Guaranty Bond Bank warns of latest e-mail scam
By FAITH HUFFMAN | News-Telegram News Editor
Apr. 22, 2007 - Anyone with an e-mail account is probably familiar with the many ways cons attempt to scam people out of their personal and account information to bilk them out of cash.
One scam currently circulating purports to be from a local bank, offering a cash reward if the person will fill out a survey accessible through the link in the e-mail.
This one is a bit trickier than usual — the e-mail is a bit slicker in its packaging of information than most. Not only does it claim to be from Guaranty Bond Bank, the link also takes the responder to what appears to be the bank's Web site (www.gnty.com), which, indeed, does have a place where bank patrons can fill out a survey.
However, the website the e-mail link goes to is not Guaranty Bond Bank’s. And the bank's survey does not offer a monetary reward, and most importantly does not ask the person taking the survey for their personal and account information.
The bogus link asks for the person's card number, expiration date, card verification number and card PIN number.
Police said the request for personal information should be a red flag to anyone who might be tempted by the promise of cash. It’s a sign that a scam is likely at work.
"Be leery of any e-mail which asks for account information and numbers for verification," Bo Fox, an investigator with Sulphur Springs Police Department, cautioned Friday morning.
"Use caution with these things. Call the bank when in doubt,” said SSPD Investigator Monty Tipps. “Banks in general will not send you e-mails asking for your account information — they already have it.”
He also said not to click on links to web pages in e-mails, as they can be duplicate sites set up to get your information. For example, one of the scam, or “phishing,” e-mails had a link to a site with a domain name of www.gnrty.com — almost identical to Guaranty’s site.
�Ditch the link and go directly to the business web site and go from there,� Tipps said. �Contact your bank anytime you get an e-mail stating you have to verify information they have. In general, and in my years in law enforcement, I've seen 'if it seems too good to be true, it probably is.' You just don't get something for nothing.�
Guaranty Bond Bank’s website has a flashing icon to a link warning people not to fall prey to scam artists phishing in e-mails. In a letter dated earlier this month, GBB notes this new round of phishing which "generally involves setting up a copy of a legitimate Web site then sending out e-mails to lure consumers to their site and requesting that they provide information such as their account numbers, passwords or Social Security numbers."
It goes on to note that parts of GBB's web site have been copied, and e-mails sent asking people to follow the hyperlink to the bogus site, where personal information is requested.
"Guaranty Bond Bank will never request that customers divulge their personal information by logging onto a separate Web site over the Internet. Consumers are advised to ignore the e-mails and delete them immediately," GBB President and CEO Ty Abston is quoted on the web site. "We already have the information we need to do business with our customers. We would advise all consumers to very cautious about sharing personal information over the Internet. This is nothing but an attempt to gain personal information from unsuspecting consumers.
The bank also noted it won't ask for personal and account information via unsolicited phone calls. GBB bank officials assure that the true bank Web site security has not been compromised, and advises them to access it directly from the web by typing www.gnty.com into their browser, not by clicking a hyperlink.
Regardless of the web site, there are a few things people can be alert for to help protect their identity and information online. Be alert to e-mails addressed to "valued customer" or "to whom it may concern." Don't click on or reply to e-mail warnings threatening closure of accounts without verifications. When receiving what appear to be phishing attempts, contact the company named by phone to alert them of the attempt. Regularly review accounts for unusual activity or discrepancies. Make sure the "lock" icon on the browser's status bar is "secure" before submitting personal information online.
To learn ways to minimize the risk of damage from identity theft, go to the Federal Trade Commission's web site: www.ftc.gov/idtheft. Any suspicious activity found on your account should be reported to the FTC. Actual spam should be sent to firstname.lastname@example.org. The FTC urges individuals who believe they've been "spammed" to file complaints at www.ftc.gov.