This authentic-looking e-mail, which asked recipients to volunteer their credit card account numbers and other personal information, went to an undisclosed number of Internet users Wednesday night.
By Bob Sullivan Technology correspondent
msnbc.com

Beware any e-mail, however professional in tone, that asks for personal account information. Internet users continue to be flooded with legitimate-looking e-mails that ask recipients to enter account numbers, passwords, and other data. A new con aimed at Discover Card holders is just the latest in a long line of scam e-mails sent by con artists trying to hijack accounts at AOL, PayPal, eBay and other online firms.

A flurry of e-mails sent Wednesday purported to be from Discover Financial Services. The messages told recipients that their accounts were on hold and they needed to log in with their account number and mother’s maiden name to reactivate them.

“Due to your inactivity your account has been put On Hold,” the e-mails said, just under a Discover Card logo pulled from from Discover’s Web site. “To remove this status you have to Log In to your account and review Discover Privacy Policy.”

The e-mail looks real, and most of its content is pulled directly from Discover’s computers. Even a suspicious recipient who looked at the e-mails source code would see a series of links to www.novusnet.com, the company’s Web site. But replies to the e-mail, including any credit card numbers, are quietly routed to a computer with an Internet address in Russia.

Discover spokesperson Beth Metzler said customers started complaining about the realistic-looking e-mails late Wednesday night. She wouldn’t say how many complaints the firm received, indicating only that the issue impacted “a limited number of customers.” The e-mails were sent to random addresses, she said, so both account holders and non-account holders received them.

“We do not conduct business this way, and would never request that kind of information over e-mail,” Metzler said. “We’re taking appropriate actions to make sure consumers do not respond to these types of e-mails.”

She didn’t know how many customers, if any, might have fallen for the scam.

But it was convincing fake, said Cheryl Faye Schwartz, who received the e-mail Wednesday night.

“The e-mail that I received looked as if it came from Discover. However, I became suspicious because I use my card often and I know my account is active,” she said.

The use of such password-stealing e-mails appears to be on the rise. Rosalinda Baldwin, a consumer advocate at TheAuctionGuild.com, said she saw a sharp uptick in attempts to steal eBay accounts during the holiday season.

“The number of PayPal and eBay scam e-mails to steal information are increasing by astounding rates,” she said. “Folks posting on the boards report getting eight to 10 a day.”

Just last week, Earthlink said some of its subscribers received e-mails telling them to resubmit their personal information or face account termination, due to a “recent system flush.” Users were sent to a Web site named El-network.net, which has since been shut down.

Last month, a set of e-mails sent to eBay users asked customers for personal information, but when recipients clicked on the link supplied they were taken to a computer hosted at the University of North Carolina in Charlotte.

One computer hacker, who claims to have sent out such e-mails in the past, told MSNBC.com that response rates are 1 or 2 per 100 e-mails.

Companies quicker to react
Companies are scrambling to react to the problem. In late February, scam artists targeted Register.com, a domain registration service. The company responded quickly, putting a “customer warning” prominently atop its home page on Feb. 20. The notice is still there.

“You may have received an email that appears to come from Register.com that sends you to Renewal-Center.com to renew your domain name,” the notice says. Please be aware that Renewal-Center.com is NOT affiliated with Register.com ... Renewal-Center.com is trying to fraudulently obtain your credit card information.”

Register.com spokesperson Lisette Zarnowski said she had no idea how many customers might have fallen for that scam. Renewal-Center.com is no longer in operation.

She said that placing a warning on the home page was the best way to alert customers about the scam.

“We felt it was important to warn customers,” she said. “We are a customer service business and want to give our customers the most upfront information we have. We don’t want them to be duped.”

© 2013 msnbc.com Reprints

Discuss:

Discussion comments

,

Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments