Police in Burwood, Sydney, Australia, are investigating recent fraud cases whereby local women were targeted in online dating sites. The women are lured into an online relationship, complete with emails and phone calls, and once they gain their trust they ask for money. The con artists in these cases are based in Singapore and Malaysia.

In one case a lady sent over $100,000. And in nearby Erskineville a woman was tricked into sending $275,000 to a con artist in England.

The scam begins with an ad on an online dating website, targeting asian women in Sydney. They describe themselves as wealthy bankers or businessmen. They send photos, stolen from other websites on the internet. They lure their victim along for up to six months, gaining their trust, and eventually start asking for money.

These scams happen all over the world. Please help raise awareness by talking about this issue with people you know.

Note: because I used the words “online dating”, Google has placed ads on this page with links to online dating websites. Some people who post ads on these sites are not genuine, use your own judgement here.

Here is a new scam email. It scams begin with a confusing story about millions of dollars and some official sounding name dropping (the FBI).

If you look closely you’ll see many spelling and grammatical errors. Also, the email was not sent from the FBI – you can see this in your inbox if you place the mouse pointer over the sender.

The emails is:

FBI Headquarters
935 Pennsylvania Avenue, NW
Washington, D.C. 20535-0001
(202) 324-3000

Sir,

We the Federal Bureau of Investigations (FBI) Washington, DC in conjunction with some other relevant Investigation Agencies in the United states of America and right now in West Africa, headed by Wayne Mitchell (RPO), we understand that your fund has not yet been transferred to you do to an Outrageous Conduct.

We have to let you know the truth because we know that you have gone far in trying to get this fund and you must have paid some amounts of monies to persons you are not supposed to give out a dime to. Through our Global Networking Investigation, we discover that your fund (Sixteen Million United States Dollars $16,000,000.00 including the accrued interest is among the funds ON HOLD in West Africa (Ghana) do to one or two reasons which you have not been told.

As the Executive Director, Federal Bureau of Investigation FBI and a Principal Officer, We strongly know that the people you have been dealing with are not going to tell you the truth because they are all Criminals. You are hereby advised to stop every communication with any Office and feel free to explain to this Bureau why your fund is not yet released to you.

As a matter of fact, we do not have enough time to waste since we have consumed much time in going through your Payment files to ensure that these Funds are genuine and legit. On this Effect, this instruction requires urgent attention because the release of your fund is due.

We awaiting for your urgent response,

Sincerely,

Robert Muller III
FBI Director Headquarters

If you reply to the email they’ll make their story even more complicated and start asking for your bank account details. Their reply is:

FBI Headquarters
935 Pennsylvania Avenue, NW
Washington, D.C. 20535-0001
(202) 324-3000

Kind Attn:

This is to bring to your notice that we have received your mail today.

We understand that your fund has not yet been transferred to you do to an Outrageous Government Conduct which you have not been told. What a mess? though the FBI expertise and the investigation teams has officially instructed the holding bank to release your long awaited fund valued the sum of Sixteen Million United States Dollars $16,000,000.00 to you with immediate and effect.

The financial expertise and the investigation team has resolved to the fact that the fund is genuine therefore you have to stop every communication with any Office and feel free to contact the holding/ paying bank with your banking details through the below contacts information for your fund to be release to you:

MERCHANT BANK GHANA LTD
Contact Person: Managing Director
Email: merban@accountant.com
Phone: +233-247630112
Fax: +233-303403381

Do this and let us know if there’s anything you do not understood so that we can give you further instructions to back you up for this claim.

Sincerely,

Mr. Robert Muller III.

If you see this email, mark it as spam, or delete it.

Lately there have been some spam emails claiming to have details about an incorrect hotel transaction. The email is a ploy to install malware on your computer. Here’s how it works,

• You receive an email telling you that a hotel has incorrectly charged your credit card
• The email also says that you should fill out an attached form for a refund (i.e. open an attachment and get some money)
• The attachment installs a fake antivirus program
• The fake antivirus program asks you to pay money to clean your PC (even though there’s really nothing wrong with it)

Hotel Renaissance Chicago made wrong transaction

Hotel Westin St. Francis made wrong transaction

Wrong transaction from your credit card in Woodrun V Townhomes

The following email is a scam, it looks confusing and encourages readers to click on a link. And there are many links in this email, all pointing to a hacker’s virus infected site.

Below is the email, with personal details and all of the malicious links removed:

Dear …,

Thank you for scheduling your recent credit card payment online. Your ($USD) $117.00 payment will post to your credit card account (CREDIT CARD) on 08/06/2010.

Now that you’re making your payment online, are you aware of all the convenient ways you can manage your account online?

Just log on to www.chase.com/creditcards today. Using the "I’d like to…" links for your credit card account, you can access more than a dozen features, including links to:
See statements – Choose to stop receiving paper statements, and see up to six years of your statements online.
See automatic payments – Set up monthly payments to be made automatically.
Transfer a balance – Transfer a balance to your credit card account.
Go to Personalized Alerts – Schedule Alerts to remind you of key account activity.
You can also see past payments you’ve made online by logging on to www.chase.com/creditcards and clicking "See/cancel payments" under "I’d like to …"

If you have questions, please call the Customer Service number on the back of your credit card.

Thanks again for using online payments.

