It’s easy to laugh at ludicrous 419, advanced fee emails claiming that you have won the lottery, or requesting your help in wiring squillions of £ overseas, but for every scam we become familiar with, fraudsters have many more in development, waiting to hoodwink us from our hard earn cash.
The majority of online fraud is no different from the scams perpetrated over the phone or through the mail. The big difference, of course, is the number of people fraudsters can reach online at a low cost. For every piece of junk mail they send, or phone call they make, they might be able to send 1,000s if not 10,000s of emails to potential victims.
The internet also gives them other tools by which to spread false information: bulletin boards; social networking sites; chat rooms; as well as fake websites.
Amongst the most common scams online today are those known as Phishing scams.
The word Phishing comes from fishing and alludes to the idea of using bait to try and catch certain types of information such as usernames, passwords and credit card details.
Often this will involve masquerading as a trustworthy organisation such as:
- Popular social web sites like Facebook
- Auction sites such as eBay
- Online payment processors like Paypal or Worldpay.
- Amazon.com
- Or IT administrators from any number of High Street banks.
Phishing is typically carried out by e-mail or instant messaging, and more often than not by redirecting users to enter details at fake websites which resemble the real website almost identically. Fraudsters using phishing today have become so sophisticated that even the use of server authentication is not enough to detect a fake website.
Of course, if you don’t have an account with the organisation allegedly represented then you won’t click on the link, but given how many High Street names fraudsters are willing to impersonate, then the chances are that you will have an account with some of them.
Phishing fraudsters will try just about anything from simple requests for information, to riding the wave of public sympathy which follows a disaster with requests for donations. More sophisticated recent examples include:
- Google Adwords Phishing Scam – This scam simply asks you verify your Google Adwords account details, but then asks you to reconfirm your debit card details.
- Facebook Phishing applications – Watch out for emails which look like they have been sent direct from Facebook friends, but really have been generated by applications which have hijacked their account. These emails will try and redirect you to ‘too good to be true’ offers on websites which will try and capture your personal information.
- “Chat-in-the-Middle” Phishing Attacks – Targeted at online banking customers, this phishing scam redirects users to a fake bank website in the usual way, but attempts to make the site look even more original with the addition of a bogus live chat support window which pops up to initiate a conversation, when you start entering your details.
So, then, how do you avoid taking the bait?
1. It’s unusual for large organisations to ask you to verify your log in information by email. If you get what appears to be a legitimate request, first check at the company or organisations regular website or by phoning them to confirm they sent the email, instead of clicking directly on the link provided.
2. Consider the email subject line carefully. Banks like HSBC will never send emails with subject lines like HSBC_account_update ACT-N0W.
3. Style and presentation. Make sure you familiarise yourself with how your bank communicates with you, from the letters you receive. If an email supposedly from the bank doesn’t follow this style and is littered with spelling or grammar errors, then you have reason to be concerned.
4. Mouse over email links to reveal the actual contents of the link. If the url is spelt strangely, like ebai.org.uk, instead of e-bay.co.uk, then be careful.
5. Keep your spam blocking, and anti-virus software up to date, and if you are using webmail, make sure your Internet Service Provider is doing the same.
It’s probably going too far to suggest that the internet today is the equivalent of the Wild West, but you should still approach any kind of unsolicited offer or request for personal information, with both caution and scepticism
Not only will this protect your own bank balance but it will also help prevent funding the organised criminals and gangs who invariably are behind such frauds, and who use the money to further their other business aims including drug and people trafficking.
Recent Comments