Fraud Alerts!

July, 2007

Suspicious e-Mails and Identity Theft

The Internal Revenue Service has issued several recent consumer warnings on the fraudulent use of the IRS name or logo by scamsters trying to gain access to consumers' financial information in order to steal their identity and assets. When identity theft takes place over the Internet, it is called phishing.

Suspicious e-Mail/Phishing

Phishing (as in "fishing for information" and "hooking" victims) is a scam where Internet fraudsters send e-mail messages to trick unsuspecting victims into revealing personal and financial information that can be used to steal the victims' identity. Current scams include phony e-mails which claim to come from the IRS and which lure the victims into the scam by telling them that they are due a tax refund.

July 17,2006

Please be alert of a new phishing attack that targets customers of the Chase Bank. Users receive a spoofed email message, which claims that the bank has detected that the account may have been accessed by an unauthorized third party. Users are instructed to click on a link contained in the email to log in to their account. They are then taken to a phishing site that requests their login ID, password, and other logon details.

Subject: Critical Information Regarding Your Credit Card

Chase.com   |   Privacy Policy

Dear Chase account holder, We recently reviewed your account, and suspect that your Chase Internet Banking account may have been accessed by an unauthorized third party. Protecting the security of your account and of the Chase Bank network is our primary concern. Therefore, as a preventative measure, we have temporarily limited access to sensitive account features. To restore your account access, please take the following steps to ensure that your account has not been compromised: 1. Login to your Chase Internet Banking account. In case you are not enrolled for Internet Banking, you will have to use your Social Security Number as both your Personal ID and Password. 2. Review your recent account history for any unauthorized withdrawals or deposits, and check your account profile to make sure not changes have been made. If any unauthorized activity has taken place on your account, report this to Chase staff immediately. Click here to activate your account (link delete) We apologize for any inconvenience this may cause, and appreciate your assistance in helping us maintain the integrity of the entire Chase system. Thank you for your prompt attention to this matter. Sincerely, The Chase Bank Team Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your Chase Bank account and choose the "Help" link in the header of any page. © 2006 JPMorgan Chase & Co.security manager Becky Draftel

July 10,2006

Telemarketing on Cellular Telephones

Please be advised that within the next three weeks cellular telephone
numbers will be released to telemarketing companies, which will commence the
receiving of unsolicited sales calls.

To prevent Telemarketing Sales Calls and to be placed on the National Do Not
Call List, call the following number from your cellular telephone;
888-382-1222.

This procedure will take less than a minute and will block your number for
(5) years.

Information is further available at _www.donotcall. gov_
( http://www.donotcal l.gov/ )

----------------------------------------------------------------------------

Websense® Security Labs(TM) has received reports that a variant of Google phishing attacks (discussed in a previous alert: http://www.websense.com/securitylabs/alerts/alert.php?AlertID=332 ) are increasing in sophistication.

Users are shown a spoofed copy of the Gmail login page with a message claiming, "You WON $500.00!" The message states that this prize money will be delivered to an e-Gold, PayPal, StormPay, or MoneyBookers account of their choice. If users select an account, they are informed that this prize money is only available to "premium members" of "Gmail Games." The page states that "Gmail Games" membership requires an $8.60 registration fee, and then asks users to pay the registration fee or forfeit the $500 prize money. Users are directed to an actual payment site to deliver the registration fee.

This phishing site is hosted in the United States and was up at the time of this alert.

Sample Email Lure:

* *You won $500! Gmail congratulates you!* *
CONGRATULATIONS!

YOU WON $500!*

Gmail gives members random cash prizes. Today, your account is randomly selected as the one of 12 top winners accounts who will get cash prizes from us. Please click the link below and follow instructions on our web site. Your money will be paid directly to your e-gold, PayPal, StormPay or MoneyBookers account.

Click here to get your prize:

<URL Removed>

Sincerely,
The Gmail.com staff
Gmail.com