Sincerely,
Cardmember Services

Never trust emails like this, especially if you don’t have an account with the company.

A useful trick to spot these scams is:

• Identify which company the email claims to be from. In this case, it’s a company called Chase.
• Place your mouse pointer over a link, but don’t click.
• Look at the bottom of your screen, you should see the real link it points to. (You need to be using a modern web browser for this to work).
• If the addresses don’t match then it’s likely a scam.

E.g., the email above talks a lot about chase.com. This is a real company in USA. When I place my mouse pointer over the link, my browser says it goes somewhere different. The addresses don’t match, this is a scam. See the picture on the right.

Emails like this are scams. They are not legitimate jobs and you should not contact the sender – it’s part of a money mule scam.

Some words in this email can change but the general part of it remains the same:

Hello,
My name is Earnest and our company currently has several positions it needs to fill in your region.
We are a well known company with offices throughout Europe, Asia and North America.
Our current turnover is over 130 million annually and we are still seeking for expansion.
I have 12 vacancies of Financial Assistant that need to be fulfilled immediately.

Major operational duties are prompt receiving and processing customer’s payments for their further transfer according to the specified method. Detailed work scheme will be provided upon request.

I am looking for self-motivated individuals with strong work ethics and ability to schedule work hours effectively.

Requirements:

* Expert skills in managing payments and transfers between our company and clients
* Knowledge of basic payment systems
* Bank account (personal or business)
* Advanced PC and Internet skills
* Minimum 24 y.o.

Benefits:
*Salary plus commissions
*Full reimbursement of banking and Western Union fees.

NOTE: This vacancy is valid for American residents ONLY.

Contacts: <removed>

So if you see an email like this delete it. Don’t fall for the scam.

The following email is a phishing scam. It tries to trick people into handing over some account details. The usual trick for phishing scams is to make the email sound important, and there’s a link in the email to make it easier to get to the scammer’s web site.

The phishing email says:

Dear member:

We have recently updated our Online system to include new layer secure authentication. This is intended to provide you with the best security possible when accessing your account.
You will need to update your account in order to continue using your card.

CUA Update

Your ticket code is L690545X.
We apologize for any inconvenience this may cause and appreciate your patience and understanding.
Member ID 690545

The domain name they use is cua-members-australia (.com). After doing some simple research, CUA is a credit union in Australia. Their real address is www.cua.com.au so the one provided is obviously fake, even though it might sound real. Further research shows that the fake address was registered in USA (even though these details could also be fake).

Below is a screenshot of the phishing scam site:

They get straight to business asking for a card number and a PIN. Very private information that no one should ask you.

I’ve written about money mule scams before, here’s another one.

When a scammer has a large amount of money to move, such as stolen money they want transferred into their own bank, they don’t do it themselves. That would make them too easy to get caught.

What they sometimes do is ask other people to transfer the money. They tell these other people that it’s a legitimate job, and trick them into making these bank transactions.

They even go so far as to invent a company in order to recruit innocent people, or sometimes borrow the name of a legitimate company.

One such example is a job ad that claims to be from a US company called Texaco. The scammers sent a forged email with a link to a fake website, made to look like the read Texaco.

The scam email says:

Texaco/Chevron Downstream Europe
  1 Westferry Circus Canary Wharf
  London E14 4HA

Dear Job Candidate,

The TEXACO Online Employment System wish to inform you that your posted information onlinehas been carefully and confidentially reviewed by our Recruitment Team Professionals and we have considered under our current vacant opportunities within the Firm to employ you for work in our company.

TEXACO Online Employment System is affiliated to various job recruitment websites and your information was submitted to us by our online agent that submit job candidate resumes for consideration of employment depending on the vacancies we have in any branch of TEXACO Company Worldwide.

As regards to this, you have been automatically granted this employment to work in TEXACO Oil & Gas Field with a monthly salary of Eight Thousand
Five Hundred Pounds (£8,500).

Kindly acknowledge the content of this message by reconfirming your interest in working for us and indicating your area of job interest, ensuring that you
have quoted your vacancy title below or send your CV with a covering letter.

For further details relating to your employment, kindly send an email to
Texaco/Chevron Downstream Europe H/R Recruitment Service Department
texaco@post.com / http:// texaco.us.ms / http:// texaco.com/portal_default.asp/.

  Regards,
  Paul Matins
  HR Recruitment Manager

This email is a scam. The web site that they give ends with .us.ms – this is not the real Texaco’s domain name.

So the next time you see a job ad too good to be true, consider if it might be a money mule scam. Does the job ad promise to pay an unusually large rate? Is the work unusually easy? Is the job description vague? Is the web address correct? Did you receive the job ad in an unsolicited email? These are all questions you need to ask yourself.

ATM card skimmers are still very common. There’s a new web page showing the latest ones found (click here). It’s a very good quality card skimmer,  most people wouldn’t be able to tell it’s actually stealing card details. In the photo on the right can you tell which one is the real card reader and which is the skimmer?

Inside the card skimmer it has:

• Electronics to read your bank card’s details
• A camera to record someone typing a PIN

Some other card skimming devices also have a mobile (cell) phone built in, to transmit details to the criminal. This one doesn’t.

So the next time you use an ATM have a good look at the card reader. These things are out there, people get caught out every day.

