RIP-OFF ALERT: You've heard of phishing, right? That's where you get those scam e-mails purporting to be from your bank or other financial institution. Now there's a new phenomenon called "whaling." According to CNET.com, top corporate executives and business owners have been getting e-mails alerting them to a bogus U.S. District Court subpoena. When you click on the link in the e-mail, you're taken to what looks like a real subpoena. But it's not, and it loads a key-logger virus onto your computer. The key-logger captures all your account numbers and passwords, and it even alerts the criminals when you log on to your bank or brokerage account. The criminals then sign in, change your password and steal your money.

Phishing is targeted at the general public. But whaling only targets the big fish in corporate America or small business owners, hence the name. It's been estimated that 2,000 people have fallen prey so far to whaling. If you're among them, here's what you need to do: Run an anti-virus program on your computer to remove the key-logger. Clark has a couple of suggestions for spyware blockers that you might want to check out. Then change all your passwords at your bank or brokerage house.

RIP-OFF ALERT: File this one in the "News of the Weird" bin. An Internet-based virtual world called Second Life has spawned rip-off artists who scam users out of very real money. Second Life is a virtual community where you create a new you and live out a second identity in a digital world. Scammers got into Second Life and set up a virtual bank. But it's not real, right? Well, here's the rub: They got people to deposit real money with the promise of large returns. The Chicago Tribune reports the scammers made off with $75K.

This whole strange episode is an early warning signal that even in your play area on the 'Net there are people who aren't playing at all. Folks are more likely to let their guard down in Second Life. But this is no different than going on vacation and getting your wallet or camera stolen because you didn't safeguard it. Clark also says to be wary anytime you're promised huge returns; it could be a classic Ponzi scheme. Beware when words like "guaranteed" are thrown around. The only thing that's guaranteed is that your wallet will get burned. Meanwhile, the Better Business Bureau has put out an alert that's particularly timely: As people have financial hiccups because of the slowing economy, they're more likely to be susceptible to a variety of "Get Rich Quick" schemes. For example, Clark recently took 2 calls on currency exchange scams. Be sure to avoid this one.

Clark wants to warn you about a new e-mail scam making the rounds. Criminals have been gaining access to e-mail contact lists and sweeping out all the addresses. They then send out a very distressed note in your name to every contact on your list. The e-mail will claim that you're in financial, legal or medical trouble and that you desperately need money right away. The criminals hope that even one or two of your closest friends will respond with an offer of funds. Public e-mail services such as Yahoo! have been hit by this scam, according to The New York Times. Sometimes the criminals will even change your password while they're in your account. At that point, it can be very difficult to reclaim your e-mail address. So if you get a suspicious e-mail from a relative or friend, call them first and find out what's going on before you give them your money. On a related note, there's now a $5 security key that really helps secure your PayPal account. The key generates a random code every 30 seconds that you must use to access your account. Even if a thief has your e-mail address and password, they still won't be able to get in without the code. These kinds of security keys have become so inexpensive yet so invaluable. Clark hopes that brokerage houses and banks will soon be offering these devices to customers.

Have you heard of Hannah Montana? No doubt you can answer affirmatively if you're a parent with a young child or teen. Montana is a teen actress/musician with her own Disney show. She is also the daughter of country star Billy Ray Cyrus. In addition to her TV career, Montana performs her music live around the country. Her shows are a very hot ticket for those in the "tween" age group. There's been a big brouhaha over ticketing for Montana's recent concert dates. Unfortunately, scalpers were able to use software to fool Ticketmaster into selling them all available tickets online. Parents who wanted to take their children to see Montana perform had to go through scalpers to get tickets. Now a federal judge has issued an injunction making it illegal to use the software. This is just one indication of how the ticket market is in turmoil. Another example comes from the world of sports tickets sales. The New England Patriots recently filed suit against their season ticket holders who used StubHub to sell tickets for games they weren't able to attend. The Patriots instead wanted season ticket holders to use their team's monopoly website to resell tickets. The court ruled that StubHub had to disclose the names of all buyers and sellers, and the team is penalizing sellers by taking away their season passes! How unfair is that?

