It's smelling phishy: More attempts to steal my data

I'm starting to think I'm a scam magnet. First, I found out that I was possibly a victim of what may be the largest data breach in history when my bank issued me a new debit card with a letter saying my account may have been compromised.

A few days later, I received a text message from mobile@bankfranklin.com. The subject was "FranklinBankSSB" and it said, "Franklin Bank temporarily locked your card. To unlock please contact us at 5123667959." I don't have an account with Franklin Bank, so I blew it off as a phishing attempt to steal my personal information. A few days later my curiosity got the best of me, especially because the area code in that number is my local one. I called to see who answered, but got a message that the number was no longer in service.

I thought this was an isolated incident, but several days later, I received an e-mail at one of my work-related e-mail addresses. It was from webadm@bankfranklin.com and the title said it was an official notification from Franklin Bank. The message said, "You have 1 new ALERT message. Please login to your Franklin Bank Online Login and visit the Message Center section in order to read the message." It gave me a link, and wanting to investigate, I clicked on it. Rather than taking me to bankfranklin.com, it took me to bakframklin.com.

My browser displayed a warning that said the site had been reported for Web forgery and was blocked. "Web forgeries are designed to trick you into revealing personal or financial information by imitating sources you may trust," it said. "Entering any information on this Web page may result in identity theft or other fraud." Some people may not be as wary about scams, so I'm glad technology is learning to recognize these things and warn people.

I did some research and there is a real Bank Franklin, and the real Web site is BankFranklin.com. I knew these messages were scams because I didn't have an account with this bank, but what if I did? I would have been a lot more likely to respond. I did some Googling and found forums populated with consumers reporting similar phishing attempts, some of whom mistakenly gave out their information.  

The real Bank Franklin has created a special page on its Web site acknowledging the phishing scams and providing samples of the e-mails (which started in October 2007). The bank also provides information on who to contact at the bank if you received a phishing attempt or were a victim of one.

Always remember that banks, especially ones you don't bank with, will never contact you and ask for personal or financial information. If you are contacted by someone who says they are with your bank and are asking for private information, hang up and call the real customer support number for your bank to verify if someone from there really was trying to contact you.