There’s a fake email being circulated in the UK asking for donations to help with the recent earthquake in Haiti. The email claims to be from the Red Cross but it’s really just a scam.

This is what the email looks like:

The British Red Cross Society
British Red Cross
UK Office
44 Moorfields
London EC2Y 9AL

MAKE YOUR DONATIONS NOW
=====================

Dear reader,

A devastating earthquake measuring 7.3 on the Richter scale struck Haiti on 12 January 2010 sending the Haitian Capital Port-Au-Prince into chaos, killing hundreds and affecting thousands more. Please give what you can today to help thousands of people there in desperate need of humanitarian assistance.

Relief aid workers from the Red Cross have already been arriving at the Haitian capital with relief materials.

Donations have been grouped into two cartegories:

1: Group A (£250 British Pounds to £1,000 British Pounds
2: Group B (£1,000 British Pounds and above)

Donations are to be made payable immediately via WESTERN UNION MONEY TRANSFER immediately and directly to our donations accounts liason officer as RECEIVER’S name:

DONATIONS ACCOUNT LIASON OFFICER:
LOCATION: 44 Moorfields, London EC2Y 9AL

Please provide us via return email the following informations below as they appear on the Western Union Money Transfer slip;

1. Name and Address of Sender
2. Exact Amount Sent ***
3. MTCN ***

NOTE: At British Red Cross we are committed to protecting your privacy as a STANDARD practice. We will not share your information unless you have previously indicated that you are happy for us to do so.

Hope to receive your donations soon as thousands need your help.

Please send return email with donations details to

Yours Sincerely,

For and on behalf of The British Red Cross Society

The email has a few spelling and grammatical errors. They unnecessarily capitalise a few words. Both of these things are unprofessional and would not be done by a serious organisation. Also, they want money sent to Western Union! Any legitimate organisation would have a professional method of accepting money. All these things should make you suspicious of the email.

If you see this email remember that it’s a scam. And there’s no doubt that there’ll be dozens more emails with similar Haiti scams. If you want to donate to help with humanitarian efforts then find an official (and recognised) charity organisation and donate to them. Don’t click on links in emails that you receive.

Also be aware that scammers will use every event that makes the news as an excuse to send these type of emails. When celebrities die they send out similar emails, asking for money or asking you to click on a link (that goes to a malicious site). They never stop sending out these emails.

Android is a system used by some smartphones (similar to iPhone or Windows Mobile, but made by Google). Like other smartphones you can install apps on Android.

One Android app that showed up recently is a free banking app. It looks like it supports US banks. But instead of logging into your bank it sends your online banking details to a scammer. Then it won’t be long until someone steals money from your bank account.

Google has been notified of this malicious app and they have removed it. But for some people it may be too late.

There’s a lesson to be learnt here. Smartphones are cool, installing apps on them is cool. But we shouldn’t let our guard down and trust everything to them. Know what you’re installing, know who wrote the software, and how it stores and sends your login details.

As more people buy smartphone scams are only going to become more common.

Here’s an example of a very sophisticated piece of malware designed to steal money. It was discovered recently in Germany and was used to steal €300,000 in 3 weeks. Here’s how it works:

1. You visit a web page that has been hacked. It’s an ordinary web page (such as a news site), nothing looks out of the ordinary.
2. A trojan is installed on your computer without your knowledge. It sits there on your PC waiting and watching.
3. You log onto your internet banking site. Everything still looks normal.
4. The trojan detects that you’ve logged into an internet banking site and it makes a transaction, transferring money from your account to the account of a money mule (more on this later).
5. When you look at your bank statement online, the trojan captures the network data and changes it to hide the transaction it made. The numbers it shows on the screen have been altered.

Step 5 is the sophisticated part of this attack. Normally you’d notice if money was transferred from your bank account without your approval, but the trojan hides this by showing you a fake statement on your screen. If you can’t see the money being taken from your account the criminals have more time to keep making withdrawals.

The amount of money it steals is different each time so that the bank’s anti-fraud detectors don’t see the pattern of theft.

More details here on this attack works.

So what’s a money mule?

Stealing money from people’s bank accounts is a big business. Criminals not only write sophisticated malware to carry out the transactions, they also recruit money mules to launder the money.

They place ads online offering jobs to desperate people. These jobs require no experience and you work from home (sound familiar?). People who sign up to these jobs receive money in their bank accounts, then they have to transfer it to someone else’s account. They do this willingly and are paid for it, but they usually don’t know that it’s part of a criminal organisation.

This is how the criminals receive their stolen money and cover their tracks. It’s a form of money laundering and is illegal. And to avoid a pattern detection they usually only use these money mules twice.

Here’s an example of a money mule job ad.

Lessons Learnt:

• Always use an antivirus program that not only scans your PC for malware, but also checks every web page you go to. Good antivirus programs cost money and it’s a good investment to protect your online security.
• Only use internet banking from a PC you trust.
• Always update your PC with the latest patches. For example, tomorrow there’ll be a large Windows update, you should install this as soon as possible (after you make a backup).
• Don’t trust job ads that promise the world for little to no effort.

McAfee, a large anti-virus company, has published a report called “Inside the Password Stealing Business: the Who and How of Identity Theft”. It goes into the details of password stealing programs and explains the “industry” driving it.