Sometimes people call in to the show and complain about having credit cards with interest rates of 28 or 30 percent. But that pales in comparison to something Clark recently heard about. The Kansas City Star reports that some online lenders make loans in the amount of $500-$2,500 dollars at 650 percent interest! These people are loan sharks and they're spreading like locusts because of the Internet -- even in states that don't permit lending of this type. But these lenders are still making illegal loans across state lines. The people who make these loans are complete and total scum, according to Clark. These lenders say they're taking on big risk by lending to people with bad credit or no credit. They're also arguing in various federal courts that they are not subject to the state laws where they're lending, but rather only in the states where they're set up. That's the same deal with the credit card companies. Many years ago the Supreme Court ruled it is legal for a bank to set up its credit card operation in a state where there are no rules. That's why so many credit cards are based in South Dakota or Delaware. So now these scum Internet lenders are invoking these rights too. Will it fly? This will ultimately be decided as it works its way through higher courts. All you need to know is that when you see an Internet loan offer, you must turn your back on it. Don't take hard times in your life and make them worse.

Earlier this week, Clark told you about a security breach at Monster.com where hackers stole the names, addresses, phone numbers and e-mail addresses of 1.3 million people. There have been so many breaches over the years that we're almost numb to news about them. But now there's reason to believe that the Monster breach could affect more than just a million people. Nobody knows the exact number -- it's just larger than previously thought. So if you've ever posted your information on Monster.com, you need to be aware that criminals are calling people up and pretending to be potential employers or banks to get additional personal information. Once they get your additional info, they have all they need to take your identity or empty your bank account. You should only divulge sensitive information in person at a potential place of employment or a bank. The web is too anonymous and dangerous of a place to share your info via e-mail.

Last spring just around tax time, Clark started hearing about a lot of people who received an e-mail scam that appeared to be from the IRS. Now the same scam has resurfaced. Here's how it works: You get an e-mail that appears to be from the IRS saying they owe you small refund usually around $139.50. The e-mail is branded with the IRS logo and looks legit. It originates from an address that ends in .us, which most people think is a sign of authenticity. A .us domain name, however, is the same as a .com. The real IRS website is a .gov, since it's a government organization. The bogus e-mail explains that the money will be deposited into your account -- provided that you send your account number and secret access code. If you comply, your account will be cleaned out by cyber criminals. Know that the IRS will never ask you for your banking info in an e-mail. Meanwhile, there's a similar scam circulating that appears to be coming from Coca-Cola. This one isn't legit either, so watch out!

Job seekers who entered their information in the Monster.com database may be at risk of identity theft following a massive security breach at the company. Identity thieves managed to steal the names, addresses, phone numbers and e-mail addresses of 1.3 million people. So beware if someone claiming to be an employer calls or e-mails asking to screen you as a potential employee. If they're an identity thief targeting you, they may ask you to divulge your social security number, mother's maiden name or place of birth. These are some of the remaining key pieces of info they'd need to steal your identity. If you think you've already been targeted or may be in the future, you're best option is to do a credit freeze. Consumersunion.org offers a comprehensive list of states that have credit freeze laws on the books. If you're already a victim, it's free to do a credit freeze. But you may have to pay some nuisance fees if you just want to do a freeze as a preventative measure. Right now 10 million people have their identity stolen each year. So why is there no national credit freeze law? The problem is that Congress is in cahoots with bank lobbyists who want to repel all freeze laws -- even those on the state level. We'll keep you posted...

If you have kids, you probably know that Facebook is big among teens. This social networking site is becoming one of the main ways that young people communicate with each other online. But the problem is that if you want to use Facebook, you have to list info about yourself on a public page. This makes you a target for identity theft. A recent study found that nearly 50 percent of Facebook users put enough info -- things like birth date, hometown, family information and more -- to aid ID thieves. Kids don't understand the risks inherent in using some of this new social networking technology. It should be up to parents to educate themselves so they can have an intelligent discussion with their kids about the issue. Clark advises parents to sign up for their own accounts and figure out how these things work so they can safeguard their kids.

