Money Safe

This is a new twist on the old Nigerian phishing scam. The FBI was VERY interested to hear about this one...

I had a chance to talk with some heavy hitters in the world of online security during a summit in Seattle. Website owners, law enforcement, and consumers all got together to discuss the latest trends in combating cybercrime, and the latest threats in keeping your personal information safe.

The conference organizers say that information is the key. It's getting harder to keep up with technology, so a lot of us feel overwhelmed, and tend to be a bit naive about the growing threat to our personal information online. Although I hate to toot my own horn (toot toot!), what we're doing here on this blog is so great. I'm going to keep providing you with the information, and you keep telling me what you're seeing: scams, ripoffs, fraud. Together, we'll stay one step ahead of the bad guys.

I talked with USA Today tech writer Byron Acohido at the conference. he, along with Jon Swartz have written an amazing book, "Zero Day Threat". It details how hacking has gone from a game for thrill seekers, to a new and lucrative realm of organized crime. According to a survey of 260 security experts, we can expect to see a huge increase in personal data crimes in the next several years. The experts also predict a rapid rise in debit and credit card fraud online, and funds being hijacked from online accounts.

Next week, I have a shocking story about how pervasive online fraud has become. One expert tells me that 40% of computers have been infected with malware, or have been "botted". That means that crooks have been able to hack into their system, without the user even knowing, and are connecting that zombie computer with thousands of others around the world. They are stealing data, selling data, and using data. The crooks are very saavy. They will activate your computer while you're asleep, and if you left your computer on, the crooks will then wake your computer up, and take your data, organize it, and either sell it, or maybe they will use it themselves. Maybe they will take a couple hundred bucks out of your savings account. A small enough amount that you probably won't notice it. Then they'll switch your computer off and call it a day. making thousands of transactions like these every month, you can see how online fraud has become a $100 billion a year business.

You also won't believe the sneaky ways the crooks are suckering people in to steal the information. It may make you close your online banking account.

I'm Bill Wixey, keeping your money safe.

Here's an email that I received today, and I have to say, this stuff really makes me angry.

The viewer writes:
My Grandma got ripped off by a phone scammer saying that there was a security breach at a pharmceutical company, that her information was sold and to avoid any other possible fraud activity, they were verifying their records to keep her "safe". Well, needless to say, after they verified her records, they wiped out her bank account! She has no idea how they got her bank account number and when she calls the number that they gave her, it just rings and rings with no answer. She is disabled and lives on Social Security and now has no money for anything, gas, food, personal needs, nothing! I can only help her so much myself, as I am on a limited income also. Why do they have to prey on innocent people, especially those that are elderly, disabled and on a limited income?

A couple of answers:
They target the elderly because they are susceptible. Studies show that they are more likely to fall for it. It's sad, it's unfortunate, but it's true.

The FBI says that there are a number of things to be aware of when you answer the phone, and a there's a telemarketer at the other end.

When you send money to people you do not know personally or give personal or financial information to unknown callers, you increase your chances of becoming a victim of telemarketing fraud.

Warning signs -- what a caller may tell you:

- "You must act 'now' or the offer won't be good."
- "You've won a 'free' gift, vacation, or prize." But you have to pay for "postage and handling" or other charges.
- "You must send money, give a credit card or bank account number, or have a check picked up by courier." You may hear this before you have had a chance to consider the offer carefully.
- "You don't need to check out the company with anyone." The callers say you do not need to speak to anyone including your family, lawyer, accountant, local Better Business Bureau, or consumer protection agency.
- "You don't need any written information about their company or their references."
- "You can't afford to miss this 'high-profit, no-risk' offer."

If you hear these--or similar--"lines" from a telephone salesperson, just say "no thank you," and hang up the phone.

