The Spokesman-Review Newspaper
The Spokesman-Review Newspaper The Spokesman-Review
Spokane, Washington  Est. May 19, 1883
Current Temperature
45°F
Current Conditions
Clear sky
View complete weather report

Color Scheme

Subscribe now

Watch for ‘phishing’ scams

Meg Richards Associated Press

NEW YORK – The mutual fund touted on the Web site sounded familiar, but a guaranteed annual return of 657 percent raised eyebrows at a watchdog group. Within days the bogus site had been yanked by federal authorities, who launched their first investigation of a “phishing” scam targeting a mutual fund complex.

The crooks snatched content from the prospectus of the Pax World Growth fund and slapped together their phony site sometime in June, inviting people to invest money with FairPax Inc. – a nonexistent firm. To make its impersonation complete, the cloned site even listed the names of Pax World’s president and chairman as its top officials.

The site was up only a short time, so the damage was limited, but the implications were chilling to officials with New Hampshire-based Pax World.

In phishing scams, con-artists generally are relying on you to let your guard down and divulge personal information, such as user names, passwords and account numbers. These schemes are becoming increasingly more sophisticated, however, and may involve the secret installation of key-logging “spyware” programs that can record passwords as you type them into your computer.

Phishers most often target banks, credit cards and online bill paying services. But any business that relies on online commerce can be vulnerable, including mutual fund companies. The idea that scam artists are developing new ways to target fund companies, where people may be stashing their retirement savings, is a frightening development, said Peter Cassidy secretary general with the Anti-Phishing Working Group, an organization that tracks the activity.

In the Pax World case, rather than targeting the fund’s existing customers, the scheme played off the company’s name and investment concept to lure new investors with the promise of an outlandish return. Alarmed that investors might have been hoodwinked, Pax World issued a set of tips to help consumers avoid being duped:

• Keep an eye out for high-pressure e-mails urging you to divulge personal financial information or redirecting you to a new Web page. Phishers often make urgent or even upsetting statements to frighten people into taking action without thinking.

• Be especially wary if you’re asked to “verify” information, such as your username and password or your credit card, bank account or Social Security number.

• Conduct online transactions on a “secure” page, rather than sending your confidential information through e-mail. If you are forwarded to a Web page from a suspicious e-mail, look for signs that it is secure, such as a Web address that starts with “https:” rather than just “http:” or a padlock icon in the browser frame. If you’re not sure, close the window and start over at the company’s main Web site.

• Is a suspicious e-mail directing you to an unusual address? Does it contain an odd variation of the fund’s name, or extraneous letters, numbers or words?

• If you think you might have been targeted in a scam, report the problem. Check with your company, forward suspicious e-mail and consider filing a complaint with the FBI’s Internet fraud center: www.ifccfbi.gov. You can also report suspicious activity to the SEC at http://enforcementsec.gov.