Internet Fraud

I recieve at least 2 Phishing scams daily..90% sources use Yahoo address'

If they claim to be from Yahoo!, forward the entire email to mail-spoof@cc.yahoo-inc.com. You can forward them as well to the Federal Trade Commission (FTC) at the email address: spam@uce.gov.

Upgrade to IE7 and activate the anti phishing filter. If you get a security alert on a page, use the supplied controles to report that site.

Visit the following page to report several types of Cyber Crime: http://www.cybertopcops.com/report_cyber_crime.php And rather use Firefox 2, the IE7 anti-phishing filter has been known for falsely flagging sites as fraudulent. http://cybertopcops.blogspot.com/2006/10/internet-explorer-7-rc1-flagging-sites.html

Fraudsters send fake emails or set up fake web sites that mimic Yahoo!'s sign-in screens (or the sign-in screens of other trusted companies) to trick you into disclosing your user name and password. This practice is sometimes referred to as "phishing" - a play on the word 'fishing' - because the fraudster is fishing for your private account information. What Should I Do If I Think I've Been Tricked Into Sharing My Yahoo! Password? What Should I Do If I Think I Gave My Bank Account Or Credit Card Information To A Phisher? How Do I Identify A Phishing Email? How Do I Identify A Phishing Web Site? What Can I Do To Protect Myself From Phishing? How Do I Report Phishing Emails and Web Sites? -------------------------------------------------------------------------------- What Should I Do If I Think I've Been Tricked Into Sharing My Yahoo! Password? If you think you may have been tricked into giving your Yahoo! password to a fraudster, here's what to do: 1. Change your password immediately. If you can still get into your Yahoo! account, change your password right away! Here's how: Type www.yahoo.com into your browser's address bar; Sign into Yahoo!; Go to your My Yahoo! page (http://my.yahoo.com), to your Yahoo! Mail account (http://mail.yahoo.com), or to any other Yahoo! service you use regularly; Under where it says "Welcome yourusername" click the link that says "My Account"; Enter your current password when prompted; On the "Account Information" page, click the link near the top of the page that says "Change Password" and follow the instructions provided. 2. If your password no longer works, click here to tell us and start the account recovery process. 3. To report the phishing email or web site that tricked you, follow the steps listed here. To help prevent becoming the victim of a Yahoo!-specific phishing scam, create a Yahoo! sign-in seal. A sign-in seal allows you to personalize your Yahoo! sign-in page. Learn more about sign-in seals here. Return to the top of the page -------------------------------------------------------------------------------- What If I Think I Gave My Bank Account Or Credit Card Information To A Phisher? Contact your financial institution immediately! You will want to change your password as soon as possible before a phisher can lock you out of your account. You might also want to follow the Federal Trade Commission's (FTC) advice for identity theft victims, which you'll find here: http://www.consumer.gov/idtheft/con_steps.htm. Return to the top of the page -------------------------------------------------------------------------------- How Do I Identify A Phishing Email? You should consider several factors when deciding whether or not an email is authentic or fake. Here is an example email with some tell-tale signs of a phisher at work: 1. Unofficial "From" Address: Look out for "from" addresses that are similar to, but not the same as, a company's official email address. Fraudsters often sign up for free email accounts with company names in them (such as ysmallbusiness@yahoo.com). These email addresses are meant to fool consumers who only casually glance at the sender's email address. Official email from Yahoo! always come from a "@yahoo-inc.com" email address. Note: fraudsters can forge the "from" address to make it look like a "@yahoo-inc.com" address when it isn't. Because of this, the 'from' address is just one factor you should consider when deciding whether or not an email is valid. 2. Urgent Call To Action: Fraudsters frequently include urgent "calls to action" to try to get consumers to react immediately to their phishing email, without stopping to consider its source. Be wary of emails containing phrases such as: "your account will be closed," "your account has been compromised," or "urgent action required." 3. Generic Greeting: Fraudsters often send hundreds or thousands of phishing emails at one time. Although they may have your email address, they often won't have your first and last name. Be skeptical of emails sent with a generic greeting such as "Dear Customer" or "Dear Member." Note: More sophisticated fraudsters can get your name from public records and target you directly, so just because an email is addressed to you directly doesn't guarantee it's authentic. Again, whether an email addresses you generically or by name is just one factor you should consider when deciding if an email is trustworthy. 