Common online scams and fraud
There are a number of common online scams and frauds, which we outline below.
419 email fraud
A fraudster who claims to be someone in a position of authority sends you an email, letter or a fax. They say they have access to a substantial amount of money and explain where this money has supposedly have come from. (Usually another country such as Africa or Iraq). The fraudster may like to move the money out of the country, and then give you a reason why they can’t transfer it themselves.
The fraudsters may also ask you for details of your bank account so that they can transfer your reward. They will use this information to try and empty your account.
Dating or romance fraud is when you think you’ve met your perfect partner online, but they aren’t who they say they are. Once they’ve gained your trust, they ask for money for a variety of emotive reasons. Read the big book of little scams for further information
Malware is malicious software that consists of programming, for example code or scripts, designed to disrupt the performance of PCs, laptops, handheld devices, etc. Malware can also collect information or data from infected devices and pass them on to another device. Malware is often referred to as viruses, worms, trojan horses, spyware, dishonest adware, scareware, and crimeware.
Types of malware
- Spyware can track users, alert them to display advertising. When the user clicks on the link they can be taken to a website which is likely to install a virus or other malicious programming.
- Keyloggers can track users’ input on their keyboards. This is usually in an effort to commit bank fraud or to access personal login details.
- Scareware imitates valid software, e.g. antivirus packages to convince users that an upgrade is needed. This upgrade will have a fee attached to it and will not exist.
- Ransomware copies personal files or photos. A demand is then issued for money in return for the images or files. The consequence will be the online release of the images and files to third parties with the intention to embarrass the victim.
- Always use legitimate antivirus software and keep it up to date: The software checks your computer periodically for malicious programmes and monitors files to be opened.
- Know and understand what you are installing on a personal device: Look out for indications that you are using a secure site (with a key or padlock symbol) with the address prefix https:// when you are paying for an antivirus package.
- Keep your firewall switched on: Firewalls can prevent access to your computer from unknown outside sources.
- If you don’t recognise the source or the sender avoid opening emails, sms and internet popup messages, attachments or clicking on website links from unknown sources. If an e-mail from a known source appears in your inbox with an unusually worded subject do not click on the link or attachment.
- Keep safer with “virtualization” software: Heavy users of the internet may find that virtualization software can provide additional peace of mind. This software creates the effect of an authentic computer. Contact Microsoft for further information.
Phishing is a method used by fraudsters to access valuable personal details to commit fraud crime and it can involve sending malicious attachments or website links in an effort to infect computers or mobile devices. Fraudsters send bogus communications: emails, letters, instant messages or text messages which often these appear to be authentic from legitimate organisations. Embedded links within the message can direct you to a hoax website where your login or personal details may be requested.
- When responding to emails or phone calls, never give your personal details. If you receive an email from a company that claims to be legitimate but is requesting these details tell them you will call them back. Use a contact number for the organisation that you have sourced reputably.
- If you detect a phishing email, mark the message as spam and delete it.
- Never respond to a message from an unknown source. Take care not to click any embedded links. Phishing emails are sent to a vast number of randomly generated addresses. However, clicking embedded links can provide verification of your active e-mail address. Once this occurs it may facilitate the targeting of further malicious emails. Even “unsubscribe” links can be malicious.
- Phishing emails will probably contain odd ‘spe11ings’ or ‘cApitALs in the ‘subject’ box and contain spelling or grammatical errors in the email – this is an attempt to get around spam filters and into your inbox.
- Fraudsters are unlikely to know your real name, so the email may address you in vague terms, for example ‘Dear Valued Customer’.