Find a Member

Internet Phishing and virtual pick-pockets; SMAR Members need to know!

Phishing is the term used to describe attempts by internet scam artists to gain access to important personal and financial information. Phishing scams usually involve an attempt to lure the victim to what appear to be a legitimate web site or web page belonging to a well-known organization. Sometimes an email form is used, or a "pop-up" window. Whichever device is used, be assured it is false--it belongs to the scam artists and will send any data you enter directly to them.

Phishing pages usually require the victim to fill in personal information for " account verification" or in order to keep an account active. The victim fills out the online form, which may ask for vital information such as account numbers, passwords, pin numbers, user identification, bank account numbers, credit card data, etc. The page and the lure that sent the victim there are all part of the phishing expedition. Virtual pick pockets send out huge emailings, and wait for the victims to respond. Once they receive the keys to the victim's account, they may be able to steal services, assume the victim's online identity, and in worst-cases, run up huge credit card charges and empty out their bank accounts. Just like being taken by a pick-pocket, the crime is long finished before the victims are aware they have been robbed.

Phishing can be conducted by phone or even door-to-door as well. Recently a man was reported to be impersonating a Maryland Sate Trooper. He has been going door-to-door soliciting donations for medivac helicopters. Another scam making the rounds is a phone call promising a long over-dur tax refund. All the recipient has to do is provide their Social Security Number to verify your identity and the money will be sent to you...or so they say!


Recent improvements in the email viruses that raid user email address books makes phishing even more difficult to detect. These viruses often copy themselves and spread by sending out false emails from every name on the infected machine's address book. You may receive emails from someone you know and trust only to find it infected with a virus. The "sender" never sent it, and the owner of the infected machine never knew it was being sent.

Chances are you may have received notification of failed email messages to people you don't know with messages you never sent--just another clue your own email address has been caught up in one of these viruses. Someone with your email address in their address book has been infected. Imagine the power of a "phishing expedition" where the email comes to the victim's computer from a well-known and trusted sender, such as MRIS support--only MRIS never sent it. There is no need to imagine--it's already happening.

You can protect yourself by staying informed. Keep aware of the latest scams--many internet sites are devoted to warning people of the latest threats. Use site names you can trust, but be sure you go to the correct site to get your information! Another threat is called hijacking--forcing your computer to go to web sites you don't intend to go to and loading your machine with malicious spy ware when it arrives. An example of this is the company that produces Norton Anti virus. They are called Symantec. Symantec has an excellent and useful site. Some false hijack sites live off of typos and misspellings. Avoid sites named Symantic, Simantech, etc., for they may do more harm than good.

Apathy and ignorance are your worst enemies. If you use both while online, you'll move right to the top of the target list. Don't trust anything without checking into it! Be suspicious and check things out before you part with any valuable information. Call the company support number directly and ask if an email from their company requesting personal data is legitimate. No legitimate bank will request sensitive data by email. Do the same for unexpected or odd-looking emails from people known to you. Don't open unexpected email attachments. KEEP YOUR ANTIVIRUS SOFTWARE UP TO DATE!!!!!!! Learn about spy ware and mal ware and what can be done to stop it, and never part with valuable personal data without some verification that the recipient is legitimate.

When doing business with SMAR, you may find any of these web addresses will direct you to our site:

http://www.somdrealtors.org
http://www.southernmarylandrealtors.com
http://www.southernmarylandrealtors.org

Once you arrive at our web site, the address may appear as numbers instead of words:

http://64.202.163.35/

Additionally, you may desire to purchase SMAR services using our store, which is found online at:

http://southernmarylandrealtors-store.org.previewyoursites.com

The SMAR Online Store is secured by a well-known and trusted firm called VeriSign (recently purchased by PayPal).

Keep this information handy and make note of other web sites where you have accounts and where you may do business. Pay close attention to the spelling and the wording of the site name. www.somdrealitors.COM is NOT the same as www.somdrealtors.com, and such a slight variation would be all that's needed for a successful phishing expedition.

Vigilance, common sense, and a healthy skepticism will help you avoid being the victim of internet phishing.

8440 Old Leonardtown Road . Suite 211
Hughesville, Maryland 20637
301-870-2323 . 301-870-2575 Fax