PHISH IN THE SEE

This is a public service announcement.
Just in case anyone is not aware of new bad guy tactics,
"phishing" and "spoofing", read this.

These practices involve sending very clever e-mails
alerting you to a problem with your account from many
web based businesses.
I'll use E-bay and Amazon as examples.
Both companies have had their names fraudulently
used by these criminals, and both offer useful ways
of combatting this crime.

A common example is receiving an e-mail that appears
to be from a legitimate company you may have patronized.
These e-mails will often have some sort of urgency to them,
like "your account has been fraudulently accessed, contact us
immediately". Don't forget, it is very simple to configure the
"From" address, so never use that to determine if an email
is real or not. You can often check the headers and see
that the e-mail is actually from a completely different address.
If you don't know how to do this, it may be easier to just look at
what they are asking you to do.

Never Send Your Financial Info Or Passwords To Anyone.
Look at any links that may be present, but Do Not Click Them.
If you put your cursor on them, without clicking,
you can see the real address that it links to.
Also, ignore the "from" address at the top, and look at other
addresses in the body of the email. The fraudulent addresses
will have something BEFORE the name of the company.
For example, a real email address from E-bay will read:
_______@ebay.com
A fake e-mail could read:
_______@blahblah.ebay.com

E-bay has the very best security set up to combat this.
They are lightening fast with reports.
All you have to do is forward any suspect e-mail to:
spoof@ebay.com

Amazon has a reporting page that requires you to copy and
paste the headers and the text of the suspect e-mail into
boxes, which is harder to do, but they also are on top of this.

E-bay has an excellent little thing on their site
called "Spoof Tutorial". This walks you through the entire
process of Spoofing and Phishing, gives you all the
examples (that we know of now, of course, criminals morph),
and tells you what to do (far better than I just did).
Their tutorial should be read to understand all spoofing
of any company. It's very informative.
Private consumers are the victims of this process, so it's
imperative that companies join in the fight to protect against it.

I have received tons of these fake e-mails. That's why I started
doing research about it. I report all of them now.

Be careful.
Never let the bad guys win.