Wednesday, September 28, 2011

How to avoid online identity theft or phishing


My online journey has revealed this very useful info........want to share it with all those who visit this blog......

Pay Pal Frauds and Pay Pal Email Scams



The below contents have been prepared by the Kaisilver network team and they have tried to keep the content as simple and non-technical as possible. The information is provided in public interest and is not intended to make a campaign for or against Paypal. The basic safety tips mentioned above will be useful for users of any online service where confidential information is to be accessed after a validated login.

What Is Phishing Of A Pay Pal Account?





<><> <><> <><> <><> <><> <>




What Is Pay Pal?
Most of you would already have a fairly good idea of what pay pal is. In short, it is an online payment system that has become very popular in recent years. Pay pal can be used in numerous countries but the complete set of pay pal account features are not available in all countries. The recent takeover of pay pal by ebay has further increased the number of accounts with pay pal as, it is being flaunted as the preferred mode of payment for ebay auctions. If you have absolutely no knowledge of pay pal click here and you will find a small write up on what is pay pal and similar details. Most of you could ofcourse skip that section.


<><><><> <><><><><> <> <><><><> <> <><> <><> <>



About Paypal Fraud
When talking about online payment systems like pay pal or bank payment, the term fraud is expected to be related to the payer or the payee. A pay pal fraud could thus mean that the payer uses a bad credit card to fund his pay pal account. It could also mean that the payee (receiver) does not provide the merchandise or service for which he was paid through pay pal. However, the most dangerous pay pal frauds of today involve a fraudster who is neither the payer nor the payee. The pay pal frauds that we refer to are those where a third person (fraudster) steals the pay pal account of a person and then uses (or rather mis-uses) the funds in the pay pal account. For any online payment system, the most important information that would be required to access the account would be through a username and password to login to the account. A common pay pal fraud involves an attempt by a fraudster to get the username and password of pay pal accounts that belong to others.






<><><><> <><><><><> <> <><><><> <> <><> <><> <>



What Is Pay Pal Phishing?
As explained above, the most common pay pal fraud is where the fraudster attempts to get the login details of a pay pal user. Armed with the username and password of a pay pal account belonging to someone else, the fraudster can now perform transactions in that pay pal account as if it belonged to him. Anyone dealing with this fraudster would be under the impression that he was infact the true owner of that pay pal account. In technical jargon this is referred to as stealing the identity of another person, and has been given the name 'phishing'.

Online identity theft has now become a lucrative profession for many and pay pal phishing has recently increased at a remarkable rate. However, it does not mean that everyone should stop using their pay pal account in the fear of becoming a pay pal phishing victim. You can keep your account safe and secure by following a few simple precautions and these are listed lower down on this page. The most common way that pay pal phishing occurs is through emails and the next paragraph explains pay pal email scams in more detail.







<><><><> <><><><><> <> <><><><> <> <><> <><> <>



Pay Pal Email Scams
Almost all pay pal phishing is done through email scams. The content of the email could vary, but every pay pal email scam tries to convince the victim to disclose confidential information. The email might suggest that an update is needed to be done on the pay pal account and the victim is then urged to click a link (on the email) to access the pay pal login page and complete the process. On clicking the link in the email, the victim is taken to a web page that looks very similar to the actual pay pal login page. When the username and password are entered on this page, the information is made available to the fraudster as the page displayed is not a genuine pay pal web page at all. This page is hosted by the fraudster on his own website and the login details entered on this page would no longer be confidential and secure. A pay pal email scam is generally mass mailed to many people and few innocent victims fall prey each time. It is very important to note that when you read the link in the email, the URL would appear as a genuine pay pal website. However, this is just the display and the real URL would be hidden inside the source of the email. Merely, checking the link in the display is not enough to ensure that the email is genuine.

We will now list a few types of email content that you can expect to find in a pay pal email scam.

(a) The most common email scam used for phishing a pay pal account contained a message that said that the pay pal account needs to be updated. The reader is urged to login to his pay pal account by clicking a link on the email itself. The email also claimed that failure to update the pay pal account would result in a suspension of the account. The link on the email would lead to a web page owned by the fraudster who would then record the login details for evil intentions. We will repeat here that, the link would appear to be a genuine pay pal link in the display, but the actual URL would be hidden in the source code of the email.

(b) A slight variation from (a) would be where the email states that pay pal has noticed some illegal or abnormal activity in your pay pal account. To correct the situation, you are asked to click a link on the email and ensure that your records and information is updated. This pay pal scam email also warns of account suspension if action is not taken in the next few days. The surprised victim quickly accesses the link (in the email) to ensure that his information and funds are safe in his pay pal account. Clicking the link results in the same scenario as in (a).

(c) As the contents of the above pay pal email scam came to be known, people became careful and realized that the email was nothing more than a pay pal fraud. This led to emails with slightly different content and the payment received email started becoming popular. In this pay pal email scam, the email claimed that there were funds waiting to be received into the pay pal account. Once again the user was asked to click a link in the email to accept his pay pal receipt and update his balance. For frequent users of pay pal, this was assumed to be a genuine email and many fell victim to this email scam. The result of clicking the link in the email was similar to what would happen in (a) above.

(d) Fraudsters never run short of evil ideas and another content for pay pal email scams soon emerged. This referred to adding a new email address to the pay pal account. Every pay pal account needs at least one email address to be connected to it and this forms the login name for the pay pal account. You can however add multiple email addresses to a single pay pal account and the email scam used this to trick victims into logging into their pay pal accounts by clicking a link. The email states that a new email address has been successfully added to the pay pal account. The victim is surprised to receive this email, as he would not have added any new email address to his pay pal account! It is then no surprise that, the victim would click the link in the email to access his pay pal account and find out what was going on. What followed would be the same as in (a) and (b) and the pay pal login details would no longer be confidential.

