California State University, Los Angeles
How E-mail and Spam Are Used
for Identity Theft and Scams
According to the Federal Trade Commission, identity theft
occurs when someone uses your personal information without your
permission to commit fraud or other crimes, including stealing
your identity or infecting your computer. Don’t be tricked into
giving away your personal information to identity thieves. Be
cautious about sharing your name, mother’s maiden name, Social
Security Number, account numbers, user IDs, passwords, and home
address. Being alert to scams and using best security practices
will help you avoid being a victim.
Common E-mail Scams and Hoaxes
Sadly, there are more scams and hoaxes in circulation than is practical to write about in this article. All of them, though, depend on the user being naive enough to do whatever is requested without question. Many variations of the same scams and hoaxes are out there. Here are just a couple….
The Tale-of-Woe Letter
In this scam, sometimes known as the Nigerian Scam or the Spanish Prisoner Con, an e-mail is sent to you from someone suffering a hardship who wants your help transferring a substantial amount of money between another country and yours. You are promised a large portion of the funds for either advancing money from your own funds or supplying your bank information (e.g., account number, routing number, user id, and password, etc.).
Don’t do it . . . unless you want your bank account wiped out and your identity stolen!Phishing
Don’t be fooled by e-mail messages supposedly from a bank, company, or Internet commerce site claiming your account is suspended or needs verification. Not only do the subject lines entice the user to open the message, but the logos, graphics, and return address look legitimate, like they actually were sent from companies like Wells Fargo, eBay, Best Buy, Citibank, etc.). You are asked to respond by supplying personal information (e.g., mother’s maiden name, Social Security Number, credit card number, password, etc.).
Don’t do it . . . unless you want unauthorized charges to your credit card and your identity stolen!
The Dangers of Viruses and Spam
Aside from seriously harming your computer and other campus resources, viruses and spam also can be used to obtain your personal information. Viruses may be capable of transmitting across networks and bypassing security systems, thereby gaining access to personal information. Spam may be sent by a counterfeit address that looks legitimate, thereby tricking recipients into taking a harmful action (like opening up a virus-infected attachment, divulging personal information, etc.).
To help protect your e-mail account from viruses and spam, follow the simple recommendations listed on the Are You Secure? Web site: Combat E-mail Viruses and Spam.
Learn More and Get Help
For more information about suspicious business offers and other attempts to obtain your personal information and money, check these Web sites:
Anti-Phishing Working Group
Better Business Bureau
Chase Identity Theft Kit
National Fraud Information Center
Scams on Snopes.com
United States Secret Service
To report identity theft:
- Contact IT Security, (323) 343-2600
- Follow the steps outlined on the Federal Trade Commission Web site
Don’t be duped – protect your identity. To be on the safe side, be suspicious of demands and offers that require divulging any personal information. Learn all you can about scams, hoaxes, viruses, and spam. Remember, if it seems too good to be true, it generally is.