fbpx

Source: This article was published forbes.com By John F. Wasik - Contributed by Member: Corey Parker

Some people collect baseball cards or ceramic figurines. I collect scams, which come in all varieties.

These days, I don't have to go far to see how thieves all over the world are operating. I just go to my spam folder. The most obvious scams are sitting there.

All online scams have one thing in common: They want to tap your greed to get at the personal information they can steal. These "phishing" ruses are happening 24/7.

Here are a few gems I discovered:

-- "Bank of America" email. It would be wonderful if Bank of America owed me money. But since I've never had an account there, that would be the first time.

Here's how the email, with the subject "Message from Bank of America," read:

"Be informed that we have verified your payment file as directed to us and your name is next on the list of our outstanding fund beneficiaries to receive their payment.

Be advised that because of too many funds beneficiaries, you are entitled to receive the sum of $14.5M,(Fourteen Million Five Hundred Thousand Dollars only), as to enable us to pay other eligible beneficiaries.

To facilitate with the process of this transaction, please kindly re-confirm the following information below:

  1. Your Full Name:
  2. Your Full Address:
  3. Your Contact Telephone and Fax No:
  4. Your Profession, Age, and Marital Status:
  5. Any Valid Form of Your Identification/Driver's License:
  6. Bank Name:
  7. Bank Address:
  8. Account Name:
  9. Account Number:
  10. Swift Code:
  11. Routing Number:"

Wow, all I have to do is send them all of my personal and financial information and they will send me $14.5 million. What a deal! By the way, Bank of America has nothing to do with this message, as if you haven't already surmised. 

This is a fairly typical banking scam. They will ask for information so that they can access anything from your credit cards to your checking account. Never reply to these emails.

-- American Embassy Note. It would be really neat if the U.S. government owed me money as well. Boy, I'd sure like to get some of my hard-earned tax dollars back -- just for being a good citizen.

Here's a novel approach that pairs the U.S. Embassy with an African Bank, no less (note the bad syntax):

"American Embassy in conjunction with the United Bank For African, has come to agreement to send your funds in consignment worth about $7.5 Million USD without any further delay and they have done as instructed by the United Nation, as matter of fact your funds has already arrived in one of the airports in your country but the diplomat signaled us that she lost your contact address as result of security inspection and screening in the airport."

How kind of the United (sic) Nation to get involved. But they could use a proofreader if they want people to fall for this swindle.

-- Your Order Has Arrived/Shipping Status. These emails will appear to come from Amazon or some other e-commerce transaction.

They aren't really banking scams, but they will ask you to click a link and ask for personal information. You will pay dearly if you do.

How to avoid a phishing scam? Just don't open any email with an offer to send you money or one pretending to be from a bank, which will mostly send you paper notices.

And never send personal or financial information to an email address, even if you think you know who it is.

It's that simple and it will save you a lot of aggravation — and money.

Categorized in Internet Privacy

The job posting was for a personal assistant. It paid $350 a week and would involve picking up mail, dropping packages off at the post office and some shopping.

Kaya was 31, had just returned to Toronto after working overseas and was desperate to make some money, so she replied to the Craigslist posting.

“I Googled the employer,” the now 36-year-old business graduate said. “He was listed as a curator at an art gallery in Australia, but he said he lived part time in Canada.”

He sent her a cheque for $2,950 and asked that she cash it, keep $350 as payment and wire the rest to a business to purchase some furniture. She brought the cheque into her bank to deposit into her account and the teller told her everything was fine — but, of course, it wasn’t.

“A week later, the bank called and said that the cheque was fraudulent. The money was gone. That was almost everything that I had in savings,” she said. She asked that her real name be withheld to avoid being recognized by the scammer. “You feel so helpless. I was super embarrassed. I didn’t tell my parents.”

Experts warn that millennials are increasingly prime targets for money scams, including the con that took Kaya’s money. About half of the fraud victims in Canada are from Generation Y (followed by Generation X at 29 per cent, Baby Boomers at 17 per cent and the Silent Generation at 3 per cent), according to a study last year by ratings agency Equifax Inc.

“They’re new at managing their money. They all need money and people who need money are usually good victims,” cybersecurity expert Tom Keenan said.

Also, millennials suffer from optimism bias and are therefore less cautious. And while they’re the most technologically savvy cohort, they’re less savvy with privacy and with security.

Millennials are more likely than other generations to admit they share their PINs with family and friends, use their personal information such as their birthday as their PIN and share their credit card number over the phone or email, according to a survey for Capital One Canada.

“Millennials have grown up in the sharing economy so they’re just so used to sharing information about their personal lives and their details with friends and people on social media,” said Brent Reynolds, managing vice-president at Capital One Canada.

All of that sharing with less caring, and that clicking with less checking, can lead to money lost, ruined credit and identity theft.

Here are five financial scams that are particularly dangerous for millennials.