Some Tips to Avoid Telemarketing Fraud:
-It's very difficult to get your money back if you've been cheated over the phone. Before you buy anything by telephone, remember:
-Don't buy from an unfamiliar company. Legitimate businesses understand that you want more information about their company and are happy to comply.
-Always ask for and wait until you receive written material about any offer or charity. If you get brochures about costly investments, ask someone whose financial advice you trust to review them. But, unfortunately, beware -- not everything written down is true.
-Always check out unfamiliar companies with your local consumer protection agency, Better Business Bureau, state Attorney General, the National Fraud Information Center, or other watchdog groups. Unfortunately, not all bad businesses can be identified through these organizations.
-Obtain a salesperson's name, business identity, telephone number, street address, mailing address, and business license number before you transact business. Some con artists give out false names, telephone numbers, addresses, and business license numbers. Verify the accuracy of these items.
-Before you give money to a charity or make an investment, find out what percentage of the money is paid in commissions and what percentage actually goes to the charity or investment.
-Before you send money, ask yourself a simple question. "What guarantee do I really have that this solicitor will use my money in the manner we agreed upon?"
You must not be asked to pay in advance for services. Pay services only after they are delivered.
-Some con artists will send a messenger to your home to pick up money, claiming it is part of their service to you. In reality, they are taking your money without leaving any trace of who they are or where they can be reached.
-Always take your time making a decision. Legitimate companies won't pressure you to make a snap decision.
-Don't pay for a "free prize." If a caller tells you the payment is for taxes, he or she is violating federal law.
-Before you receive your next sales pitch, decide what your limits are -- the kinds of financial information you will and won't give out on the telephone.
-It's never rude to wait and think about an offer. Be sure to talk over big investments offered by telephone salespeople with a trusted friend, family member, or financial advisor.
-Never respond to an offer you don't understand thoroughly.
-Never send money or give out personal information such as credit card numbers and expiration dates, bank account numbers, dates of birth, or social security numbers to unfamiliar companies or unknown persons.
-Your personal information is often brokered to telemarketers through third parties.
-If you have information about a fraud report it to state, local, or federal law enforcement agencies.

I'm Bill Wixey, keeping your money safe.

At the recent AOTA conference, I chatted with Byron Acohido, a Seattle-based tech writer for USA Today. He and Jon Swartz have written a book called "Zero Day Threat", which means "a hazard so new that no viable protection against it yet exists."

Cybercrime is such a hazard. It's $100 billion a year industry, and growing quickly.
Acohido tells me that 40% of the personal computers in this country have been hacked, and are now "zombies" or "bots", that steal data, and use data. In other words FORTY PERCENT of the computer users in this country have been hacked, and are "in play", shelling out personal information, and emptying bank accounts like an ATM.

That's what happened to "Dottie". She tells me that her computer had been botted, and she had no idea until the FBI broke down her front door and seized her computer. Her computer's ISP was being used to make credit card purchases, on another person's card, which the Cybercrooks stole from another man's computer. The Feds tracked that ring down in Russia, but it took "Dottie" months of hassle to clear her name.

Experts at Microsoft offer some strategies on how to tell if your computer is a "bot" or a "zombie":

• Your computer runs more slowly than normal

• Your computer stops responding or locks up often

• Your computer crashes and restarts every few minutes

• Your computer restarts on its own and then fails to run normally

• Applications on your computer don't work correctly

• Disks or disk drives are inaccessible

• You can't print correctly

• You see unusual error messages

• You see distorted menus and dialog boxes

These viruses usually do not disable your computer, because zombie computers must be plugged in and connected to the Internet in order for the botnet to work.

You can get a free virus scan with the Windows Live OneCare safety scanner. If you want continuous protection, you should use antivirus software such as Windows Live OneCare, which is free for 90 days.

If your computer shows symptoms of virus infection, first make sure that the software on your computer is up to date. Then run the Microsoft Malicious Software Removal Tool. The Malicious Software Removal Tool checks computers running Windows Vista, Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software and helps remove any infection found.

5 ways to help keep your computer from becoming a zombie

1. Never open an attachment in an e-mail, instant , or mobile message unless you know exactly what the attachment is, even if it's from someone that you know. Attachments can contain e-mail viruses.

2. Use an Internet firewall.

3. Stay up to date. Visit Microsoft Update and turn on Automatic Updates.

4. Subscribe to industry standard antivirus software and antispyware software, and keep them current. Microsoft offers Windows Live OneCare, which is free for 90 days and Windows Defender. Windows Defender comes with Windows Vista. If you use Windows XP SP2, you can download Windows Defender for no charge.

5. Use licensed software products. Botnets are often comprised mostly of computers that run illegally copied versions of operating system and productivity software. Unlicensed software can be more susceptible to viruses, and can even come with viruses already installed without your knowledge.

Has your computer been compromised? Know of a scam or a ripoff here in the Puget Sound area? Shoot me a line and tell me about it.

I'm Bill Wixey, keeping your money safe.

A viewer, Joe, writes in:

Hello! Thanks for the article on "Is Your Computer Safe" ... however, you make no mention of computers NOT running Window$. How do the rest of us (running Macs, etc) see if we're affected?

Joe
Kirkland

A good point. The experts at PC World weigh in:

You can't easily tell if your PC has been zombified. The usual malware warning signs - computer slowdowns, odd behaviour - apply to zombies, though they could easily be signs of lesser problems. Watch your firewall software for strange outgoing traffic. Run multiple online virus scanners (browse to How Can I Tell If My PC Has Caught a Virus? for details). Also check out Symantec's free Norton AntiBot Beta, which specifically looks for bot infections. Still, don't consider yourself safe in the event that AntiBot doesn't turn anything up.

Some zombie or bot software can hide itself from virus and malware scanners by installing a rootkit. Free rootkit-revealing software such as Sophos Anti-Rootkit and Sysinternals' RootkitRevealer can help, err, root those infections out.

Though your ISP can identify zombies among its clientele, that doesn't necessarily mean you can contact the company's support staff and reach someone who knows what you're talking about.

I got mixed results with my own ISP. When I phoned tech support, I reached someone who'd never heard of a zombie. An email query yielded another ignorant reaction, but a forceful rejoinder from me produced a useful-sounding letter promising to inform me of any suspicious behavior.

Unfortunately, according to Trend Micro network architect Paul Ferguson, it's not in ISPs' economic interest to be especially diligent or helpful about this. "The vast majority do nothing at all," he warned me.
If email bounces back to you with a message that you've been blocked, your address may be on a spam blacklist - most likely as a result of being zombified. More than 100 such blacklists exist, and many ISPs use one or more of them to block the IP addresses of known spammers. If you're on one or two such lists, most of your mail will get through, but some will not.

Even if your email isn't bouncing, it's a good idea to find out whether you've been blacklisted. First, go to http://checkip.dyndns.org/ To view the IP address you send out to the world--probably your router's. Select the displayed address and choose Edit, Copy to copy it to your clipboard.

There are several blacklist reporting sites. My favorite is Robtex. Paste your IP address into the only field on the page, and click Go. Robtex will list a great many blacklist sites. If any of them are red, you've got a problem. Use the list's contact information to find out why you're on that list and how to get off of it.
Finally, remember that prevention is the best medicine. Keep Windows and your antivirus, firewall, and other security measures.

I'm Bill Wixey, keeping your money safe.

I recieved a lot of mail about the recent story on Online Security. It's good to see that some of our viewers have heeded the warning, and are taking precautions to keep their money safe.

Susan writes in:

"Hi Bill: we miss you in the mornings. Enjoyed your piece today on the computer risks associated with online banking and other transactions. Inspired us to run full scans on all our computers, and check our security settings. All is well but your advice has been taken to heart here. Thanks for the great work.

Susan"

Knowledge is power in avoiding scams and ripoffs. I am contacted daily by viewers who tell me their experience with ripoff artists. Here are a few that I've received this week.

Gerri writes in:
"Hi Bill - just today we received an e-mail from "citi". It was a Security Alert saying our account had been blocked due to 3 failed login attempts. Then it said "To unlock your account, please Your Account" which I think was supposed to say please click on your account. We do not have an account with City Bank. We deleted the e-mail but it makes me very nervous."

Gerri, Renton

Dear Gerri:

Good for you in realizing right away that this is a scam. These crooks are sending out phishing emails like this, hoping that it will convincing enough to make you enter in your personal information. It seemed fishy to you because you don't have account with Citi. They will pick a major bank that millions of people DO have an account with, knowing that it could seem real to many of those customers. You would be surprised how many people just go ahead and fill in all of the blanks, giving out their bank account number and social security number. I received another scam email from another viewer this week purporting to be from Bank of America, with a return address of 'boa@gmail.com', saying that the account had been accessed by many computers, and they needed to confirm the account information. Your bank will not contact you by email. If you receive an email like this, DO NOT click on the link. If you are concerned about your account, contact your bank, but don't respond to these emails.

