Donate |

Don't fall for bank and credit-card e-mail scams in wake of Target breach

Playing on consumers' fears, some deliver malicious software

Published: February 07, 2014 04:30 PM

Consumer Reports has found that e-mail scammers have begun playing on consumers’ fears, in the wake of the data breach at Target, that their online banking account or credit card has been used fraudulently.

As an example, take this e-mail I received a few days ago (pictured above), which purports to come from Bank of America. It warned of "irregular activity" in my online account and said that my account had been locked. (Note: I have no account with Bank of America.)

The e-mail urges the recipient to click on a file attachment, download a form, and follow some instructions. As soon as I received this e-mail, the antivirus software on my PC identified the attached file as some kind of malicious software. (For the best security software to run on your computer, see our buying advice and Ratings.)

As with many e-mail scams, this one exhibited tell-tale signs such as odd sentence construction, missing words, and poor grammar. For example, it warned that "too many unsuccessful login attempts was made."

The above e-mail, which I also received this week, was more polished because it sported the colorful logos of VISA and MasterCard. It warned that my bank debit card had been temporarily blocked because of unusual activity. (Note: I don't use a bank debit card.)

Brief as this e-mail was, it, too, squeezed in some odd sentence construction before urging me to click on an attached file. When our engineers ran the file through some virus tests, it was found to contain malicious software.

Another red flag: The return address for this second e-mail included the top-level domain .co which, a quick Google search revealed, is the domain for the nation of Colombia.

You can't always count on bad grammar and blatant lapses to alert you to e-mail scams. But if you receive an e-mail that appears to come from a well-known institution, and it asks you to take such actions as opening attachments or clicking on embedded web links, just say no. Then delete the e-mail. To learn more about how to spot such e-mail phishing scams, read our story,  "How not to get phished," and watch our entertianing musical video, "Gone Phishing."

—Jeff Fox

For more advice and tips, check our guide to Internet security.

   

E-mail Newsletters

FREE e-mail Newsletters! Choose from safety, health, cars, and more!
Already signed-up?
Manage your newsletters here too.

Electronics & Computers News

Connect

and safety with
subscribers and fans

Follow us on:

Cars

Cars New Car Price Report
Find out what the dealers don't want you to know! Get dealer pricing information on a new car with the New Car Price Report.

Order Your Report

Mobile

Mobile Get Ratings on the go and compare
while you shop

Learn more