by Jeff Sovern
Phishing scams depend on consumers recognizing the name of an institution where they might have an account or that might possibly owe them money so the consumers will be deceived into providing personal information useful to the phishers. Consequently, I wasn't surprised recently to receive phishing emails purporting to be from Paypal, where I don't have an account, but of course many consumers do. But now the Office of the Comptroller of the Currency has issued an alert describing what sounds like a phishing scheme using its name. Probably few consumers have heard of the OCC and so we can hope that their ignorance will prevent them from falling into the trap. The use of the OCC's name suggests a different level of sophistication by phishers, but is it a higher or lower level? I wonder what other institutions will be impersonated by phishers--who seem to be identity thieves who pretend to be institutions rather than individuals.
Comments