The lonely hearts scam involves fleecing a rich victim by dangling the promise of love and affection. In the old days, the con artist had to physically meet and talk with the potential victim, but nowadays, con
The con artist simply contacts potential victims and claims to be a beautiful
When the con artist believes he has
Sometimes the victim realizes he's been fleeced and stops sending money, but other times the victim honestly believes that the con artist is a woman trying to get out of another country, and keeps sending the con artist money in hopes of eventually meeting the beautiful woman in the photograph. The longer the con artist can maintain this illusion, the more money he can fleece from the victim.
When you type anything on the Internet (such as your
search for credit card numbers by intercepting these packets of information. Typically, someone will plant a packet sniffer on the computer hosting a shopping website. That way a majority of packets that are intercepted will contain credit card
Packet sniffers intercept information on the Internet in much the same way that a thief can intercept calls made with cordless or cellular phones. If you order merchandise over a cordless or cellular phone, a thief could intercept your call and steal your credit card number as you recite it over the phone for the order taker. After the packet sniffer intercepts a credit card number, it copies it and sends the credit card number to its final destination. Consequently, you may not know your credit card number has been stolen until you find unusual charges on your
To protect yourself against packet sniffers, never send your credit card information over the Internet. If you still wish to order merchandise online, only trust
While the threat of someone intercepting your credit card number through a packet sniffer is
is quite similar to packet sniffing, but instead of
Figure 9-4: Web spoofing tricks you into visiting a
Fake websites often have URLs similar to the website they're spoofing, such as http://www.micrsoft.com (misspelling Microsoft), so victims will believe they're actually connected to the legitimate site. When you think you're sending your credit card number to a legitimate firm to order merchandise, you're actually handing the
To protect yourself against web spoofing, make sure you can always see the website address in your browser. If you think you're accessing Microsoft's website (http://www.microsoft.com), but your browser claims that you're actually accessing a website address in another country, you might be a victim of web spoofing.
The boldest way to get someone's credit card number is just to ask for it. Naturally most people won't hand over their credit card numbers without a good reason, so con artists make up seemingly valid reasons.
involves contacting a victim by email or through a chat room. The con artist may claim that the billing records of the victim's Internet service provider or online service need updating, so would the victim be kind enough to type their credit card number to verify their account? (See Figure 9-5.) Phishing is
Figure 9-5: Phishing means sending potential victims seemingly legitimate messages, asking for passwords, credit card numbers, or other confidential information.
Obviously, no legitimate business has any reason to ask for your credit card number through a chat room or by email. To protect yourself from these scams, make sure you never give out your credit card number to strangers through the Internet or any online service.
is a special program or piece of equipment that secretly records a
Software keystroke loggers hide in memory, while hardware keystroke loggers either connect between the computer and the keyboard or hide inside specially disguised keyboards. Visit KeyGhost (http://www.keyghost.com) to view examples of both types of keystroke loggers.
If a hacker doesn't have access to your computer, he or she can still install a keystroke logger on your computer remotely by using a remote access Trojan horse or RAT (see Chapter 8.) The con artist simply contacts potential victims through email or chat rooms and convinces them to download and run the Trojan horse. Once the victim runs the Trojan horse, it opens a port and contacts the hacker. From this point on, the hacker can read any files or watch the keystrokes on the victim's computer without the victim's knowledge.