Hoax of the Day: Gimme Credit - Tilted Forum Project Discussion Community

Peetster · 08-07-2003, 04:54 AM

Claim: Earthlink is sending out suspension notices via e-mail and asking subscribers to verify their credit card information.
Status: False.

Example:

EarthLink.com - Account suspension alert.

Dear EarthLink.com member,

EarthLink.com Account Management regrets to inform you that your EarthLink.com account has been suspended due to credit card verification problems. Your credit card failed to authorize and as a result, your account has been suspended.

Please take a moment to confirm your account by going to the following address: EarthLink.com/account.cgi

Trully yours, EarthLink.com account management team.

Variations: Similar messages were also sent to customers of Juno.com, AOL, and eBay.

Origins: Yet
again a redirection scam has hit the Internet in the guise of messages appearing to come from a well-known Internet entity; in this case the wolf is disguised in the clothing of Earthlink, a large Internet Service Provider.

Just like a scam perpetrated earlier this year using PayPal as camouflage, this one involves messages sent to Earthlink customers which appear to be coming from Earthlink management itself. A typical message claims that the recipient's Earthlink account has been suspended due to a problem with his credit card and requests that he re-enter his credit card information through Earthlink's web site. The messages actually come from scammers (the example we received was sent from a server in Korea), and the links in the message don't actually go to Earthlink's web site — they take the user to a completely different web site where the entered credit card information is collected and e-mailed to a scammer's account.

Scams that trick the gullible into revealing private information by having them "confirm" details presumably already in the possession of the one doing the asking fall under the broad heading of "social engineering," a fancy term for getting people to part with key pieces of information simply by talking to them. The wary consumer's best defense to such maneuvers is a zipped lip (or, in the online world, an untapped keyboard). Protect yourself by volunteering nothing, even if you feel somewhat pressured by the one doing the inquiring. If someone on the telephone asks you to read off your checking account number for "verification," ask him instead to recite it to you from his records. If you get an e-mail announcing something dire has befallen one of your on-line accounts and requiring you to re-enter sensitive personal data to get things back on track, do not reply to it, and do not fill out any forms that accompany it or click through any hot links it provides. Instead, contact that service through its web site and ask them about the e-mail.

The con artists are getting more sophisticated all the time, so do not be too quick to mistake the appearance of legitimacy or authority with legitimacy itself. Just because an e-mail looks like it comes from an entity you do business with doesn't mean it's genuine, and just because you're being directed to a web page that looks like that entity's home page doesn't mean you're not being sent somewhere else. Beware the wolf in sheep's clothing lest you end up his dinner.

Source: snopes.com

MacGnG · 08-07-2003, 08:34 PM

like they always say, no legit place is just gonna ask for your CC info or passwords or anything like that. personnaly i dont think any place that really needs any of this info is going to send you an REAL letter with legit papers.

johnnymysto · 08-08-2003, 08:09 AM

This happened to me - no lie. I've got Earthlink at home, and I got this email. I was like "HUH???" I called Earthlink and told them that there was no reason my credit card info should have changed. They told me it was a hoax, and that they've been fighting this for a while. The best thing to do is to call the company. Obviously you shouldn't send your credit card info or password over the Net.

j8ear · 08-08-2003, 09:23 AM

"Dialing up" and then getting an email that your service is suspended should be a red flag.

Oh well, it takes all kinds to make the world go round. There is a sucker born every minute and always a thief willing to exploit that theory.

Take caution with EVERYTHING you get on the internet.

-bear

08-07-2003, 04:54 AM	#1 (permalink)
Peetster Right Now Location: Home	Hoax of the Day: Gimme Credit Claim: Earthlink is sending out suspension notices via e-mail and asking subscribers to verify their credit card information. Status: False. Example: EarthLink.com - Account suspension alert. Dear EarthLink.com member, EarthLink.com Account Management regrets to inform you that your EarthLink.com account has been suspended due to credit card verification problems. Your credit card failed to authorize and as a result, your account has been suspended. Please take a moment to confirm your account by going to the following address: EarthLink.com/account.cgi Trully yours, EarthLink.com account management team. Variations: Similar messages were also sent to customers of Juno.com, AOL, and eBay. Origins: Yet again a redirection scam has hit the Internet in the guise of messages appearing to come from a well-known Internet entity; in this case the wolf is disguised in the clothing of Earthlink, a large Internet Service Provider. Just like a scam perpetrated earlier this year using PayPal as camouflage, this one involves messages sent to Earthlink customers which appear to be coming from Earthlink management itself. A typical message claims that the recipient's Earthlink account has been suspended due to a problem with his credit card and requests that he re-enter his credit card information through Earthlink's web site. The messages actually come from scammers (the example we received was sent from a server in Korea), and the links in the message don't actually go to Earthlink's web site — they take the user to a completely different web site where the entered credit card information is collected and e-mailed to a scammer's account. Scams that trick the gullible into revealing private information by having them "confirm" details presumably already in the possession of the one doing the asking fall under the broad heading of "social engineering," a fancy term for getting people to part with key pieces of information simply by talking to them. The wary consumer's best defense to such maneuvers is a zipped lip (or, in the online world, an untapped keyboard). Protect yourself by volunteering nothing, even if you feel somewhat pressured by the one doing the inquiring. If someone on the telephone asks you to read off your checking account number for "verification," ask him instead to recite it to you from his records. If you get an e-mail announcing something dire has befallen one of your on-line accounts and requiring you to re-enter sensitive personal data to get things back on track, do not reply to it, and do not fill out any forms that accompany it or click through any hot links it provides. Instead, contact that service through its web site and ask them about the e-mail. The con artists are getting more sophisticated all the time, so do not be too quick to mistake the appearance of legitimacy or authority with legitimacy itself. Just because an e-mail looks like it comes from an entity you do business with doesn't mean it's genuine, and just because you're being directed to a web page that looks like that entity's home page doesn't mean you're not being sent somewhere else. Beware the wolf in sheep's clothing lest you end up his dinner. Source: snopes.com

08-08-2003, 08:09 AM	#3 (permalink)
johnnymysto Overreactor Location: South Ca'lina	This happened to me - no lie. I've got Earthlink at home, and I got this email. I was like "HUH???" I called Earthlink and told them that there was no reason my credit card info should have changed. They told me it was a hoax, and that they've been fighting this for a while. The best thing to do is to call the company. Obviously you shouldn't send your credit card info or password over the Net. __________________ "I'm disinclined to acquiesce to your request." - Capt. Barbossa

08-08-2003, 09:23 AM	#4 (permalink)
j8ear Gentlemen Farmer Location: Middle of nowhere, Jersey	"Dialing up" and then getting an email that your service is suspended should be a red flag. Oh well, it takes all kinds to make the world go round. There is a sucker born every minute and always a thief willing to exploit that theory. Take caution with EVERYTHING you get on the internet. -bear __________________ It's alot easier to ask for forgiveness then it is to ask for permission.

08-07-2003, 08:34 PM	#2 (permalink)
MacGnG Know Where!	like they always say, no legit place is just gonna ask for your CC info or passwords or anything like that. personnaly i dont think any place that really needs any of this info is going to send you an REAL letter with legit papers.