Warning! Phishing e-mail directed to Optimum Online Subscribers
It has come to our attention that some of our customers may have recently received an e-mail falsely representing that it was from Optimum Online, requesting customers to reply with their Optimum Online password. E-mails such as this, referred to as "phishing" e-mails, typically attempt to fraudulently acquire sensitive information, such as usernames, passwords, credit card details or other personal information, by claiming such information is required for account verification, to prevent account termination or some other course of action in connection with your account.
As a policy, Optimum Online will never contact customers via e-mail requesting personal information or passwords.
If you have already responded to an e-mail of this nature and released your Optimum Online password or other personal information, you should consider the information compromised. You may change your e-mail password online using the Optimum ID Management Center. You may also call your local Customer Support Center.
Received January 31, 2012
The e-mail's subject reads "Service Upgrade" and appears to come from "Optimum Online Technical Support firstname.lastname@example.org"
The body of the e-mail is as follows:
"Optimum Online Technical Support
Dear valued subscriber,
Your Optimum Online account is in the process of being upgraded to a new set of servers. The new servers will provide better anti-spam and anti-virus function, along with IMAP Support for mobile devices like e exchange active Sync, Smart Phone Mobile PDA-Phones and phones that Support IMAP/S to enhance service your usage in our new 4G network service.
To confirm and keep your Optimum Online account active during and after our upgrade, kindly confirming your Optimum Online account login details by stating:
* Optimum ID:
Failure to acknowledge receipt of this notification, might result to a permanent deactivation of your Optimum Online account from Optimum data base.
Your Optimum Online account shall remain active upon your confirmation of your required login details. Please take note.
Optimum Online apologize for any inconvenience caused.
Optimum Online Technical Support
© Copyright 2012 CSC Holdings, LLC."
Here are a few tips to help identify suspicious e-mails and protect your information:* Generally, if you receive a suspicious e-mail from a financial institution or online retailer, do nothing. Do not reply to the e-mail, or click on any of the links. Do not give any personal details to the sender.
* Do not provide personal information via e-mail, unless you are certain of a person's authority to have the information.
* If you get an e-mail that warns you, with little or no notice, that your account will be shut down unless you reconfirm your billing information, do not reply or click on any link in the e-mail. Instead, contact the company cited in the e-mail using a telephone number or web site address known to be genuine.
* Avoid e-mailing personal and financial information. Before submitting financial information through a web site, look for the "lock" icon on the browser's status bar. It signals that your information is secure during transmission.
* Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.
* Be suspicious of unsolicited phone calls, visits, or e-mail messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, attempt to verify his or her identity directly with the company.
* Pay attention to the URL of a web site. Malicious web sites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net). Be aware that the true URL of a link is often masked in the e-mail text, so never click on hyperlinks within e-mails. Instead, copy and paste them into the browser.
* If you're unsure whether an e-mail request is legitimate, attempt to verify it by contacting the company directly. Do not use contact information provided on a web site connected to the request; instead, check previous statements for contact information.