It’s quite detailed and at 17 pages it won’t take too long to read – it’s not very technical.

Password stealing is when a program gets installed on your PC that catches every stroke of your keyboard and sends it back to a criminal. The idea is that it’ll record all your passwords as you type them, no matter how strong they are. It’s a sophisticated piece of technology and a very large problem worldwide. If you’re not constantly upgrading your anti-virus software, web browser and OS then you’re at high risk.

These passwords are then sold off and used to steal money from your bank account or to commit other crimes. Even if you don’t use online banking you still have something to lose – someone can apply for a credit card under your name and use it to make expensive purchases, then you’re left to deal with the credit card company and convince them it wasn’t you (this happens every day).

So click on this link and have a read of the report.

I received the email shown below, Googled it and saw that it’s a scam. Unfortunately I also found that quite a lot of people have fallen for this scam so I’ll explain how it works.

Firstly they send out the email shown, it offers to list your business on a register. Their email mentions the word “free” several times and they never mention a price – but it’s misleading, they’re actually offering a paid service. It’s called deceptive marketing and it’s illegal in most countries.

Then if you sign up to list your business they send an invoice for approx €995 (quite a bit of money).

Now this is when the stress begins for most victims. If you ignore their invoice they start sending a stream of nasty letters threatening legal action. Based on what I’ve read in forums it seems that they’re empty threats (see for yourself here).

So please do a bit of research on any unsolicited marketing offers you might receive. Search on Google, even if you think it’s a free offer.

The email that they sent is:

Ladies and Gentlemen.

In order to have your company inserted in the registry of World Businesses for 2009/2010 edition, please print, complete and submit the enclosed
form (PDF file) to the following address:

WORLD BUSINESS GUIDE
P.O. Box 2021
3500 GA Utrecht
The Netherlands

email: register@wbgtoday.net
FAX: +31 20 524 8107

Updating is free of charge!

If you are not the intended recipient, please submit an email to
unsubscribe@wbgtoday.net
Your request shall be dealt with accordingly.

And the attachment that they sent looks like this:

If you see this email just delete it.

This one has been reported in Australia but could just as easily happen anywhere.

Scammers have been knocking on people’s doors and claiming to be officials from the Australian Tax Office. They ask the resident to sign up to a program in return for reduced taxes. This is the bait part of the scam, offering you a way to pay less tax.

The scammers just need your credit card or bank details in return for their generous offer of reduced taxes. This is confidential information that you shouldn’t be giving out to strangers.

The Australian Tax Office has said that they’ll never initiate unsolicited house calls, if they do ever visit your home they’ll make an appointment first. And they will always show some ID on arrival. If this happens to you and you’re unsure what to do, the ATO’s phone number is 1300 686 636, they’ll be able to verify the situation.

This scam was also happening earlier this year using phone calls – the scammer calls random people and gives them the same story about reducing their tax and claiming to be from the Australian Tax Office.

If you have any comments on how this works in other countries please post below in the comments.

This particular type of fraud targets shop owners and police say it has been happening in Sydney.

The criminals go to a retail shop dressed as electrical contractors and cut their phone lines. They then go into the shop as customers and buy products using a stolen credit card.

Because the phone lines have been cut the store’s staff can’t verify the card to process the transaction. So they either have to trust that the card is legitimate and process the order on paper, or turn away customers.

If you work for a retail store you should be aware of this fraud tactic. There may also be things you can do to protect access to your store’s phone lines, and it may be possible to organise credit card processing facilities that use a mobile network as a backup.

The email below suggests you can receive $20k from the US government. They ask you to send an email with your personal details. These type of scams then ask you for more details.

Your details are then used for fraudulent activities, under your name (this is called identity theft). It’s also common for the scammer to start asking you for money – there’s usually an excuse that they need to pay lawyers or some other convoluted story.

Below is the scam email, if you see this just delete it:

Hello

Secure $20k in Govt Grants and you never need to pay it back.

All American residents can apply for Govt Grants.

Allotment of grants doesnt depend on your credit history.

The strength of our firm is grants writing.We’re doing business since 1999 and we have helped around 20,000 people obtain grants.

Our company is taking fees of 10% only after our clients receive funds from Govt.There’s no risk for you at all.You’re paying our fees only when you’ve received grant money in your bank account.

Send us details including first name, last name, address, profession, date of birth, annual income, reason for govt grant.

grantswriting27@mail.com
Reply back to this email.

Regards

Johnathon Hodge

There is a hacked version of the popular VLC media player. Instead of installing VLC, it starts installing, then asks you to send an SMS to a number. They then send you a code in return to continue installation.

This is wrong. The people that hacked this installer are just trying to make money from your SMS’s. At the moment it’s been detected in the French version of VLC but it could apply to any language.

The real VLC player never asks you to send an SMS. The real VLC player can be downloaded from: http://www.videolan.org/vlc/

If you download it from anywhere else you end up putting your PC at risk. Always download files from the original vendor’s web site. You can search Google to find it.

This isn’t internet or PC related but it’s still good knowledge to avoid scams.

ATM skimming usually involves someone attaching 2 devices to an ATM:

1. A device to read your bank card number
2. A device to record you typing in your PIN

They attach these devices to the ATM and make it look convincing enough that most people won’t notice they’re there.

