Internet scammers generally want one thing: your money. To get it, they’ll try to scare you into divulging account information, trick you into opening a harmful attachment, or dupe you into sending personal information. In short, scammers trade on the hope that you’re gullible enough to fall victim to their deceptions, which are constantly changing.
Here’s a rundown of some of the latest types of internet fraud schemes and advice on how to protect yourself.
From the ‘scare you to act’ department come email messages that threaten to deactivate your account if you do not click an embedded link to verify account details. Often, these messages claim that some kind of suspicious activity has occurred with your account, and the only way that you have to keep your account from being shut down is to click the embedded link immediately or within a certain amount of time.
Facebook users have recently been hit with such a scam. A message purporting to be from the ‘Facebook Security Team’ tells recipients that their accounts have been compromised and they have 12 hours to follow a link or they risk de-activation. Bottom line: Never click links in messages that claim that your account will be de-activated if you don’t. If your account with a reputable organisation is ever actually compromised, the company will be smart enough to provide information about the situation in a way that does not require you to click any link, either to confirm any information or to re-activate your account.
Requested attachment messages
Email attachments, especially in messages from people you don’t know, are common carriers of malware, spyware, or viruses. Scammers know that, by now, most people either do not open attachments sent by strangers or set up spam filters to remove such messages from their inbox automatically.
But senders of harmful attachments have become smarter, targeting users who may be expecting to receive attachments by email or who can be tricked into thinking they may have requested an email attachment. The US Federal Bureau of Investigation recently uncovered a scheme in which cyber criminals sent email attachments disguised as resumes to businesses who had posted jobs online. The attachments, once opened, unleashed malicious software that allowed the scammers to gain access to online banking credentials and ultimately to initiate wire transfers of money.
Bottom line: Always be suspicious of attachments, and be sure you use security software that scans email attachments before you open them.
‘Facebook team’ messages
It’s no surprise that with over half a billion users, Facebook garners its own category of scam alert. Messages claiming to be from the ‘Facebook team’ are on the rise, and most of these prompt recipients to divulge account logon credentials.
One prevalent scam, for example, instructs recipients that Facebook is implementing a new login system that offers increased account security. To use the new system, the message says you must click a link to update your account. If you do, your login information will be stolen once you enter it.
Bottom line: Never ‘update your account’ via a link provided in a message. If you suspect that such a message is valid, visit your account by opening a web browser yourself and accessing it the usual way.
Prize collection messages
Who wouldn’t like to wake up one day to find that they had won a prize, a sweepstakes, or some money that they weren’t expecting? Fraudsters know that the answer is ‘almost no one,’ which is why email messages claiming that ‘you won’ continue to flow. The latest twist on this tactic, however, is for the email scammer to claim that in order to receive the prize or monetary award, you must first provide a host of information by email.
A ‘2011 Rugby World Cup Lotto Promotion’ email message is just the latest example of this type of fraud. The message, which purports to be from the ‘International Rugby Board (IRB),’ claims that the recipient has won one million dollars by having one of the lucky email addresses drawn in a lottery that allegedly involved ‘all the email addresses of people that are active online.’
Scammers know that people are suspicious of embedded links these days, however, so instead of having the recipients click a link, this scam asks the recipient to send a great deal of personal information to the email address of a ‘claims administrator.’ While no account information is solicited, enough personal information to facilitate identity theft is.
Bottom line: Never send personal information — including name, address, age, and date of birth – to any stranger or supposed organisation by email.
Hemant Khurana ( Happy)