This from my ISP...

A Tale of Phishing
The newest email scam on the block... - Written By Leo Leporte
There’s a new fishing hole in town. One where the bait is fear, the hook is a web site in Russia, and the fish is... you. We spell this kind of fishing with a ph, and the chances are you’ve already had more than a few lines cast your way.

It all starts with an email that looks like it’s from your bank, eBay, PayPal, America Online, or some other upstanding institution. Note the official letterhead and the urgent words warning you that anything but instant action will result in dire consequences. Pay particular attention to the convenient link back to the company’s web site. It looks completely normal, but beyond that link lurks fraud, identity theft, and worse. Should you click on the link you’ll find yourself on a web site that looks just like the real thing. You may even be tempted to fill out the form, after all the continuation of your account is at stake. But beware, it’s not the site you take it for, and when you press the submit button all that precious personal information is sent directly to a criminal who plans to use it to steal and defraud, not to mention, ruin your credit and your reputation.

These phishing scams are commonplace. Millions of such messages are sent out every day and while no one has released statistics about how many fall for them, I know a great number of smart people who will embarrassedly admit to being taken in.

According to the Anti-Phishing Working Group, antiphishing.org, there are six or seven hundred web sites currently collecting your information. These sites are designed to harvest your credit card accounts, social security numbers, names, addresses, and birth dates. This information will be used in identity theft and credit card fraud, and while it’s likely you won’t lose any money, you will certainly have to spend many days reversing the charges and restoring your good credit. International police agencies shut these sites down as fast as they can, but new ones spring up even faster, and with the speed of email it’s likely that they will sucker hundreds of folks each before they can be stopped.

How can you protect yourself? The most important rule is to never click on a link in an email. Very few financial institutions will contact you via email these days, but if you’re concerned that an email you’ve received is the real deal open your browser and enter in the web address yourself, by hand. Remember these scam emails often look completely genuine - even an expert may not be able to tell the difference. And the web sites they link to look equally official. They may even be secure sites with the padlock on them. Don’t click - it’s a trick. Say it with me. Don’t click - it’s a trick.

If you would like to get a sense of how real these emails can look, visit the phishing gallery at http://www.antiphishing.org/phishing_archive.html.

To report a suspect email visit http://www.antiphishing.org/report_phishing.html.

If you think you might have fallen prey to a phishing scam, visit http://www.antiphishing.org/consumer_recs2.html for a list of things to do immediately to protect yourself.

Another great way to protect yourself, is to use an Internet Service Provider that actively filters out phishing emails. Last month DSLExtreme kept 201 phishing emails out of my Inbox. That’s 201 fewer chances to be duped. Turn on Anti-Phishing on your account to also filter out scam emails. And encourage your friends and family to do it, too. This is one phishing hole you don’t want to go to with your dad.

Leo Laporte is the Tech Guy on KFI Radio, 640 AM in Los Angeles. His website is http://www.leoville.com