Have you been receiving phony e-greeting cards in your inbox lately? If you open these, you might get spyware and others kinds of malware on your computer. Clark is really upset about this trend because e-greeting cards should be a pleasant thing. Unfortunately, something so innocent has been corrupted. The latest incarnation in this rip-off scheme works in the following way: Criminals send out bogus e-greeting cards and if you open it, you download a program that steals e-mail addresses from your contacts list. Once the criminals have those e-mail addresses, they send out another fake e-greeting that appears to be coming from you, staring the cycle all over again. The worst part is that when you opened the initial e-greeting, you probably also unknowingly downloaded a key logger program. This program tracks every key you type, including usernames and passwords for your bank, brokerage or mutual fund accounts. Under the law, you are protected if money is stolen from your bank account, but not from your brokerage or mutual fund account. Some brokers have issued their own policies that allow for customer protection. But the bottom line is that you must run anti-virus and anti-spyware software on your computer. Clark likes Spybot - Search and Destroy, a free program that will eliminate key loggers and other spyware on your system. Hopefully the legitimate e-greeting businesses will find a way to regulate their industry so people can again have faith in their products.

Through the years, some con artists have gotten rich by selling people swamp land in Florida. They were really selling people a dream, and they found a way to get them to suspend belief and buy the land without seeing it. The new equivalent of swampland in Florida is desert land in Utah. The New York Times reports that charges will be filed against cons who sold parcels in Utah over the phone and Internet to people in the United States, Europe and Australia. The land was supposedly adjacent to a very metropolitan city. But when people would go to Utah to see their new homestead, they'd find that the city didn't even exist! Worse still, the land they'd purchased could not be developed.

This new twist on the old rip-off scheme started when cons learned about a Utah land rush and bought up property that couldn't be developed. Then they subdivided the land and sold five-acre spreads to rip people off. Clark has two simple rules to follow when buying land. First, never buy property without first seeing it. Second, make sure the land has water rights or it's going to be useless to you. This second caveat is especially important if you're buying in one of the mountain states. The New York Times article was cute in a way, according to Clark. They sent a reporter to find one of these "conveniently located" parcels in Utah. The reporter got to the location -- some 150 miles away from Brigham City -- and found an area where the only inhabitants were a snake, a beetle and a lot of large ants! Let the buyer beware!

Did you know that if a criminal gets your credit card number, they can show their "generosity" by donating money to charity using your credit card? Why are criminals doing this? This is happening because the charities will let the criminal know if the card is verified and still active. More importantly, it's a great way for criminals to test if the card will be reported stolen, according to a story Clark read in Newsday. Criminals can then sell your verified card number for three times the value of an unverified card! If someone steals an unverified number, it's worth $6; if it is verified, it sells for $18. The Red Cross has reported 700 fraudulent donations using stolen cards last month alone! Therefore, if you see a small unauthorized charity donation on your bill, be alert. Clark says the solution to this problem is so easy. The credit card companies should do what is done in Europe by inserting a smart chip in the card which requires a secret code. So even if someone steals your card, if they don’t know your code the card can’t be used. The result in Europe is that credit card fraud is nowhere near the problem it is in the United States. So why are we still using '60s technology to print out credit cards here? It seems like the banks would rather deal with the fraud that occurs and then clean up the mess after the fact, rather than spend the money proactively to get things done right in the first place.

IRS representatives have put out an even more urgent warning about the fake e-mails supposedly coming from its agency. In February, there were 12 phony e-mails circulating. Now, there are 64 e-mails circulating. So, it’s clearly working on some people. The e-mails claim the IRS needs information from you. After getting your social security number, your name and maybe even your credit card number, the criminals take over your account. Sometimes they take over your identity, which is much worse. The IRS would never send out an e-mail asking you to send your personal and financial information in an e-mail message. So what can you do if you’ve responded? First contact your credit card company and file a police report regarding the possible identity theft. Also, add fraud alerts on your credit report and, if possible, freeze your credit file. That way the criminal will not be able to create accounts under your name.