Fake job offers

Like Kaya, you may see a job posting online or on campus. It may even have the name and logo of a reputable company. But it could still be bogus. Or you may get a text to be a mystery shopper or a covert consumer where you receive a cheque to use for shopping and to evaluate products.

“For every real one, there are 10 scams,” said Keenan who teaches at the University of Calgary and wrote a book called Technocreep. (Check mysteryshop.org for legitimate companies.)

If the job asks for money to sign up or for training, run the other way. Never pay money upfront for a job, Keenan said. Be cautious of jobs that tout “work from home,” “start immediately” or “no experience required.”

Online shoppers

“Millennials are so eager to shop online … But there are plenty of sites out there that are not what they seem,” Keenan said. “You can make up a totally fake store. There are enough rogue credit card company processors that will take people’s credit cards and charge them money or they’ll now have your credit card, expiry date and maybe the (three-digit number) on the back, and that can be sold.”

To see if an online business is legitimate, Google the company for reviews, look for the lock icon in the status bar of your browser and, if available, use PayPal to checkout.

Check your account statements regularly for any errors or fraudulent activity; some credit cards have real-time notifications built into their apps to let you know when a purchase has been made. Also, request a free copy of your credit report from Equifax or Transunion once a year to monitor your activity.

Crowd-funding sources

“People have pulled off all kinds of scams,” Keenan said. “They’ve put up sob stories, said they’re dying of cancer when they’re perfectly healthy; they’ve invented wonderful products that they’re going to make.”

Look into the person soliciting funds. Stalk their social media pages. Can they be contacted? Are they listed on more than one crowdfunding site (is it a copy of another real project)? As always, if the product sounds too good to be true, it probably is.

Bad behaviour scams

“It’s awful to imagine, but blackmail is alive and well at our colleges,” Keenan said. “It’s very possible someone has a photo of you and even someone who appears to be a friend or a lover could use it against you. They may even ask for money in exchange for the photos … Anything you post, you have to be happy if your grandmother sees it.”

If you’re a victim of “sextortion” (extortion involving sex-related digital images), contact police.

Being careless with technology

You download a fake app and infect your phone with malware that allows a criminal to look through your files. Or you click on a link from a co-worker and download ransomeware that locks your computer until you pay a ransom to release it.

Or you connect to a coffee shop’s free Wi-Fi and now a crook who has set up the fake hotspot or hacked the service is watching your every move.

People often let their guard down when they use smartphones.

“You’re on the train, you’re running around and … texting constantly,” said Kelley Keehn, personal finance educator and author of Protecting You and Your Money: A Guide to Avoiding Identity Theft and Frauds.

“We don’t have that spidey sense when we’re holding our dear smartphone. We’re vulnerable to these crime organizations around the world trying to defraud us every second of the day.”

Consider buying a reputable anti-virus, anti-malware program for your computers and mobile devices, and keep your software up-to-date.

 

Financial Post

Twitter.com/lisleong

Illustration by Chloe Cushman / National Post

 

Source : This article was published msn.com by Melissa Leong

Categorized in Internet Privacy

It's easy to think you can spot a scam email, with all the talk about spelling mistakes, "too good to be true" offers, and strange web addresses. But scammers have come a very long way.

"It's rare to see poor spelling and grammar now, because these scammers are using original logos and content and only using a small part to take you to their own URL," said Craig McDonald, head of cybersecurity firm Mailguard.

"They know what people are looking out for. They're doing what marketers are doing with A/B testing, sending two versions and seeing which one performs better."

Mary Julian, a retiree from Glebe, recently received an email from the "Department of Human Services" about a subsidy benefit and an another from "AGL" regarding an $834 electricity bill. They both appeared genuine.

"But I thought I'd check, and I pasted the subject line 'Your 2016 subsidy benefit' into the search engine, and there were all these scam warnings and I got the shock of my life," she said.

"With the AGL email, I was with EnergyAustralia and presumed they had merged, so I rang to double check and that's when I found I had nearly been conned."

 

At least $37.5 million was swindled by fraudsters using online scam methods in 2015 - and that's just based on 41,000 reports that year to the Australian Competition and Consumer Commission.

With this in mind, take Fairfax Media's test and see if you can spot the scam. Answers are at the bottom.

AGL

Real or fake? Email from energy provider AGL.Real or fake? Email from energy provider AGL. Photo: Supplied

This scam uses a fake AGL energy bill that infects computers with "ransomware" and holds them hostage. Tens of thousands are believed to have fallen victim last year.

The energy company issued a warning last June, saying it would never send an email asking for personal banking or financial details.

"Instead of downloading an invoice you are downloading a virus that logs everything you type on your computer keyboard and encrypts files," says Raymond Schippers from Check Point.