Hi Bill,
My name is Randi, and I received a piece of mail from Canada with a check for $3,825.00. When I first saw the check I couldn't believe it. The envelope from which I took the check from said Canada, however the check said Price, Utah and the letter I received said Trenton, NJ. What country or state is it really from?? The letter stated that I was selected to be a Mystery Shopper and shop for a part-time job for certain locations like, WalMart, Home Depot, J.C. Penny, Best Western Hotel, Days Inn, Western Union, and Money Gram. So I thought "WOW I get to do my favorite thing, SHOPPING!!" My boyfriend knew at that very moment that this just some person who is trying to steal my money. THIS WAS A SCAM!! There is a number on the bottom of the letter, my boyfriend called the number and got ahold of a REAL person. After my boyfriend told the man on the other side of the line that his "girlfriend" got a check and letter from BMA Monitoring and Research Group, the man on the other side of the line started to ask for me. My boyfriend gave me the phone, the man said, "just fill out the acceptance form, fax it to the number at the top, and deposit the check directly into your account." I told him that "on the letter it says Required funds to be sent is $3,150.00 and I'm not sending you a thing, I didn't sign up for anything" and of course to no suprise to me, he hung up on me. I smiled, looked at my boyfriend and said "it's definitely a scam". Can you please check this out for me, for the sake of everybody. I didn't deposit the check in my account, but people might not realize this is a scam, which could cost them a large amount of money they may not have. The economy is having a hard time, and these people are trying to make it worse for the american people.
Thanks,
Randi

Randi:
We've seen a lot of these fake check/ lottery scams around here. There's a story here on the blog entitled "Fake Check Scams', which is worth checking out.

Paul writes in:

"Here's what I believe is a scam for you (ha ha like I would actually fall for something so blatantly fishy):
This is the information contained in the email I received:
FROM THE DESK OF:
Brian Rooney
Independent Consultant,
Agricultural Research Institute of Northern Ireland Hillsborough, Ireland BT26 6DR ( 447)031915763

NOTICE!!!
Please permit me to write you irrespective of the fact we have not met before. I got your contact through network online hence I decided to write you. I would be very interested in offering you a part-time paying job in which you could earn a lot.Before I go further, I'll like to give you a brief profile about myself.

My name is Brian Rooney. I'm 35 years of age man married with 3 kids (a lovely girl and 2 boys). Due to the nature of my work, I travel alot. But my Family resides in Dublin, Ireland. I just resigned my job as a research scientist for ARINI (Agricultural Research Institute of Northern Ireland but I still work as a freelance consultant for the institute which gives me very much time to do my own work which is basically being a freelance researcher who could be employed by research institutes/private organizations to do research projects anywhere in the world.Presently, I have just been granted a funding to head a research project in the tropical regions of West Africa regarding local plant species useful for fabric production and this would be commencing very soon.

This research program will be funded and sponsored by some of my American counterparts.But the only set back is that the American counterparts want to make payments for the research in form of US money orders / cashier's check only. And its a known fact that money in such forms cant be cashed outside the US.Getting an accountant in the states or opening an account would have been my best choice but I have a deadline to meet and taking any of those choices would cost me time and a whole lot of other requirements,which I am not ready to deal with. There is where I need your assistance and service.
WHAT I NEED YOU FOR!
-------------------
At this point, I will be glad if you could work with me as my representative in the US. You will be working as my payment assistant in charge of collecting and processing the payments from the Associates.Since they will be making the payment in Money orders /checks made payable only in the US, you will be collecting this payments, cash them at your bank, you'll be forwarding them via Western Union or Money Gram.And for this service, I agree to pay you 10% off each amount you collect from the Associates.

JOB DESCRIPTION?
-----------------
1. Receive payment (in form of money orders/checks) from My Clients/Associates.
2. Cash the Payments at your Bank
3. Deduct 10%, which will be your percentage/pay on Payment processed.
4. You will then forward the balance via Money Gram or Western Union Money Transfer according to my instruction.

HOW MUCH WILL YOU EARN?
----------------------
10% from each operation! For instance: you receive 6000 USD via checks or money orders on my behalf. You will cash the payment and keep 10% to yourself before forwarding the balance! At the beginning your commission will equal 10%, though later it will increase up to 12%! For the research,I am expecting about the sum of $40000 in total from the clients (though the money will be sent in bits). You could make over $4000 for the little time we will be working together.

ADVANTAGES?
----------
You don't have to go out of your present daily activity in order to engage in this Job (i.e. you can do this Work easily without leaving or affecting your present Job). You will work as an independent contractor right from your home /office. Your job is absolutely legal. You do not need any capital to start (non of your personal funds is needed).