Clark has heard quite a bit from listeners recently about “deferred rebates.” With these rebates, you supposedly buy items from retailers for a higher price than they’re worth and down the road you get a full refund. Typically, it’s online sellers who jack up prices and they go bust before people get their money. The worst example was a woman who had spent $27,000 on overpriced products only to learn the company went bust. Now, there is a new twist on it that ensnares business owners. According to the Boston Globe, these deferred rebate companies have been going to retailers in New England and asking for a portion of their sales in exchange for refunds down the road. One of the companies was “Cash Back America,” and it hooked retailers by claiming they could boost their profits. So, if you are a retailer and you sell a customer an item for $1,000. The retailer then pays Cash Back America $135 or 13 percent in exchange for the promise that the customer will get a full refund three years from now. But there are all kinds of rules and requirements that ultimately invalidate your rebate. One of them is keeping an electronic calendar telling you when you get your refund. How ridiculous is that? Well, people buy in because they want a deal. If it sounds too good to be true, it usually is.

Have you gotten an e-mail about a problem with mailing your tax return? If so, trash it and warn your friends. The e-mail supposedly comes from the IRS, but the IRS does not communicate with people via e-mail. It’s a scam. Someone is trying to rip you off. Also, the IRS wants to remind people who didn’t file a return in 2003 may be owed money. Those people can now can file a tax return for 2003 up until April 17 and get back the money they’ve been owed.

Clark wants you to be aware of a dangerous, new phishing scam out there that purports to be from the National Credit Union Administration. It targets people who are members of credit unions and it looks very official. Not only are the graphics very real looking, but the link in the e-mail looks real too. You never want to update your information or your accounts through an e-mail. Always go to the Web site itself or call the organization.

Clark has gotten a steady increase in calls from people who think they’ve won the lottery. This hoax is so bad right now that The Dallas Morning News has a story about the “Unlucky Seven” worst scams out there, and lotteries are – without a doubt – No. 1. Spain, Germany and Holland are just three of the countries that supposedly have lotteries. An 86-year-old woman featured in the story ended up giving more than $88,000 to these crooks. She was told upfront she needed to cover “administrative costs.” Then, each time, it was something more. She never recovered her money, and the crooks were never caught. When you get these e-mails, you want to believe they are real. They certainly look it. But if they ask for money – even a little – to get you your money, it’s a scam. Throw the paperwork in the trash. The second biggest scam is home repairs. These people get upfront money and then do shoddy work or no work at all in some cases. Work-at-home scams are in position No. 3, and phony charities are No. 4. These scams often affect seniors more than others, but everyone is at risk. Fraudulent “living trusts” come in at No. 5. You need a living trust in only a few circumstances, so most of the people are just trying to sell you insurance products. No. 6 is e-mail phishing scams. And, No. 7 is probably the ugliest of the “Unlucky Seven.” It’s when you’ve already been scammed and a service offers to help you recover your money. The very same people who took your money the first time are the ones behind this, and you give them more trying to get it back.

Have you heard of “spear phishing?” it’s the newest, dangerous form of e-mail phishing. It’s more insidious than regular phishing because the person sending it knows exactly who you do business with and what kind of accounts you have. So the e-mails they send are very convincing and people open them without hesitation. They could come from a credit union, stockbroker or friend’s e-mail address. And once you open it, the crooks have access to your account numbers and passwords. If you open one of these e-mails and realize it’s not a legitimate communication, you need to assume that someone has installed what’s called a “Trojan Horse” on your computer. Until you’ve loaded a spyware program like “Spybot – Search and Destroy” or Norton, do not go to any of your financial accounts and log in. The program records your keystrokes and then the crooks sell this information to the highest bidder. Banks have another year to let your information out without protection, so practice extra caution with e-mails from now on.

You’ve probably gotten at least one phishing e-mail since they became the hot target of crooks. They claim to be from your bank or some other institution and tell you that you need to verify your account information. About 2 million people have gotten taken by phishing scams, and one of the first ones involved a fake eBay e-mail. The eBay e-mail claimed to be about PayPal and asked members to update their information because it had been comprised. Tons of people took the bait. One English man, David Levi, had a gang that started this scam. He stole tons of identities and now is going to prison for four years. The rest of the members of the gang were sentenced to two years. Identity theft is a huge problem in the U.S., much worse than in England. So, it’s good to see people paying for their crimes.

