Password-stealing e-mails spread

Beware any e-mail, however professional in tone, that asks for personal account information. Internet users continue to be flooded with legitimate-looking e-mails that ask recipients to enter account numbers, passwords, and other data. A new con aimed at Discover Card holders is just the latest in a long line of scam e-mails sent by con artists trying to hijack accounts at AOL, PayPal, eBay and other online firms. A flurry of e-mails sent Wednesday purported to be from Discover Financial Services. The messages told recipients that their accounts were on hold and they needed to log in with their account number and mother’s maiden name to reactivate them. The e-mail looks real, and most of its content is pulled directly from Discover’s computers. Even a suspicious recipient who looked at the e-mails source code would see a series of links to www.novusnet.com, the company’s Web site. But replies to the e-mail, including any credit card numbers, are quietly routed to a computer with an Internet address in Russia.