Fake Emails purporting to be from e-gold
NEVER ACCESS YOUR E-GOLD ACCOUNT BY CLICKING A HYPERTEXT LINK IN E‑MAIL.
NEVER VIEW, OPEN, SAVE, OR RUN ANY ATTACHMENT IN E-MAIL PURPORTING TO BE FROM E‑GOLD.
There are numerous fraudulent emails in circulation spoofing e-mail addresses in the e-gold.com domain. These emails always rely on your ignorance (and inclination to trust) and frequently also appeal to fear or greed to induce or entice victims to either click a hypertext link and/or open/view/install/run an e-mail attachment.
These emails may say your account has a value limit, you have received fraudulent funds, your account will be closed for inactivity, or that e-gold is paying monthly interest payments. Alternatively, the fraudulent e-mail may instruct you to install a "Security Patch" or some other software either by opening an included e-mail attachment or by clicking a hypertext link.
Regardless of the subject matter of the fraudulent emails, they always have one thing in common: their intent is to gather pieces of information needed for a criminal to gain access to the victim's e-gold account and divert the value either via a phishing attack, a Trojan horse attack, or both.
The hypertext link in fraudulent email will appear to be to the e-gold website, but if clicked, it directs the victim to a fraudulent website, designed to ensnare the careless by mimicking the appearance of the real e-gold website. Phony login forms are used on these "phishing" websites to collect victim's e-gold account number and passphrase. If victim has disabled e-gold's AccSent protection, e-gold account number and passphrase are all the criminal needs to log in to the victim's e-gold account on the real e-gold website and divert the value.
Trojan Horse Attacks...
Counterfeit websites may also attempt to trick User into downloading a Trojan horse with the objective of gaining control of victim's computer.
The email attachment in fraudulent e-mails usually is a Trojan horse. Again, the objective of Trojan horse may be to gain control of victim's computer.
We urge Users to:
1. Never click hypertext links in HTML formatted e-mail to access your account.
2. Confirm that you are on the e-gold website before entering your e-gold passphrase into either a logon form or a payment authorization form (see note below about e-gold shopping cart interface):
• Verify the address/location/URL starts with: https://www.e-gold.com/
• Verify the site is secure (look at the SSL Lock icon at the bottom of your browser window)
• Verify that the site certificate is issued by VeriSign to www.e-gold.com
3. Never open/view/run/install an attachment in e-mail purporting to be from e-gold
4. Follow the e-gold Security Recommendations listed here.
e-gold Shopping Cart Interface (SCI)
Merchant sites using the e-gold SCI will pass you to the e-gold website at checkout to authorize payment. The e-gold SCI will pass you back to the Merchant's site after you have received confirmation of your e-gold Spend. All of the above criteria for verifying you are on the e-gold website also apply to Spends made via the e-gold SCI.
Monday, June 26, 2006
E-gold Security Alert
On E-gold site, there are explanation about fake E-gold scam-spam mails.