Cyber fraud, scams and hoaxes - Definition and prevention
It is really hard to define such a broad term as cyber fraud. There is, however, a few general characteristics you find in all cyber scams. Most scams are done by e-mail (Spam). They entice users to give them critical information like usernames, passwords, credit card information, or other types of account information. Most of these e-mails can easily be identified as fraudulent, by identifying a couple of general characteristics.
First of all if someone, pretending to represent a company or organisation, contact you by e-mail to supply them with usernames, passwords or other critical information by e-mail, then you can be certain its fraudulent. Today we have something we call SSL (Secure Socket Layer). E-mail is one of the most un-secure methods to send user information and passwords. Most organisations have secure servers, which apply SSL technology to keep your personal information safe.
Now I can hear you say, that if I receive e-mail with a link to a secure server then it's safe. Well you are wrong. Most banks, financial institutions, or almost any legitimate organization never request updates to personal information via e-mail. You will most certainly never receive e-mail from your bank to update your account details by clicking on a SSL link embedded into the e-mail. Ask yourself, they are the ones who know my account information the best, why would they need me to supply account numbers, usernames or passwords?
Another way to identify fraud is looking at the real URL the link in the e-mail points to. How do I do that? Well most of the popular e-mail clients have a status bar at the bottom of your screen. If you hover with your mouse cursor above the link, the URL (Uniform Resource Locator, in other words, the exact web address it points to) will appear in the status bar. These links should point to the main domain of the company. For instance the links in e-mail from Paypal should start with www.paypal.com, nothing else. If it starts with something like www.pay-pal.com, www.pay.pal.com, www.paypal_.com, www.paypalsecure.com or any variation of the real domain, then it's fraudulent, even if it points to a secure server (These links start with https:// and not the standard http://). Any variation of the real domain points to a different server, not owned by Paypal, where you can get infected by viruses, spyware, adware, or become victim of a hacking attempt.
Not all cyber fraud occurs through e-mail, but most of them do. Other methods are on the Internet self. You may even get a letter through the post, because your postal address may have been captured by a spyware program or spam e-mail you replied to with your postal address included in the reply. Most scams exploit people's greediness. There is always promise of great returns on money you should invest in them. You can stay safe by following common sense and a few basic simple rules:
- Never send people money that contacted you by e-mail, or any other method in the Internet, period. Especially if you never heard of them before. What clear minded person will send money to a complete stranger?
- Never reply to, or click on any links in e-mails requesting personal, account or any kind of user information.
- Never reply to, or click on any links in e-mails from organizations you are not member of. Why will Amazon, Paypal, eBay, Barclays Bank, or any organization send you e-mail if you are not a member of them?
- Never reply to, or click on any links in lottery or competition e-mails, you never entered. How can you suddenly win a competition you never entered?
IC3.gov NewsBusiness Email Compromise: Gift Cards
Wed, 24 Oct 2018 11:00:00 EDT
Cyber Actors Increasingly Exploit The Remote Desktop Protocol to Conduct Malicious Activity
Thu, 27 Sep 2018 10:00:00 EDT
Cybercriminals Utilize Social Engineering Techniques To Obtain Employee Credentials To Conduct Payroll Diversion
Tue, 18 Sep 2018 10:00:00 EDT
Education Technologies: Data Collection and Unsecured Systems Could Pose Risks to Students
Thu, 13 Sep 2018 10:00:00 EDT
Extortionists Increasingly Using Recipients' Personal Information To Intimidate Victims
Tue, 07 Aug 2018 13:00:00 EDT