How many times have you heard about or received an e-mail scam from someone in Nigeria? It’s known as one of the most pervasive e-mail crimes out there, yet people continue to get taken. The overall umbrella for these scams is known as a “419.” It’s basically a statute under the Nigerian legal code that means “fraud.” There are about a half a dozen scams coming out of this country, and they are all legitimate according to the country. An LA Times reporter went to Nigeria to find out more about these elusive yet prolific scams. He found Internet cafes set up for the purpose of scamming people, mostly Americans. They are actually called 419 cafes, and people who just want to surf the Internet are not allowed in. The people in the business see nothing wrong with what they are doing. In fact, they think it’s something certain types of Americans deserve if we’re willing to believe it. There is the “closest relative” scam, the “gorgeous person in trouble” scam, the “laundered money” scam, the “cheap oil” scam and of course the lottery scam. Nigerians in the business basically think Americans are greedy and willing to do anything for money. Don’t perpetuate that idea. If it sounds too good to be true, it probably is.

Have you heard of crime ware? It’s the term law enforcement has come up with for programs that spy on you and steal your passwords for all kinds of accounts. According to the LA Times, this kind of crime is exploding. It works like this: you open an e-mail or Web site and type in your login and password. These programs capture the key strokes and send them to the crooks. They’re also known as key logging programs. And people have been able to steal tens of thousands of dollars. It’s a new version of "phishing" because you don’t even know it’s happened. The folks at ING Direct have come up with a way to prevent this exact type of crime. Instead of having you punch or type in your code, the site displays a keypad on the screen that people touch with their fingers. Most of other banks aren’t concerned at all. But banks are responsible if a customer’s information if compromised. Bank of America is being sued for allowing criminals to hack into people’s computers and get these numbers. If you’re doing online banking and your bank is not installing better technology, it’s time to move on to a new company.

Clark talked about a scam a few months ago that involved a message on your answering machine, supposedly left for someone else. You were supposed to believe they just misdialed. The message was about a hot stock tip, and people thought they’d lucked into something huge. People would then find a stockbroker and buy stock on that company. But the company being touted had no idea. It was simply a “pump and dump” scam. Criminals create hype about a stock, people buy in, and the criminals dump the stock suddenly, making a killing. Now, it’s happening on cell phones. You receive a text message that looks like it was meant for someone else. It’s a stock tip and people run out and buy in. One company’s stock went up 200 points over night because people thought they were going to score big profits. What you need to know is you should never trade on “inside information.” It’s potentially illegal and almost always wrong. Secondly, never buy into a stock you know nothing about. Criminals are smart. They move from technology to technology and you are a target.

As you may know, there are fake universities operating around the U.S. that will issue you a phony degree if you send them enough money. A bachelor’s degree may cost you $200 or $300, while a doctoral degree costs up to $1,000. According to NBC, Pennsylvania’s Attorney General wanted to see how far he could take the hoax. So, he sent in his cat’s resume. That’s right, his cat Colby apparently earned a master’s degree in Business Administration from Trinity Southern University. The school is supposedly in the Dallas suburb of Plano. Along with the diploma, Colby got a transcript of all the classes he supposedly took to receive his 3.8 GPA. You might find this funny. But if you’re an employer, it can be very damaging. People are “buying” degrees – even doctoral degrees – and passing them off as real because employers don’t check as intently as they should. Reference checking is more important than ever because it’s so easy to buy your education without doing any work.

Clark has been getting an increasing number of calls about a job scam involving PayPal payments. When you’re looking for a job, you probably check out some of the online sites such as Monster.com. On that site, you will see postings for jobs involving making PayPal transactions. You do PayPal transactions for this company using your own PayPal account. You receive credit card payments from people, take 10 percent off the top for your services and then wire the money out of the country. But the scam is that the people you’re wiring the payments to and the people sending you the money are one in the same. They send you payments on stolen credit cards, pretending to be real customers who are buying products from a company overseas. You act as the intermediary. But when it becomes clear that the credit card was stolen, you are left holding the bag. There are several variations of this, but all of them are scams. Whenever someone comes to you asking for help transitioning money from one place to another, RUN! They are only trying to shift financial responsibility to you, and you will be held responsible.