In the past the scammers would come back in a few hours and take away the devices so they can retrieve the information. And sometimes the police would be there waiting for them to return. Today crooks have gotten smarter and attach mobile phones to send the information to their own phone. This way they don’t have to return to the scene of the crime.

So the real problem is, how do you know if an ATM has these skimming devices attached? Below is a presentation prepared for a local bank in Australia. No matter which bank you use the information in this report is useful.

It’s easy to read through the presentation and won’t take up much of your time, and it’s full of interesting photos of card skimmers. You can find it here:

PowerPoint presentation: here.

I just received this one. I haven’t worked out if it’s a scam or how it works, I’ll update this post when I find out (please post your comments here if you know anything). (Update: it’s legitimate)

The SMS was received in Australia and reads:

When you are home please call FOXTEL on 1800882016 (12pm to 8pm) so we can help you check whether your dish requires a component upgrade (no charge).

I don’t have a Foxtel dish and never requested any kind of service or upgrade. My guess is that if I call that number I’ll be charged at a premium rate, or someone will ask me for my credit card number.

Update 1: Someone pointed out that I should be able to call the 1800 number from a pay phone for free. So I’ll do that tomorrow, I have nothing to lose.

Update 2: Pay phones are rare these days. After finding one I called the free number, it’s an electronics engineering company that services Foxtel dishes. Seems like it’s a legitimate SMS, just sent to the wrong person (me). I also received a second SMS exactly the same.

So there we go, it’s not a scam.

There were some ads on Facebook promising to make you rich by signing up to a Google advertising program. The ads had bogus testimonials, trying to make it look real.

If you click on the ad it takes you to a page branded "EMillionaire". It tells you to submit your details to see if you’re eligible to join the program.

The details it asks you for include your credit card number. It said that you would be charged US$1.90. Maybe some people were ok with this charge.

However, instead of being charged a small amount and being told the secret of becoming a millionaire, they charge US$197 to your credit card.

This is a scam. Facebook said they’ve removed the ads but people have reported that some still exist.

Also watch out for "Work at home" ads, they’re usually a scam as well.

I was sent the following email. It’s called a money mule scam, basically money laundering. Taking part in these scams is illegal, and in some cases they even ask you to buy things to get you started (making it an even greater scam).

The email looks like:

Point Focus LLC is  now expanding! To deal with the international payments processings we are now looking for people willing to facilitate  establishing of our all-round-the-globe business connections and assist saving considerably by tax disbursing reduction. This position of the Financial Assistant involves accepting payments from our Australian, UK and US ( rarer Spanish) clients to your account and resending to our partners.

You are getting paid right by the moment you cash the payment. It’s the commission in amount equal to 4% out the sum posted on your account. This very amount you’re deducting before sending anything out. So,estimated roughly, you can make up to 2000$ extra monthly.  

Plus, you get: 
- flexi-time (usually 2-3 hours a day)   
- Saturdays & Sundays off    

Requirements:    
- Have to be aged 21 or above   
- No criminal record 
- Regular Internet access    
- Ability to accept payments using your bank account 
- Ability to resend the money through Western Union    

If feel qualified, please, attach the following info to start up with:   
-  Fist Name:
-  Last Name:  
-  Age:
-  Sex: 
- Country  
- State, City, Zip   
- Phone number (home and cell)
- Valid email address

NOTE!!!! the email address you use to contact us for the first time is: pointfocusgo@—.com , in the subject field put “interested”. Please, use only mentioned email address, otherwise we’ll fail to receive your response.

Remember if you receive an email like this delete it, don’t reply to it.

The FIFA World Cup is scheduled for 2010 in South Africa and scammers have already started using this news to trick people into giving out their personal details.

A new scam email is sent to people telling them they won a lottery. The email is full of interesting things to catch people’s attention such as a large dollar amount ($850,000) and social tricks such as asking them not to tell anyone about their winnings.

At the end they ask the recipient to send them a few personal details, which the scammers then use to steal money from your bank accounts.

The email uses broken English and is full of "official looking" random letters and numbers.

Below are some quotes from the scam email. If you receive this email just delete it.

South Africa FIFA World Cup 2010
Government Accredited Licensed!!
Online National Lottery South African
2009/REF:EAASL/941OYI/04&
Batch: 12/25/DC34 RE:LOTTO

Your email have luckily won the sum of USD$850,000.00

Which subsequently won you the lottery in the 2nd category i.e. match 5 plus bonus. You have therefore been approved to claim a total sum of $850,000.00 USD… In cash credited to file KPC/9080118308/02. All participants for the online version were selected randomly from World Wide Web sites through computer draw system and extracted from over 100,000 union associations and corporate bodies that are listed online this promotion takes place weekly.

Our agent will immediately commence the process to facilitate the release of your funds as soon as you contact him. For security reasons, you are advised to keep your winning information confidential till your claims is processed and your money remitted to you in whatever manner you deem fit to claim your prize. This is part of our precautionary measure to avoid double claiming and unwarranted abuse of this program your request to fill the information below.

And it goes on and on.

Some people who fall for these things have never entered a lottery, but they want to believe it so much that they don’t stop to consider why they were selected.