REQUIREMENTS?
--------------
18 years or older.
Legally capable.
Responsible, Reliable and Trustworthy
Ready to work 3-4 hours per week.
Able to check and respond to emails often.
Easy telephone access.
IS THIS LEGAL?
--------------
Yes it is. As a matter of fact, my lawyer checked all legal provisions to know if there is any domestic or international law against businesses or deals in this manner. And he said its allowed by all LAWS. So know that doing this work is safe and legitimate.Guess all is well understood,I would be glad if you accept my proposal.Mail me if you are interested. Please reply with the details stated below, by sending your information to comod5@live: Please note note that if you are interested in this job, before replying to this message, kindly add me to your address book so that any other email that I send to you does not go into the bulk or junk mail folder. THIS IS VERY IMPORTANT.
E-mail: comod5@live.com
FIRST NAME:
LAST NAME:
ADDRESS:
CITY:
STATE:
ZIP CODE:
COUNTRY:
PHONE NUMBER: (Mandatory)
GENDER:
MARITAL STATUS:
AGE:
NATIONALITY:
OCCUPATION/POSITION:

PS: Do not provide a P.O box address. A physical address is needed for delivery.

Thank You & God Bless,
Regards,
Brian Rooney.

it came for email address (or what shows in the email address line):
Commodities Trading cO

not sure but almost sounds like it might be involved with money laundering or possible terrorist funding...
**P.S. - Q13 is the only news station I watch and You are one of my and my wife's favorites Cordially, Paul Brown"

Paul:

As you so eloquently put it, It is a "blatantly fishy" scheme, and you are right to question it. I mean, if you had this great business going, would you be randomly emailing people to get them to join in? What kind of recruiter does that? This is a scam along with the "Sob Story Scams", which we have featured previosuly. You get a story about how they have inherited millions, or need thousands for a desperate operation. You have to wonder, why are they contacting you, a complete stranger, for help?

Keep 'em coming.

I have more viewer feedback coming your way soon.

I'm Bill Wixey, keeping your money safe.

Some of the email scams that viewers are forwarding to me are downright frightening.
Check this out:

If somebody is threatening you bodily harm in an email, forward it to the authorities, and then delete it.

And by the way, here's another--and more hastily prepared-- version of that FBI scam email that's making the rounds.

Holly writes in:

"Hi Bill...big fan, anyway thought this email scam was interesting:
Anti-Terrorist and Monitory Crimes Division.
Federal Bureau Of Investigation.
J. Edgar. Hoover Building Washington D.C

Attn: Beneficiary,



This is to Officially inform you that it has come to our notice and we have thoroughly Investigated by the help of our Intelligence Monitoring Network System that you are having an illegal Transaction with Imposters claiming to be Prof. Charles C. Soludo of the Central Bank Of Nigeria, Mr. Patrick Aziza, Mr Frank Nweke, none officials of Oceanic Bank, none officials of Zenith Bank and imposter claiming to be the Federal Bureau Of Investigation. During our Investigation, it came to our notice that the reason why you have not received your payment is because you have not fulfill your Financial Obligation giving to you in respect of your Contract/Inheritance Payment.
So therefore, we have contacted the Federal Ministry Of Finance on your behalf and they have brought a solution to your problem by arranging your payment in total of US$800,000.00 in an ATM CARD which you will use to withdraw money in anywhere of the world. You now have the lawful right to claim your fund in the ATM CARD.


Since the Federal Bureau of Investigation is involved in this transaction, all you did have to do is to be rest assured for this is 100% risk free because it is our right to protect the American Citizens. All I did want you to do is proceed and contact the ATM CARD CENTER via email for their requirements to proceed and procure your Approval Slip on your behalf which will cost you $200.00 only and note that your Approval Slip contains details of your PERSONAL IDENTIFICATION NUMBER (PIN) which you will use in activating your ATM CARD in any ATM MACHINE.


CONTACT INFORMATION


NAME: MR. PAUL SMITH


EMAIL: atm.card.center303@live.com


Do contact Mr. Paul Smith of the ATM CARD CENTRE with your full name, home address, mobile telephone number, home telephone number or work telephone number and bank name so your files would be updated after which he will send the payment informations to you which you will use in making payment of $200.00 via Western Union Money Transfer or Money Gram for the procurement of your Approval Slip after which the delivery of your ATM CARD will be effected to your designated home address without any further delay.


