She gets somebody else’s eBay messages

Mikka Garcia shares her own baffling experience on cyberspace after reading how my Facebook page was “hijacked.”

 

Garcia says she has been receiving messages from eBay, through her Yahoo e-mail address, even if she does not have an account with the online shopping site, nor has she bought anything online.

 

The e-mail from eBay and the client registration ID showed that messages were for a Myah Gassman. “Based on the e-mail I received, she had purchases done and also bids for some items, specifically Victoria’s Secret items,” Garcia says. She worries that eBay will ask her to pay for those items she has not even seen.

 

I asked a tech-savvy friend to explain Garcia’s problem. He says it appears that Garcia’s Yahoo e-mail account “may have been misappropriated [and] was used to substitute another eBay account profile linked to [a client’s].”

 

He also sent tips on how to spot phishing e-mail (fake messages that aim to collect private, sensitive information from recipients). Some giveaways of fake e-mail are spelling and grammar (friends who were contacted through my “fake” Facebook page said they were alerted by the very bad English), links to e-mail addresses rather than web page, threats and dropping the name of a popular company to give it authenticity.

 

ATM safety tips

 

Amid recent reports of unauthorized access to bank accounts through cloned automated teller machine (ATM) cards, I asked my friend Mike Bernabe, head of the Bank of the Philippine Islands’ Express Teller Department, for tips on safe ATM use:

 

Check the area before using an ATM. If anyone or anything appears suspicious, leave at once.

 

Do not use ATMs that appear to have tampered card and cash slots, PIN pad and PIN shields.

 

Have your card ready when you go to an ATM.

 

Never accept help from a stranger and never count your money at the ATM.

 

Get your card and transaction slip at once.

 

Never use your birth date as your PIN (personal identification number).

 

Never divulge your PIN to anybody and never write the PIN on the card.

 

Change your PIN regularly.

 

Never use the card as collateral for a loan. (Many people now give their ATMs to informal money lenders, in lieu of postdated checks.)

 

Call and report to your bank’s call center any problem with the ATM.

 

Mike also explains ATM card skimming and PIN capturing. He says skimming captures data from the magnetic strip of an ATM card. The device used is smaller than a deck of cards and is often fastened close to or over the top of the factory-installed card reader.

 

Criminals try to acquire the card’s magnetic strip data and PIN. Once they get these, they clone the card to withdraw money from the ATM or make purchases.

 

To see if a card reader has a skimming device, the user can try shaking it loose or check inside for the small gadget.

 

PIN capturing involves attaching cameras and various other imaging devices to ATMs to capture the numbers entered by a client on the keypad. “The device may be a tiny camera installed on top of the ATM, focusing on the PIN pad… or a PIN pad overlay,” Mike says.

 

To detect an overlay over the regular PIN pad, Mike says the client can also try shaking it loose or raising the pad to see if it is removable. “Since it is an overlay, it is raised and easy to detach,” he notes.

 

Mike adds that fake keypad is thicker and is raised. Real keyboard casing is glossy and pad buttons are embossed.

 

To prevent tiny cameras, which may not be easily detectable, from capturing your PIN, Mike suggests, even though banks have installed shields, covering your hand when entering your PIN. Also, change your PIN regularly.

 

Send letters to The Consumer, Lifestyle Section, Philippine Daily Inquirer, 1098 Chino Roces Ave. cor. Mascardo and Yague Sts., 1204 Makati City; fax 8974793/94; or e-mail lbolido@inquirer.com.ph

Read more...