Now you might be wondering who could possibly be so foolish to fall for lottery scams. In fact, a large number of people fall for these things. In Australia alone (and with a small population of 21 million) 329,000 people lost money to lottery and phishing scams in one year. 3.6 million people fell for these scams in USA. Imagine how many people worldwide fall for these things.

Not everyone in the world reads Fraudo.com. You can help by talking to people about lottery scams, making them aware of what they are and how they work (there’s more information here). Help educate people, especially those who are less tech savvy or might be desperate for money. You could also help them subscribe to Fraudo.com – get them to enter their email address in the top right corner of this page, sometimes email is an easier way to receive these updates.

If you work in a retail store or any other business that accepts credit cards in person, please be aware of the follow fraud tactic that was recently used.

• 2 customers walk into a retail store
• They select $8000 worth of products
• At the checkout they present a credit card
• The credit card is rejected
• The customers say something along the lines of

  "Oh I knew that would happen. Please call my bank, here’s the number"

• The store attendant calls the number provided by the customers
• The person at the end of the phone approves the purchase and gives the store attendant some kind of confirmation number
• The customers walk out of the store with $8000 worth of products

The number they gave wasn’t a real bank’s phone number. It was their friend answering the call.

Lesson to be learnt? Don’t call the number given to you by the purchaser. Look it up yourself or call your phone company’s directory service.

The full article is here.

One of the best things you can do to avoid falling victim to malware is to use an alternative browser.

Microsoft’s Internet Explorer (IE) is very popular. Not long ago almost everyone used IE, it comes setup with almost every new PC sold (Windows PCs). And malware writers targeted IE because they could attack a majority of users just by concentrating on exploiting one browser. You could call it tall poppy syndrome.

Today Firefox is extremely popular. It’s gone from a small minority of people using it to an amazing 44% (depending on which statistics you read – I used this one). This makes for a fairly large demographic, and malware writers are taking notice.

There’s a new trojan that hides in a Firefox add-on. Once installed it waits for you to go to an online banking site. When it detects that you’re using online banking it starts recording your actions (account details, your password). Then it sends this off to cyber criminals who auction off your details and eventually someone can log into your online banking and transfer money. This isn’t good.

There are a few things you can do to avoid this:

• If you want to install an add-on for Firefox, make sure you get it from a well known site. This is the official Mozilla site for Firefox add-ons: https://addons.mozilla.org/en-US/firefox/
• Use a good anti-virus package (it’s a small investment you make to protect your PC). Make sure it’s kept up to date.
• Once a web browser becomes too popular it’s time to start looking at less mainstream alternatives. At the moment you should consider Opera, Safari and Chrome (these are available for all the popular platforms)

In summary, Firefox is a very secure browser. It’s also fast and powerful, explaining why it’s become so popular. You just shouldn’t take its security for granted. Most malware infections happen when users are tricked into clicking something they shouldn’t have.

There’s a new phishing email that takes readers to a fake survey claiming to be from McDonald’s (the fast food company). It’s similar to this one seen recently.

The email suggests that McDonald’s will give you $75 for filling in the survey. Clicking on the link takes you to a web site with a survey and some McDonald’s images.

When you submit the survey form it then asks you for:

• Your full name
• Your email address
• Your credit card number
• Your credit card’s expiry date
• Your credit card’s security code

This information is collected and later used for fraudulent purposes (i.e. to make purchases using your credit card). If you receive this email or similar ones just delete them. Don’t be tempted by whatever they promise to give you.

And remember that to fill in a survey form there’s never any reason to give out your credit card details. It’s always a scam.

A fake email has been sent claiming that JP Morgan Chase (a financial services company) will pay you $50 for filling in a survey. Sounds tempting, except that the link they want you to click on does not take you to the real JP Morgan Chase’s web site.

Instead it takes you to a fake web site with a form asking you a few questions (the form looks like a real survey). At the end it asks you for your full name, credit card number, expiry date, and PIN number! This kind of trick is known as phishing. Any information you enter here is collected and eventually used to steal money from people’s accounts.

The idea is to entice you with filling in a survey by promising a reward ($50), making their site look like it’s from a large company, then collecting private information that you really shouldn’t be giving out to anyone.

The email reads:

Online Survey – Add 50$ to your account in 2 minutes!

Dear Customer,

You are invited to take part in our nation-wide 5 question survey. Your time is very important to us so $50 will be credited to your account upon the completion of this survey.

Please note that no sensitive information will be required, collected or stored. The information will be used to further improve our services

To take part please click here

So if you see any emails like this just delete them. Also keep in mind that a good anti-virus package can often detect you’re going to a fake web site and stop you.

The following email pretends to be from Western Union. It contains an attachment and the body of the email asks readers to open the attachment.

The attachment is malware. This is another malicious email that uses a creative story to trick people into opening an attachment and letting a malicious program install itself. Don’t fall for it.

Below is an extract of the email:

Hello!

Attention! The wire sent to Kiril Fadeev, Moscow, Russia has been blocked by our security service.

Your credit card issuing bank has halted the transaction by the demand of the Federal Criminal Investigation Service (case No. 43125 since the recipient has been undergoing the international retrieval by the InterPol.

Please contact the closest Western Union office and make sure you have your ID card, the credit card that was used for making the payment, and the invoice file with you.

(The invoice file is attached to this message; please print it out and hand it to our agent.)

