Assessing the Risks


Welcome to the brave new world of electronic finance, where there are fantastic opportunities to shop and transact business from wherever you are, whenever it is convenient. But just as carrying a wallet around in the real world puts you at risk for having your money or ID stolen, spending money online and using electronic account access has its own pitfalls.

You have probably become immune to paper junk mail that touts get-rich-quick schemes or telemarketers who ask you to provide a credit card number to buy something or contribute money to a worthy cause over the phone. You have learned not to respond to these scams or hand over your credit card number to a stranger, and for the most part you probably successfully avoid telephone and print mail attempts to defraud you or steal your money.

Unfortunately, whenever money or personal information is exchanged, criminals lie in wait for an opportunity. Cybercriminals know that many people are still new to online commerce and therefore are less prepared for the types of attacks they might face online. So just as a wily pickpocket in a foreign city counts on your lack of familiarity with the area to make you an easier target, criminals have found opportunity with those who are new to banking and purchasing online. They have adapted old tricks for use in an online environment.

We live in a society where our finances now exist to a great extent in electronic files (whether or not you keep your records online, most banks and online retailers do). Phishing is just one type of financial scam in the online world. Learning what kinds of risks exist will help keep your money safer online.

Think About It

Putting risks in perspective: "Identity theft through the Internet using worms, viruses, spyware, malware, or even phishing may grab the headlines. But these incidents account for less than 10 percent of the total cases of identity fraud" in the United States, according to a survey by Javelin Strategy and Research.


Phishing for Your Money

Phishing scams most often arrive via e-mail, and they convince thousands of victims to enter personal and/or financial information that puts them and their money at risk (see Figure 14-1 on the next page).

Figure 14-1. Phishing e-mail uses many tactics. This one requires your account information in order to calculate potential loan refinancing savings.


While people are becoming more aware of this type of online crime, all too many still fall victim. A study by MailFrontier indicates that about 75 percent of Internet users now consistently spot phishing fraud, a significant increase over the 61 percent noted in a 2004 study. Interestingly, the same study notes that 18- to 24-year-old computer users, who are usually more technically savvy, are more likely to be fooled by phishing than older users.

A recent report from MessageLabs states that "vishing" (VoIP+phishing) is one of the cybercriminal's latest scams. Vishing scams make use of an automated voice message that warns the potential victim of possible fraudulent charges on his or her credit card. When the victim calls the provided toll-free number, he is prompted to enter his credit card information, which the "vishers" then use to make fraudulent charges. It's important to note that vishers are able to manipulate the caller ID so that the call appears to be coming from a legitimate bank.

Think About It

Scams vary. It might not be the standard "validate your account" message that fools you. Scams are modified as more people catch on to existing schemes. Remember: Human predators target the weaknesses of human nature.


Asking for Your Money

Some online scams ask you to hand over your money for an investment scheme or as a contribution to a charity. Here's how these work.

Investment fraud lures you with large profits and insider information guaranteed to help you get rich quick. This kind of scam has been around for years and can turn up online or offline. Online investment newsletters that offer bogus research, bulletin board posting threads that build up the reputation of a stock to create an investing frenzy, and e-mail scams that spread false information about an investment opportunity have added a virtual twist to old cons.

Charity fraud occurs when you are solicited to contribute to a charity or cause, only to find later that the charity is nonexistent. The people who run these scam Web sites count on your generosity, especially right after a disaster, when you feel a sense of urgency about helping people in need (see Figure 14-2).

Figure 14-2. Disasters bring charity fraud perpetrators out of the woodwork. Creating a fake site like the one shown takes very little time.


Scam sites often have names or URLs similar to established nonprofit organizations and sometimes they even "trick" search engines into placing their site near the top of the results displayed when you perform a search. Another ploy scam artists use is to assume that a good percentage of people will misspell a term such as "tsunami." The scam artists link their sites to search results generated by the misspelled words so that the first charities to appear are fraudulent.

Just as you always have, research charities that you aren't familiar with before handing over your money. Many phishing scams today are so convincing that even a trained eye might have a hard time spotting them. That's why, in addition to using a careful eye, it's important to take advantage of anti-phishing technology.

Stealing Your Identity

Attachments to online messages, including e-mail, instant messages, or files posted to sites, can contain malicious software. When you open an attached file, this "malware" is then downloaded to your computer without your knowledge. Such an attachment might contain one or a number of malicious programs designed to harm you or your computer. One type of program that is frequently used to steal identities is called spyware. Some types of spyware allow your online activities to be trackedincluding entry of online passwords, personal information, and account numberswithout you being any the wiser, unless you have spyware detection tools installed.

Or, a thief might invite you to become a member of his Web site, asking you to enter your personal information, including a credit card number, to complete the process. He might even provide a real service or product, such as a downloadable game, so that you are more likely to provide the information and are not able to determine how your identity or banking information was stolen.

Once a criminal obtains your personal information, he or she can use it to apply for credit cards in your name, withdraw money from your accounts, charge merchandise online, and more effectively assume your identity. Because kids are more inclined to click on ads, open e-mail and attachments, or take surveys, children's sites are some of the worst offenders for feeding spyware and other malware onto your computer. It is important to teach your children not to click on ads, pop-ups, and links unless they are sure the ad is legitimate and the link comes from a reputable source.

Think About It

When you check your credit history, you should also check the credit history of your children (which is free) to be sure their identities haven't been stolen. Identity scams can saddle your kids with a bad credit history before they even get their first job.


Going Once, Going Twice ...

When you buy or sell something through an online auction site, you are often not transacting business with a brick-and-mortar company, but with another individual or a virtual company. The basic protections many physical businesses provide aren't available in this scenario. For example, a seller on an auction site might take your money and never deliver the goods or deliver merchandise that is not what you thought it would be. When you try to return faulty merchandise, the seller has disappeared. Again, make sure you do your research. There are legitimate auction sites that provide many of the basic protections you would find in a brick-and-mortar store.

How to Spot Financial Scams

Well-executed scams are hard to spot, even for experts, so always use cautionand follow a few guidelines. Always be suspicious if

  • An e-mail message asks you to update or enter personal information and provides a link.

  • There's a sense of urgency, such as a limited-time offer. Cyber-criminals hope you'll be so eager to act, that you won't stop to think.

  • The e-mail or Web site contains grammatical errors or misspellings. Reputable companies rarely have such errors. However, keep in mind that as criminals get more sophisticated their spam and phishing scams have matured, and many will no longer make "amateur" spelling mistakes.

  • The Web site's URL is subtly different than the actual company name. Remember that some domain names are registered with common misspellings for a URL so that you might land on their site by mistake and proceed to do business with them.


Advertising Fraud

Classified ad sites are another area where you're not dealing with a company but with individuals trying to sell your something, just as on an auction site. Most of the warnings about online auctions that you'll read in the next section pertain to classified ad sites, as well.

Scams involving advertising can include online classified ads for products or services that are fraudulent or misrepresentative. Reputable classified sites such as Windows Live Expo (http://expo.live.com) and craigslist (www.craigslist.org) post advice about how to use their services and warnings to help you avoid getting stung, and they monitor their sites for abuse.

Think About It

Shopping online is not only convenient, it can often save you money, and it can be as safe as shopping in a store or by mail as long as you follow some basic guidelines. An excellent resource for safer Internet shopping is the U.S. government site http://onguardonline.gov/shopping.html. These recommendations apply to users worldwide.




Look Both Ways. Help Protect Your Family on the Internet
Look Both Ways: Help Protect Your Family on the Internet
ISBN: 0735623473
EAN: 2147483647
Year: 2004
Pages: 157
Authors: Linda Criddle

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net