Cyber fraud, scams and hoaxes - Definition and prevention
Refer to the SHPAMEE Project for examples of fraudulent e-mails.
Browse the Web with Firefox for protection against spyware, hackers, spoofing and phishing scams
It is really hard to define such a broad term as cyber fraud. There is, however, a few general characteristics you find in all cyber scams. Most scams are done by e-mail (Spam). They entice users to give them critical information like usernames, passwords, credit card information, or other types of account information. Most of these e-mails can easily be identified as fraudulent, by identifying a couple of general characteristics.
First of all if someone, pretending to represent a company or organisation, contact you by e-mail to supply them with usernames, passwords or other critical information by e-mail, then you can be certain its fraudulent. Today we have something we call SSL (Secure Socket Layer). E-mail is one of the most un-secure methods to send user information and passwords. Most organisations have secure servers, which apply SSL technology to keep your personal information safe.
Now I can hear you say, that if I receive e-mail with a link to a secure server then it's safe. Well you are wrong. Most banks, financial institutions, or almost any legitimate organization never request updates to personal information via e-mail. You will most certainly never receive e-mail from your bank to update your account details by clicking on a SSL link embedded into the e-mail. Ask yourself, they are the ones who know my account information the best, why would they need me to supply account numbers, usernames or passwords?
Another way to identify fraud is looking at the real URL the link in the e-mail points to. How do I do that? Well most of the popular e-mail clients have a status bar at the bottom of your screen. If you hover with your mouse cursor above the link, the URL (Uniform Resource Locator, in other words, the exact web address it points to) will appear in the status bar. These links should point to the main domain of the company. For instance the links in e-mail from Paypal should start with www.paypal.com, nothing else. If it starts with something like www.pay-pal.com, www.pay.pal.com, www.paypal_.com, www.paypalsecure.com or any variation of the real domain, then it's fraudulent, even if it points to a secure server (These links start with https:// and not the standard http://). Any variation of the real domain points to a different server, not owned by Paypal, where you can get infected by viruses, spyware, adware, or become victim of a hacking attempt.
Not all cyber fraud occurs through e-mail, but most of them do. Other methods are on the Internet self. You may even get a letter through the post, because your postal address may have been captured by a spyware program or spam e-mail you replied to with your postal address included in the reply. Most scams exploit people's greediness. There is always promise of great returns on money you should invest in them. You can stay safe by following common sense and a few basic simple rules:
- Never send people money that contacted you by e-mail, or any other method in the Internet, period. Especially if you never heard of them before. What clear minded person will send money to a complete stranger?
- Never reply to, or click on any links in e-mails requesting personal, account or any kind of user information.
- Never reply to, or click on any links in e-mails from organizations you are not member of. Why will Amazon, Paypal, eBay, Barclays Bank, or any organization send you e-mail if you are not a member of them?
- Never reply to, or click on any links in lottery or competition e-mails, you never entered. How can you suddenly win a competition you never entered?
IC3.gov News
IC3.gov News
New Verification Schemes Target Users of Online Dating PlatformsNew Verification Schemes Target Users of Online Dating Platforms https://www.ic3.gov/Media/Y2024/PSA240426 Fri, 26 Apr 2024
Alert on Cryptocurrency Money Services Businesses
em> Alert on Cryptocurrency Money Services Businesses https://www.ic3.gov/Media/Y2024/PSA240425 Thu, 25 Apr 2024
Smishing Scam Regarding Debt for Road Toll Services
em> Smishing Scam Regarding Debt for Road Toll Services https://www.ic3.gov/Media/Y2024/PSA240412 Fri, 12 Apr 2024
Cyber Criminals Target Victims Using Social Engineering Techniques
em> Cyber Criminals Target Victims Using Social Engineering Techniques https://www.ic3.gov/Media/Y2024/PSA240411 Thu, 11 Apr 2024
Child Sexual Abuse Material Created by Generative AI and Similar Online Tools is Illegal
em> Child Sexual Abuse Material Created by Generative AI and Similar Online Tools is Illegal https://www.ic3.gov/Media/Y2024/PSA240329 Fri, 29 Mar 2024
