Guarding Against Account Hijacking
It is the fastest growing form of identity theft, and it is the form that can have the most devastating effect on us. It is called Account Hijacking, and some 2 million people were victimized last year alone.
Account hijacking occurs when a criminal obtains your personal banking information and uses it to take over your bank accounts. It can take weeks or months to discover. Fortunately, there are steps you can take to protect yourself.
Often, the account hijacker uses one or more methods to obtain your personal data. You should be particularly aware of two of them, phishing and spyware.
Step 1: Protect Yourself
UNDERSTAND THE THREAT
Hijacking by Phishing deceives customers into providing their user names, passwords, and account numbers via deceptive e-mails, fake (spoofed) Web sites, or both. The classic phishing attack involves a deceptive e-mail that purports to be from a legitimate financial institution. The e-mail typically tells the customer that there is some sort of problem with the customer’s account, and instructs the recipient to click on the included hyperlink to “fix” the problem. In reality, the spoofed Web site is simply collecting customer user names and passwords in order to hijack accounts.
Hijacking with Spyware works by inserting malicious software, often referred to as “spyware,” on a person’s personal computer. Spyware can be loaded when a user opens a seemingly innocuous e-mail attachment or clicks on a pop-up advertisement. The spyware collects selected information (e.g., user names, passwords, and account numbers) and forwards that information to the fraudster.