Cyber fraud, scams and hoaxes - Definition and prevention
Refer to the SHPAMEE Project for examples of fraudulent e-mails.
Browse the Web with Firefox for protection against spyware, hackers, spoofing and phishing scams
It is really hard to define such a broad term as cyber fraud. There is, however, a few general characteristics you find in all cyber scams. Most scams are done by e-mail (Spam). They entice users to give them critical information like usernames, passwords, credit card information, or other types of account information. Most of these e-mails can easily be identified as fraudulent, by identifying a couple of general characteristics.
First of all if someone, pretending to represent a company or organisation, contact you by e-mail to supply them with usernames, passwords or other critical information by e-mail, then you can be certain its fraudulent. Today we have something we call SSL (Secure Socket Layer). E-mail is one of the most un-secure methods to send user information and passwords. Most organisations have secure servers, which apply SSL technology to keep your personal information safe.
Now I can hear you say, that if I receive e-mail with a link to a secure server then it's safe. Well you are wrong. Most banks, financial institutions, or almost any legitimate organization never request updates to personal information via e-mail. You will most certainly never receive e-mail from your bank to update your account details by clicking on a SSL link embedded into the e-mail. Ask yourself, they are the ones who know my account information the best, why would they need me to supply account numbers, usernames or passwords?
Another way to identify fraud is looking at the real URL the link in the e-mail points to. How do I do that? Well most of the popular e-mail clients have a status bar at the bottom of your screen. If you hover with your mouse cursor above the link, the URL (Uniform Resource Locator, in other words, the exact web address it points to) will appear in the status bar. These links should point to the main domain of the company. For instance the links in e-mail from Paypal should start with www.paypal.com, nothing else. If it starts with something like www.pay-pal.com, www.pay.pal.com, www.paypal_.com, www.paypalsecure.com or any variation of the real domain, then it's fraudulent, even if it points to a secure server (These links start with https:// and not the standard http://). Any variation of the real domain points to a different server, not owned by Paypal, where you can get infected by viruses, spyware, adware, or become victim of a hacking attempt.
Not all cyber fraud occurs through e-mail, but most of them do. Other methods are on the Internet self. You may even get a letter through the post, because your postal address may have been captured by a spyware program or spam e-mail you replied to with your postal address included in the reply. Most scams exploit people's greediness. There is always promise of great returns on money you should invest in them. You can stay safe by following common sense and a few basic simple rules:
- Never send people money that contacted you by e-mail, or any other method in the Internet, period. Especially if you never heard of them before. What clear minded person will send money to a complete stranger?
- Never reply to, or click on any links in e-mails requesting personal, account or any kind of user information.
- Never reply to, or click on any links in e-mails from organizations you are not member of. Why will Amazon, Paypal, eBay, Barclays Bank, or any organization send you e-mail if you are not a member of them?
- Never reply to, or click on any links in lottery or competition e-mails, you never entered. How can you suddenly win a competition you never entered?
IC3.gov News
IC3.gov News
IC3 Annual Report and Fraud FlyerIC3 Annual Report and Fraud Flyer https://www.ic3.gov/Media/Y2024/PSA240318 Mon, 18 Mar 2024
Scammers Use Couriers to Retrieve Cash and Precious Metals from Victims of Tech Support and Government Impersonation Scams
em> Scammers Use Couriers to Retrieve Cash and Precious Metals from Victims of Tech Support and Government Impersonation Scams https://www.ic3.gov/Media/Y2024/PSA240129 Mon, 29 Jan 2024
Malicious Actors Threaten U.S. Synagogues, Schools, Hospitals, and Other Institutions With Bomb Threats
em> Malicious Actors Threaten U.S. Synagogues, Schools, Hospitals, and Other Institutions With Bomb Threats https://www.ic3.gov/Media/Y2024/PSA240112 Fri, 12 Jan 2024
Chinese Police Imposters Incorporate Aggressive Tactics to Target U.S.-Based Chinese Community
em> Chinese Police Imposters Incorporate Aggressive Tactics to Target U.S.-Based Chinese Community https://www.ic3.gov/Media/Y2024/PSA240103 Wed, 03 Jan 2024
Threat of Violence Likely Heightened Throughout Winter
em> Threat of Violence Likely Heightened Throughout Winter https://www.ic3.gov/Media/Y2023/PSA231212 Tue, 12 Dec 2023