THE e-mail in my in-box looked official. It had the familiar E-Trade Financial logo across the top. The return e-mail address was a legitimate financial document delivery website. The e-mail informed me that my statement was now available online and that I could click a link embedded in the e-mail and log on.
The problem was the e-mail was not sent by E-Trade. It was a scam.
Clicking the link would have sent me to a site with an address that was just one letter different from the official E-Trade web address, dropping me into the clutches of someone trying to steal my account number and password and opening a whole world of personal information.
This type of scam, known as "phishing" or "spoofing," commonly targets customers of financial institutions, but it has also been used to scam customers of travel businesses.
"Anywhere [consumers] might have a stored profile might present the same risk," said Eric Olson, a vice president at Cyveillance, an Arlington, Va., company that specializes in tracking Internet risk and fraud.
It may be especially risky for the Internet-savvy frequent traveler.
"Super-platinum members of hotel chains spend a great deal of money on travel. That is a perfect target for a scammer."
Two of the largest hotel frequent-guest programs appear to have been targeted by phishers, the hotels' websites suggest: the Hilton HHonors program and the Starwood Preferred Guest program. Neither Starwood nor Hilton returned phone calls asking for comment about phishing.
Indeed, the risk to consumers is growing, according to a report by the Anti-Phishing Work Group, an industry and law enforcement group that is working to fight phishing scams.
In August, the most recent month for which data were available, the group detected 13,777 scams that targeted 84 companies and their customers.
That compares with 6,957 scams detected last October when it first began keeping data.
Financial services made up 85% of that number; retail, Internet service providers and miscellaneous other services made up the rest.
About 20% of Americans have been the target of "phishing" attacks in the last year, the group said. U.S. banks and credit card issuers report phishing cases cost them about $1.2 billion last year.
Olson described how the members of a hotel frequent-guest program were recently scammed, although he wouldn't say which company it was.
Lured to a website
