Q: Jim, are you stupid or what? Jim Fisher - Florence
A: This was a question I asked myself a while back. It was early morning when I arrived at the office and clicked the icon to check my email. Among the offers for larger body parts and weight loss remedies, there was a confirmation of a $400.00 PayPal payment that I supposedly sent to some person on EBay. Just below the very legitimate-looking confirmation was a clickable link that read “Click here to dispute this payment.”
Before I continue with my tale of horror and suspense, I reckon I ought to make sure both my readers know that PayPal (www.PayPal.com) is a method of safely and securely sending money to anyone with an email address. It is the preferred payment choice on many websites and is immensely popular with EBay users.
I buy and sell items on EBay so PayPal confirmations are a pretty common item in my Inbox. However, I was certain I never purchased a digital camera from EBay so I clicked on the link to report a fraudulent payment. The link took me to a website that looked exactly like PayPal where I entered my username and password and pressed the enter key. It took me only an instant longer to realize what an idiot I was. By then it was too late.
You see, I, Jim Fisher – formerly not-so-humble geek who’s been around computers since the stone ages and who should darn well know better -- ignorantly gave my PayPal username and password to scam artists. I was the victim of a phishing scam.
I also owe many of you an apology. You see, I have secretly made fun of some of you who fall for this kind of scam. I used to ask myself, “In this day and age, what kind of ignoramus could be dumb enough to fall for a blatant phishing scam?” Don’t answer that, I already know. After all, I’ve written about this very subject in this very column at least twice. Our banks, internet service providers and headlines in the newspaper inundate us with warnings to never give our username and password to anyone. I’ve personally received dozens of phishing emails from virtually every bank I do (and don’t) do business with. I even get PayPal scams on a regular basis. I’ve never fallen for it because I KNOW better. But for some goofy reason I let my guard down with this particular email.
It was only after I typed in my username and password, and pressed “enter” that I glanced at the address bar in my browser and noticed the address of the website I was entering was not www.PayPal.com. I immediately pulled up a separate web page, logged into my real PayPal account and changed my password before the thieves beat me to it. My account wasn’t cleaned out but I am certain it was a very close call. Had the scammer been a little faster he could have locked me out of my own account and cleaned out my entire balance of $3.35. Whew!