4. Link to A Fake Web Site: To trick you into disclosing your user name and password, fraudsters often include a link to a fake web site that looks like (sometimes exactly like) the sign-in page of an authentic web site. Just because a site has a company's logo on it, or looks like the real page doesn't mean it is! Logos and the "look and feel" of legitimate web sites are easy for fraudsters to copy. Look out for: links that have the official company name in them, but in the wrong location. For example: http://www.yahoo.com:login&mode=secure&ib35 is a fake URL that doesn't go to a real Yahoo web site. A real Yahoo! web site always will have a trailing forward slash ("/") that appears after "yahoo.com" - for example: http://www.yahoo.com/ or http://login.yahoo.com/ masked links that look like they go to the real web site, but don't. In the example above, the link says "smallbusiness.yahoo.com," but by hovering your mouse over the link you can see the real address (in the yellow box) is "http://218.246.224.203/yahoo/accountupdate." You usually can see a link's real destination by hovering your mouse over it. 5. Legitimate Links Mixed In With Fake Links: Fraudsters sometimes include authentic privacy policy and terms of service links for the site they're spoofing. These authentic links are mixed in with links to a fake phishing website. The goal is to make the fake email or fake web site seem more legitimate. Note: The only way to be completely safe from phishers is to avoid clicking links in emails. If in doubt, close your browser, reopen it, and type the web site address for the site you want to visit directly into the address window. Other indicators that an email might not be trustworthy include: spelling errors and incorrect grammar, requests for personal information such as passwords or social security numbers, bank account or credit card numbers, pop-up windows that look like sign-in pages, attachments (which might contain viruses or keystroke loggers). Return to the top of the page -------------------------------------------------------------------------------- How Do I Identify A Phishing Web Site? A phishing web site tries to trick you into thinking you're on the Yahoo! network (or another trusted site) when you're not in order to steal your confidential account password or other sensitive information. One way to tell whether or not you're really on Yahoo! is to examine the URL in the address bar of your browser: Make sure a trailing forward slash (" / ") appears after the "yahoo.com" in the address window - like in the examples below: Note the trailing forward slash (" / ") after yahoo.com Note the trailing forward slash (" / ") after login.yahoo.com Examples of correct Yahoo! addresses include http://www.yahoo.com/ or https://login.yahoo.com/. Fake Yahoo! web sites might have the name "yahoo" in the address, but will not have the trailing forward slash after the "yahoo.com." For example, "http://www.yahoo.com:login&mode=secure" is a fake web site address. Still not sure you're really on Yahoo!? If you have any doubt, do not sign in. The safest thing to do is to (1) close your browser; (2) re-open it; (3) type www.yahoo.com into the address window; and then (4) click the 'sign in' link on the right-hand side of the page. Return to the top of the page -------------------------------------------------------------------------------- What Can I Do To Protect Myself From Phishing? General Guidelines Yahoo! Tools and Services That Can Help Protect You From Phishers General Guidelines Here are some general guidelines to help you protect yourself from password scams and phishing: 1. Do not respond to emails that ask for personal or financial information. Legitimate companies will never ask you to verify or provide confidential information in an unsolicited email. 2. Be on the lookout for spelling errors, generic greetings, urgent calls to action and other indicators that something's "not quite right." Phishing web sites and emails sometimes contain spelling errors, poor grammar or inferior graphics. They usually are addressed generically ("Dear Valued Customer") instead of specifically (with your name, user name, the last four digits of your account number, etc.) Fraudsters often try to trick you with urgent calls to action like "Your account will be closed!" 3. Before signing in, examine your browser's address bar. If you're really on the Yahoo! network, there should be a trailing forward slash (" / ") after the "yahoo.com" (for example: http://www.yahoo.com/ or https://login.yahoo.com/). Look out for tricks such as substituting the number "1" for the letter "l" in a web site address (for example: www.paypa1.com instead of www.paypal.com). 4. When in doubt, don't sign-in through links in emails. If you're not confident an email or web site is legitimate, don't click on its links or sign-in through it. Instead, type the address of the web site you want to visit (for example: www.yahoo.com) into the address bar of your browser, and then click the sign-in link from there. Yahoo! Tools And Services That Can Help Protect You from Phishers Create a "sign-in seal": A sign-in seal is a secret message or image that you select to customize your Yahoo! sign-in box to help protect your account from phishers. Because the sign in seal is secret between your computer and Yahoo!, you can be sure you're on a legitimate Yahoo! site each time use your computer to sign in to Yahoo!. Just look for the custom text or image you set up. If it's not there, you might have landed on a phishing site. Click here to learn how to create a sign-in seal. Your sign-in seal is saved on the computer where you created it. If you use more than one computer, you may want to create a sign-in seal for each one.