(e) Another type of pay pal email scam takes even the experienced online user by surprise. The email comes up with a content that says that, your pay pal password has been changed! The email contains a link that claims to take you to the pay pal login page. Most victims would like to log into their pay pal account immediately and ensure that the old password was still working. The link on the email is once again a trap set up to gather confidential pay pal login information.

The above are the most popular pay pal email scams that are used to perpetuate pay pal frauds. The list contains the type of email content in use so far, but you can rest assured that the innovative ideas of these online fraudsters will never cease. We have therefore included a section here where simple suggestions are provided to help keep your pay pal account more safe.







<><><><> <><><><><> <> <><><><> <> <><> <><> <>



Avoiding Pay Pal Fraud And Pay Pal Email Scams
Inspite of the security issues mentioned above, not using pay pal is not the solution. This is because almost all financial transactions made online suffer from phishing and email scams. Customers of reputed international banks are also becoming victims of identity theft (phishing). It would therefore be useful to follow a few simple suggestions that will reduce the chances of your pay pal account being phished or hacked in some other way.

(01) Remember the email address registered: When you register for your pay pal account you will need to register at least one email address with the account. This email address along with your password are the two vital pieces of information required to login to your pay pal account. Fraudsters who use pay pal email scams to defraud innocent victims, use a random method of mass mailing emails to hundreds of email addresses. Some of these email addresses may never be registered with a pay pal account! When you get an email that is supposed to have come from pay pal, ensure that the email address to which the email was received is actually the email address that you registered with pay pal. If not, then ignore the email and delete it from your system.

(02) Never Click An Email Link: All pay pal email scams urge you to login to your pay pal account by clicking a link on the email. The emails themselves look very authentic and display a link that relates to a valid pay pal link. However, the link displayed on the email and the actual URL that it leads to are not the same. This is a bit technical but we will try to explain it in simple terms. The displayed link on the email when clicked, would take you to a web page that is not the link being shown. This web page would belong to the fraudster and looks very similar to a real pay pal login page. When you enter your login information here, it is received by the fraudster and he can then access your pay pal account just as he pleases. The best way for you to access your pay pal account is to open your web browser and type the entire name of the pay pal website. Do not even select the website name from the list of previously visited websites that most broswers keep for future reference. Never click a link in an email to access your pay pal account, this is the most important step that will help you stay safe from most pay pal frauds and scams.

(03) Changing Of Passwords: If you ever feel that the safety of your pay pal login information has been compromised, remember to change your password. To do this, enter the pay pal website through your browser as explained in (02) above. It is always a good idea to periodically change the password for your pay pal account, but this becomes all the more necessary when you notice any untoward changes or updates in your account.






<><><><> <><><><><> <> <><><><> <> <><> <><> <>



General Safety Tips For Your Pay Pal Account
(01) Choosing A Password: Your pay pal account could easily become a victim of a pay pal fraud if, the password you choose for your account can be easily guessed by others. Using your first or last name or a close variation of the same is surely not a good idea for a password. Many users love to use their name or even a close resemblance to their phone number for a pay pal password. Choose a password that is difficult for others to guess and yet not so difficult that, you will need to glance at a written note each time you want to login to your pay pal account. As an example, a password created by adding the first three alphabets from your mother's name to the last three characters of your fathers name and then appending your year of birth would be a good password. Do not attempt to use the same password for all your online access like emails, pay pal account, bank account etc.

(02) Periodically Check The Account: Depending on how much funds you have in your account, a pay pal fraud could be financially crippling. It is therefore a good idea to periodically login to your pay pal account and check the records for any strange or unexpected transactions. This is all the more important if you have funds in your account but do not use the pay pal account very often. If you plan to leave your pay pal account dormant for a long time, withdraw the balance that exists, into your bank account. If you see any strange transaction in your pay pal account suspect fraud and ensure that pay pal is informed about it. At the same time change the password for your account so that further damage can be stopped.

(03) Using A Public Computer: It is not safe to login to your paypal account when using a public or other shared computer. Malware programs (programs written with bad intentions) can record your login details and make them accessible to fraudsters. There is really no way that you can check and ensure if the shared computer you use is safe for doing confidential financial transactions. Office computers might be safer depending on the type of computer infrastructure that is available. Most offices install various security devices that are capable of keeping out such malware programs.

(04) Never Click An Email Link: This has already been explained in detail above. Most pay pal email frauds and email scams attempt to get your confidential pay pal login information by urging you to click a link on the email. Never click a link in an email to access your pay pal account, always enter the full name of the pay pal website and access it through your browser.

(05) Separate Bank Account: Pay pal accounts in certain countries can be linked to a bank account and infact pay pal accounts in all countries can be linked to a U.S bank account. It would be easy to monitor your pay pal account if you maintained a separate bank account to be linked to your pay pal account. A double check is possible for picking out suspicious transactions as the bank statement and the pay pal account history can always be cross checked. A separate bank account will also help limit damages if you ever become a victim of pay pal phishing or other pay pal email scam.

(06) Logout When Finished: This is a good habit when accessing any online website that required you to login. Online payment and financial websites like pay pal and bank accounts are very confidential so treat them that way. It is not a good idea to remain logged in and merely minimize the web page. You might ultimately forget to logout and leave your account wide open for people with bad intentions. If you are not in the habit of logging out of your account, remember that this could have added dangers when accessing your pay pal account from a shared computer like in an office. Pay pal frauds can be committed easily if your pay pal account is already logged in as no further login details will be required to use the account.