14 April 2011
AntiTerrorism Spotlight
"Email Scams"
By Karen E. Sims
USAG Antiterrorism Officer
 
Hundreds of thousands of internet-based and email scams and fraudulent schemes exist online. Many are pretty obvious and easy to avoid, but many are very sophisticated and hard to spot.
New internet users are especially prone to falling victim to internet scams.
The key to staying safe is learning how to recognize a scam when you see one.
Email phishing scams are a leading way for cyber criminals to obtain sensitive information from unwitting parties.
They generally contain clickable links that direct online users to access data mining websites.
There you are asked to input certain data such as credit card information, login data, passwords and other information.
Most legitimate companies will never use an e-mail to ask you to provide or verify your personal or account information.
If an email asks for this type of information, assume it's a scam.
Characteristics of phishing email include the following:
 
* False sense of urgency.
Many phishing emails try to deceive you with the threat that your account will be in jeopardy if it's not updated right away or that it has been compromised.
An email that urgently requests you to supply sensitive personal information is typically fraudulent.
 
* Fake links.
Many phishing emails have a link that looks valid, but sends you to a fraudulent site that may or may not have an URL different from the link.
Check where a link is going by moving your mouse over the link in the email and looking at the URL in the bottom bar of the browser.
If it looks suspicious, don't click it.
 
* Misspellings and bad grammar.
Fake emails frequently contain misspellings, poor grammar, missing words and gaps in logic.  These types of mistakes help scammers avoid spam filters.
 
* Sender's email address.
To give you a false sense of security, the "From" line may include an official-looking email address.
The address may actually be copied from a genuine one.
The email address can be easily altered, so it is not an indication of the validity of any email communication. 
 
The Nigerian Money Fraud (also known as the 419 fraud) email scam has been around a long time, and people are still falling victim to it.
You receive an email from a Nigerian "government official" who is asking for help.
He wants to transfer millions of dollars out of Africa, but needs help on the other side. In exchange for your efforts, you are promised a very large share in this fortune.
This scam starts out with requests for simple things like letterhead stationery. Soon the scammer asks for monetary help, in order to "bribe" government officials in preparation for the big money move.
The amounts requested are small at first, but as the victim gets more involved he is conned out of more and more money.
When the victim finally "catches on" and stops sending money, the scammer steals from him.
He uses all the personal data and bank information he has gathered during the course of the scam to drain bank accounts or perform identity theft.
According to the 419 Coalition Website, this scam has taken in billions of dollars since its inception in the 1980s.
You can learn more by visiting:http://home.rica.net/alphae/419coal/
 
Con artists are clever and cunning, constantly hatching new variations of age old scams.  Recently we have heard email scams targeting USAA banking and insurance customers and even a charity scam for victims of the Japanese tsunami.
 
As we've seen on far too many occasions before, scammers think nothing of capitalizing off human misery.
 
* Take care when searching for news about any disaster. Hackers often poison search engine results to exploit breaking news, in order to spread malware.
Only visit legitimate news websites if you want to keep up-to-date on developing news stories.
 
* Make sure to donate via legitimate charity websites. In the past, scammers have often take advantage of a natural disaster.
This not only benefits criminals, but deprives the people who need financial support the most from receiving charitable donations.
 
* Be cautious of links which offer you dramatic video footage of a news story. Malicious hackers and scammers know that the public finds it hard to resist clicking on such links and can plant malware and scams at the end of them.
Skeptical consumers can spot questionable or unsavory promotions in email offers.
You can reduce your change of being victimized.
 
* Do not use links included in the email.  Open a new browser window and type in the URL you know to be correct.
 
*Do not open attachments.
Like fake links, attachments may be used in phishing emails and are dangerous.
Opening one, even an image or .pdf, could cause you to download spyware or a virus.
 
* Call the company in question using a phone number you know to be correct.
The person you speak with will most likely be able to confirm whether they actually need the information and, if so, whether you can provide it over the telephone.
* Use anti-phishing software.  There are a number of programs available that will check the web address in question against a list of known phishing scams and notify you if the site appears there.
 
* Update your computer with the latest browsers, upgrades and security patches.  Some spoof sites are able to obtain your information through your internet host company's address if you simply visit the site.
 
If you have responded to an email asking for personal or account information, you should notify your financial institution immediately and keep a close eye on your accounts.
Posted by PAO

For more Fort Detrick News, vist "The Standard"
   - the official newspaper for Fort Detrick.
For the full archive, visit http://www.dcmilitary.com/standard/

The Standard

Site Helpers

FAQ

The Standard

Categories
Archives