Ticketek

Real or fake? Confirmation email from Ticketek.Real or fake? Confirmation email from Ticketek. Photo: Supplied

Last year, many Australians received a fake confirmation email from "Ticketek" with a link to print tickets. Those who took the bait instead downloaded malware.

"A common subject line is 'Thank you for buying coupon on Ticketek'," says the Australian Communications and Media Authority.

"The emails are linking to fake websites which contain the word 'ticketek' to make the website appear legitimate."

Australian Tax Office

Real of fake? Email from the Australian Tax Office.Real of fake? Email from the Australian Tax Office. Photo: Supplied

During peak periods, the ATO receives more than 750 scam reports a day. While phone scams have declined, fraudulent emails are on the rise.

This one with the subject line "Your next activity statement" may affect small to medium businesses who regularly lodge BAS forms with the ATO.

"Some scam emails can look very convincing. Some even have privacy warnings and other text to make them look more real," says ATO's assistant commissioner Graham Whyte.

Commonwealth Bank

Real or fake? Commonwealth Bank's internet banking sign in webpage.Real or fake? Commonwealth Bank's internet banking sign in webpage. Photo: Supplied

There are many different types of CBA-branded scams. Remember, the bank never sends emails requesting customers to confirm, update or disclose confidential banking information.

On Friday, May 13, last year there was a "fast-breaking", "large-scale" email scam that used the subject line: "You've a new statement". A link transported users to a fake Netbank login portal.

"The spammers were able to gain control of a government level domain name and add their own records, which is called 'domain shadowing'," says Mailguard.

Australia Post

Real or fake? Email from Australia Post.Real or fake? Email from Australia Post. Photo: Supplied

In the era of online shopping, it may not seem strange to receive a delivery email from Australia Post. But there are plenty of hoax emails going around.

"Do not click or paste the link in your browser and delete the email immediately. If you are expecting a parcel and are unsure of an email you may have received, please go to the Australia Post [website] or our app to track your delivery," it says.

This email scam uses various popular company names to look pass off as real, including ASOS, David Jones, JB Hi Fi and Terry White.

Netflix

Real or fake? Netflix's log in webpage.Real or fake? Netflix's log in webpage. Photo: Supplied

Earlier this year, Australian Netflix users were urged to delete a "Membership on hold" email that led to a website that could dynamically change.

Once the user signed in and filled in the empty boxes, the website would identify your financial institution based on the credit card number, and then accordingly ask for additional authentication by, for example, using "MasterCard SecureCode" or "Verify with Visa" boxes.

"If a particular bank asks for additional security information, it will determine that based on your credit card details and the form will change. It's a very clever website," says Bruce Matthews, a cybersecurity expert at the ACMA.

PayPal

Real or fake? Email from Paypal.Real or fake? Email from Paypal. Photo: Supplied

A simple (but not foolproof) way to check whether a PayPal email is real is to remember the company always addresses you by your full name.

Fake emails tend to use "Dear Paypal member". Also, try to hover your mouse over a link to see the destination web address.

"If unsure, forward the suspicious email to This email address is being protected from spambots. You need JavaScript enabled to view it. and we'll let you know if it's really coming from us or not," PayPal says.

Federal Circuit Court of Australia

Real or fake? An email from the Federal Circuit Court of Australia.Real or fake? An email from the Federal Circuit Court of Australia. Photo: Supplied

bogus "You've been subpoenaed" email hit inboxes across Australia last year, scaring a lot of people.

It purported to subpoena the recipient to attend court at a specific time and asked them to click on a link to both the court address and case-related information.

"Neither the Federal Court nor the Federal Circuit Court issue subpoenas in such an informal way," a spokesman says.

Answers

  • AGL - Right a fake
  • Ticketek - Right a fake
  • Australian Tax Office - Fake
  • Commonwealth Bank - Left a fake
  • Australia Post - Both are fake
  • Netflix - Left a fake
  • PayPal - Top a fake
  • Federal Circuit Court - Fake

Top 10 tips to protect yourself

  • Watch out - scammers target you anytime, anywhere, anyhow
  • Don't respond - ignore suspicious emails, letters, house visits, phones calls or SMS messages
  • Don't immediately agree to an offer - do your research and seek independent advice
  • Ask yourself who you're really dealing with - scammers tend to pose as those you trust

  • Don't let scammers push your buttons - scammers will play on your emotions
  • Keep your computer secure - update your firewall, anti-virus and anti-spyware software
  • Use a secure payment service - look for a URL starting with 'https' and a closed padlock symbol
  • Never send money to someone you don't know and trust - it's rare to recover money
  • Protect your identity - your personal details are private and invaluable
  • Spread the word - if you've spotted a scam, report it to www.scamwatch.gov.au

Author : Esther Han

Source : http://www.canberratimes.com.au/business/consumer-affairs/phishing-emails-and-other-online-scams-on-the-rise-as-australians-lose-millions-of-dollars-20161115-gspnar.html

Categorized in Internet Privacy

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media