the e-mail as being not genuine.

– Do not click hastily on links appearing in incoming e-mails and provide payment card or other personal information. Make it a practice to connect to an institution’s Web site only by directly typing the institution’s valid Web address into the Web browser.

– Notify your bank and local law enforcement authorities promptly by forwarding suspicious phishing-type e-mails. This action will help shut down the fake Web site and to take action against the criminals.

– Monitor the transactions appearing on your statements, and quickly report suspicious transactions to your bank.

– Change passwords and PINs periodically.

– Install anti-spam and firewall software on your personal computer to stop receiving spam and to prevent unauthorized access.

– Turn off your computer when not in use, to avoid criminals gaining access and misusing it for fraudulent purposes, which includes launching phishing attacks.

– If you suspect that you have become a victim of a phishing attack and already have divulged your sensitive account information to fraudsters, please contact your bank immediately to discuss the appropriate remedial action.

– Continue to monitor your statement for unauthorized transactions, if your account is not closed.

– Regularly obtaining personal credit reports from all three credit reporting agencies and carefully reviewing the information. Question – and correct – any inaccuracies. The contact information for the credit reporting agencies is:

– Equifax, call (800)-525-6285 and write: P.O. Box 740241, Atlanta, GA 30374-0241

– Experian, call (888)-397- 3742 and write: P.O. Box 949,

– Allen TX 75013-0949

– TransUnion (800)-680-7289 and write: Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834

Leave A Reply