Cyber fraud, scams and hoaxes - Definition and prevention
Refer to the SHPAMEE Project for examples of fraudulent e-mails.
Browse the Web with Firefox for protection against spyware, hackers, spoofing and phishing scams
It is really hard to define such a broad term as cyber fraud. There is, however, a few general characteristics you find in all cyber scams. Most scams are done by e-mail (Spam). They entice users to give them critical information like usernames, passwords, credit card information, or other types of account information. Most of these e-mails can easily be identified as fraudulent, by identifying a couple of general characteristics.
First of all if someone, pretending to represent a company or organisation, contact you by e-mail to supply them with usernames, passwords or other critical information by e-mail, then you can be certain its fraudulent. Today we have something we call SSL (Secure Socket Layer). E-mail is one of the most un-secure methods to send user information and passwords. Most organisations have secure servers, which apply SSL technology to keep your personal information safe.
Now I can hear you say, that if I receive e-mail with a link to a secure server then it's safe. Well you are wrong. Most banks, financial institutions, or almost any legitimate organization never request updates to personal information via e-mail. You will most certainly never receive e-mail from your bank to update your account details by clicking on a SSL link embedded into the e-mail. Ask yourself, they are the ones who know my account information the best, why would they need me to supply account numbers, usernames or passwords?
Another way to identify fraud is looking at the real URL the link in the e-mail points to. How do I do that? Well most of the popular e-mail clients have a status bar at the bottom of your screen. If you hover with your mouse cursor above the link, the URL (Uniform Resource Locator, in other words, the exact web address it points to) will appear in the status bar. These links should point to the main domain of the company. For instance the links in e-mail from Paypal should start with www.paypal.com, nothing else. If it starts with something like www.pay-pal.com, www.pay.pal.com, www.paypal_.com, www.paypalsecure.com or any variation of the real domain, then it's fraudulent, even if it points to a secure server (These links start with https:// and not the standard http://). Any variation of the real domain points to a different server, not owned by Paypal, where you can get infected by viruses, spyware, adware, or become victim of a hacking attempt.
Not all cyber fraud occurs through e-mail, but most of them do. Other methods are on the Internet self. You may even get a letter through the post, because your postal address may have been captured by a spyware program or spam e-mail you replied to with your postal address included in the reply. Most scams exploit people's greediness. There is always promise of great returns on money you should invest in them. You can stay safe by following common sense and a few basic simple rules:
- Never send people money that contacted you by e-mail, or any other method in the Internet, period. Especially if you never heard of them before. What clear minded person will send money to a complete stranger?
- Never reply to, or click on any links in e-mails requesting personal, account or any kind of user information.
- Never reply to, or click on any links in e-mails from organizations you are not member of. Why will Amazon, Paypal, eBay, Barclays Bank, or any organization send you e-mail if you are not a member of them?
- Never reply to, or click on any links in lottery or competition e-mails, you never entered. How can you suddenly win a competition you never entered?
IC3.gov News
IC3.gov News
Scammers Falsely Promise Significant Profit to Victims in Collectible Coin ScamsScammers Falsely Promise Significant Profit to Victims in Collectible Coin Scams https://www.ic3.gov/Media/Y2024/PSA240625 Tue, 25 Jun 2024
Fictitious Law Firms Targeting Cryptocurrency Scam Victims Offering to Recover Funds
Fictitious Law Firms Targeting Cryptocurrency Scam Victims Offering to Recover Funds https://www.ic3.gov/Media/Y2024/PSA240624 Mon, 24 Jun 2024
Scammers Defraud Individuals via Work-From-Home Scams
em> Scammers Defraud Individuals via Work-From-Home Scams https://www.ic3.gov/Media/Y2024/PSA240604 Tue, 04 Jun 2024
Guidance on the 911 S5 Residential Proxy Service
item> Guidance on the 911 S5 Residential Proxy Service https://www.ic3.gov/Media/Y2024/PSA240529 Wed, 29 May 2024
Democratic People's Republic of Korea Leverages U.S.-Based Individuals to Defraud U.S. Businesses and Generate Revenue
em> Democratic People's Republic of Korea Leverages U.S.-Based Individuals to Defraud U.S. Businesses and Generate Revenue https://www.ic3.gov/Media/Y2024/PSA240516 Thu, 16 May 2024