You can find the address of the closest Western Union agent on our website at http://www.westernunion.com

Thank you!

Just delete and ignore these emails.

Here’s a scam email claiming to be from the FBI. There are at least two things wrong with this email:

• The web address they publish is www.fbi.org – this is not the real FBI’s address (their real site is www.fbi.gov). Instead it shows a lot of ads and the publishers make money every time you click on a link on that site.
• The email address provided is barclays_live_20@live.com. Live.com is a free email service, similar to Hotmail or Gmail. The real FBI would not be using a free email service

Below is a copy of the scam email (to help Google index this page and in turn help people find out about the scam):

CYBER WIRETAP AND FUNDS RECOVERY DEPARTMENT,
FEDERAL BUREAU OF INVESTIGATION FBI.
J.EDGAR HOOVER BUILDING
935 PENNSYLVANIA AVENUE,
NW WASHINGTON, D.C
20535-0001, USA .
WEB-PAGE: www.fbi.org

Kind Attention,

We believe this notification meets you in a very good state of mind and health. The FEDERAL BUREAU OF INVESTIGATION (FBI) Washington, D.C United States of America in conjunction with some other relevant Investigative Agencies here in the USA have recently been informed through our Global intelligence monitoring network that you have a pending FUND transaction with a Bank regarding to an over-due Inheritance / Award payment which was fully endorsed to be paid in your favor.It might interest you to know that we have taken out time in screening through this whole transaction as stipulated on our protocol of operation and have finally confirmed that BARCLAYS BANK PLC, is the authorized financial institution scheduled to make your payment in line with their remittance requirements. Several investigations by us have shown that you have been dealing with some unauthorized persons and banks regarding the transfer of these funds to your bank account.

Our UK attachee agent recently had a meeting with the Manager of BARCLAYS BANK PLC, in the person of MR. NAIL WIHTE along with some other top officials of BARCLAYS BANK PLC, regarding your case and they made us to understand that your file has been held in abase pending when you personally file for your claims. They intimated him that the only problem they are facing right now is that some unscrupulous element are using this project as an avenue to scam innocent people off their hard earned money by impersonating to be STAFF OF BANKS and its affiliates.

We were also made to understand that a lady with name Mrs. Joan C. Bailey from Ohio, United Of America has already contacted them and also presented to them all the necessary documentations evidencing your claim purported to have been signed personally by you prior to the release of your funds to her, though they insisted on hearing from you personally before they could go ahead on wiring the funds to the Bank information provided by the above named Lady. It is basically one of the main reasons why they contacted us, to enable us assist them in carrying out proper investigation and subsequently informing you of their mandate to Remitting your funds.

Most importnatly, We advise that you discontinue further dealings with any person or organization posing as staff or affiliate of any bank or agency concerning the transfer of your funds. In your own interest, You are advised to immediately contact BARCLAYS BANK PLC, LONDON on the following details for the onward remittance of your funds.

CONTACT PERSON : MR. NAIL WHITE.
ADDRESS: P. O. BOX 738, Eagle Court 75 King Street,
Hammersmith London, W6 9HY, U. K.
Direct Tel: +447024062992
EMAIL: barclays_live_20@live.com
Official Website: www.barclaysbank.co.uk

Ensure that you comply to all their remittance procedures and also furnish them with your full details (Full names and address, direct telephone and fax numbers, source of funds,Expected Amount, etc) to enable them in their verification processes before the release of your funds.

Best Regards,
Agent Lavine F. Ferdon.
FBI Special Agent.
Federal Bureau of Investigation (FBI) Washington DC, USA.
WEB: www.fbi.org.

Delete and ignore any emails you receive like this.

There’s a report that the web site www.beijingticketing.com is a scam. The website has been selling tickets for the Beijing Olympics and has failed to actually deliver anything. Quite a few people have lost large amounts of money buying tickets on this site.

Another website that was recently shut down for a similar scam is www.beijing-tickets2008.com

Read the full article here.

Here’s a new spin in phishing attacks. The idea is to trick people into providing confidential data. This new technique is aimed at Gmail users. Here’s how it works:

• An email arrives in your Gmail inbox. It’s a genuine email addressed to you so Gmail won’t filter it out.
• The email was sent by someone called "customer care". This is enough to get most people’s attention.
• The email is well laid out with a link to your Gmail calendar. This is pretty special as far as spam goes. How did they get a valid link to a calendar entry in there? (Spammers found a way to place calendar entries in other people’s Gmail calendar).
• The email says:

VERIFY YOUR ACCOUNT (…)

This Email is from Gmail Customer Care and we are sending it to every Gmail Email User Accounts Owner for safety. we are having congestions due to the anonymous registration of Gmail accounts so we are shutting down some Gmail accounts and your account was among those to be deleted.We are sending you this email to so that you can verify and let us know if you still want to use this account. (…)

You will have to confirm your E-mail by filling out your Login Information below after clicking the reply button, or your account will be suspended within 24 hours for security reasons.

* Username:

* Password:

It’s an attempt to get you to provide your username and password. If you see anything like that simply delete it.

Sometimes it’s hard to believe these statistics, the numbers are so large. The Australian Bureau of Statistics has finished their first survey of personal fraud. Their findings are that 800,000 Australians fell victim to fraud in some way.