We order you get back to this office after you open contact with the ATM SWIFT CARD CENTRE and we do await your response so we can move on with our Investigation and make sure your ATM SWIFT CARD gets to you.


Thanks and hope to read from you soon.


FBI Director

Robert Mueller



Note: Do disregard any email you get from any imposter or office claiming to be in possesion of your ATM CARD, you are adviced only to be in contact with Mr. Paul Smith of the ATM CARD CENTRE who is the rightful person you are suppose to deal with in regards your ATM CARD PAYMENT and forward any email you get from imposters to this office so we could act upon and commence investigation.

thanks for all your hard work to keep our "money safe."
Holly N.

The greatest weapon in the fight against high gas prices may be your right foot.

How you drive can dramatically change your car's fuel economy. There are some drivers, who coast wherever possible, draft behind larger vehicles and drive slowly on the freeway with their windows rolled up and their air conditioning off.

Some people call them weird. Some would call them penny pinchers. Others call them geniuses. They would much prefer to be called "Hypermilers". They routinely get about 100 miles a gallon. It's a little extreme, but it is the latest trend in saving money on gas, and we can all learn a few things about saving money on gas by following their example.

Here's some more information on hypermiling: http://www.hypermiling.com/

By the way, the local Bucati motorcycle dealership lists the average gas price every day outside their store on Westlake. At 4.38 a gallon today, that's a pretty compelling selling point for their scooters, which get about 100 miles a gallon. The manager, David Roosevelt, tells me that sales of scooters are up more than 100% this year compared to last.

--Bill Wixey

Shannel writes in:

Hi Bill. I've enjoyed your Moneysafe bit since you began doing it. While I'm quick with the "Mark As Spam" button, I know there are plenty of other people out there who actually fall for some of these scams. Here is a scary one I got just yesterday:

Get 2008 Economic Stimulus Refund ( $1800 )

Over 130 million Americans will receive refunds as part of President Bush program to jumpstart the economy.

Our records indicate that you are qualified to receive the
2008 Economic Stimulus Refund.

The fastest and easiest way to receive your refund is by direct deposit to your checking/savings account.

Please click on the link and fill out the form and submit before June 26th, 2008 to ensure that your refund will be processed as soon as possible.

Submitting your form on June 26th, 2008 or later means that your refund will be delayed due to the volume of requests we anticipate for the Economic Stimulus Refund.

To access Economic Stimulus Refund, please click here.

Thanks Shannel.

As I reported a few months back, a slew of scammers are trying to capitalize on the IRS stimulus checks, trying to get people to click on their fradulent site, in hopes that they can steal your personal information and/or drain your bank account. If you get an email like this,
just delete it.

Here's another one sent in by a viewer:

* Dear Member:

Thank you for choosing AT&T TM. Unfortunately there was a problem processing your billing information for the month of June, 2008. Soon we are upgrading some of our servers in our data base for new service for our customers. Our number of clients has been increasing rapidly last month and because of that it is necessary for addidtional database servers, where some of our clients are going to get moved. We require all moved accounts to verify their information on file with us. To verify your billing at this time, please visit our secure server webform by clicking the hyperlink below:

https://www.att.net/newdatabase/myaccount

If you choose to ignore our request, you leave us no choice but to temporary suspend your account.
Thank You for using AT&TTM
We appreciate your business and hope to keep you as a customer for life.
We apologize for any inconvenience. AT&TTM Online is so easy; no wonder it's number one !

Sincerely,
The AT&T Billing ServicesTM

I actually received one of these at the office here, and had to laugh a little bit. The one I received was supposedly from Bank of America, but I don't have an account there. You may ask, "How did they know that I had an account with AT&T?" Well, they don't. That's why t5hey call it "phishing". They're casting out with this bait, trying to appeal to as many potential victims as possible, and then once they have a few hooked, they'll shut the site down, usually within just a matter of days. If you get emails like this, don't click on the attachment. Once you do, your computer could get infected with "keystroke-logger" techonology that will actually record every keystroke you make. Once they've infected your computer with that kind of malware, they are just waiting for you to enter some personal information, and then they've got you.

Here are some anti-phishing resources, with some good information on who you can forward your phishing emails to:

FEDERAL TRADE COMMISSION

http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtm

ANTIPHISHING.ORG

http://www.antiphishing.org/

I'm Bill Wixey, keeping your money safe.