453,100 of those lost money, for a total of $977 million. That’s a lot of people and a lot of money for a rather small population.

329,000 Australians lost money after responding to lottery scams and other phishing related scams.

A lot of people keep falling for scams. The best thing you can do is help them become aware of what scams and fraud tricks are being used. Remember that you can always subscribe to Fraudo.com by email or with an RSS reader.

There’s a new scam being sent by SMS, similar to an email one sent recently. The SMS reads:

Someone paid me to kill you. If you want me to spare you, I’ll give you two days to pay $5000. If you inform the police or anybody, you will die, I am monitoring you.

The SMS also includes payment details and an email address.

This is a scam, do not contact the sender or send any money. The Australian Police has issued a warning about this. They also mention that money being paid by victims is being transferred to Thailand.

Let friends and family know about this scam so that they don’t fall victim to it.

The Advanced Fee Fraud is also known as a 419 scam. This is an old and still very popular scam whereby someone who is either a foreigner or is posing as a foreigner asks a stranger for help transferring large amounts of money. They promise a large compensation in return, and ask for some money to get things started. It sounds simple and a lot of people fall for this.

LinkedIn is a social networking site, much like FaceBook and MySpace. LinkedIn is mostly used by professionals, i.e. adults with bank accounts and who have money. This would make a good target for a scammer.

It’s been reported that these advanced fee frauds have been appearing on LinkedIn recently. Users of the service are being too trusting of the community and scammers are taking advantage of this.

If you use any social networking site please be aware of people trying to scam money using these ploys. Read up on how this scam works and let other people know about it.

Phishing emails are very common these days. Below is a common phishing email from a local bank. Keep in mind that the same technique is used with most banks these days. Spelling and grammatical mistakes usually give them away (although this example is pretty good), and read the end of this article for the best ways to tell a phishing email from the real thing.

An email arrives with a topic “Verify Your Phone Number“. Emails asking people to verify something can be eye catching, and add a sense of urgency. Below are the contents of the email:

Dear customer!

St.George Bank Limited is constantly working to improve the account security of our customers. In order, to ensure the integrity and security of our online banking system, we periodically review accounts. We were unable to contact you by phone during the last check, so please verify the information at your account file and make sure it is right.

Please, verify your account information by following the link.
Click here for verification: https://ibank.stgeorge.com.au/verify/

The next verification will be done soon, invalid account information will result in your account being placed to restricted status.

Customer Service
St.George Bank Limited
http://stgeorge.com.au/

Some things you should keep in mind:

• Banks shouldn’t be trying to contact you by email (although sadly some still do)
• Banks rarely need to verify anything
• The links in the email are false

What would happen if you clicked on the links provided in the email? They look geuine enough.

In most email clients when you put the mouse pointer over the link and wait a second, you’ll see the real link. That’s right, the way email works is someone can display a link that looks like a bank site’s address but in fact it can go somewhere completely different. Maybe the technology behind emails should be changed to make this impossible.

In this case the links point to a site called stgeorgeverify dot com. Again this might fool some people because it has the bank’s name in the address, but it’s not the bank’s address. It’s a phishing site designed to let customers type in their bank details so that scammers can sell the information on the black market (and eventually so that money can be stolen from bank accounts).

There’s very little regulation in domain names (web addresses). It’s easy for someone to register a domain name that looks like a bank’s site. Even if it has one additional or different letter it’s enough for anyone to register. And when someone registers a new domain name they can make it do whatever they like. Technically it’s a new site (even though the name looks similar to a legitimate site).

So when you receive emails from important organisations, such as from your bank, don’t ever click on the links. Go to the bank’s web site by typing its address into a web browser. Because the links in emails can be misleading.

For further reading see our article on how domain names work, and another detailed example of phishing.

A recent scam email uses the following technique:

• The scam email has a long story (see below) mentioning your web site name (which could be your business name or trade mark)
• It mentions that someone else is interested in registering a web site with your web site’s name
• The scam offers to sell you a .cn domain name (.cn is the top level domain for China)

Below is a sample of this scam email:

Dear Sir

We received a formal application from a company who is called Meiao Investment Co.,Ltd are applying to register “—” as their domain name and Internet keyword in China and also in Asia on Apr 17 2008. During our auditing procedure we find out that the alleged Meiao Investment Co.,Ltd has no trade mark, brand nor patent even similar to that word. As authorized anti-cybersquatting organization we hereby suspect the alleged Meiao Investment Co.,Ltd to be a domain grabber. Hence we need you confirmation for two things,

First of all, whether this alleged Meiao Investment Co.,Ltd is your business partner or distributor in China.

Secondly, whether you are interested in registering these domains. (The alleged Meiao Investment Co.,Ltd will be entitled to obtain a domain not needed by original trademark owner.)

If you are not in charge of this please transfer this email to appropriate dept.

This is a letter for confirmation. If the mentioned third party is your business partner or distributor in China please DO NOT reply. We will automatically confirm application from your business partner after this audit procedure.

Bst Rgs
chenllychen
Registration Commissioner
Beijing HA ZD Networks Science and Technology Co., Ltd
Tel: +86-10-82772601
Fax: +86-10-82773610
Email: chenlly.chen@ha-zd.com
http://www.ha-zd.com.cn

There are quite a few variations to this email, the concept is the same. Don’t reply to these emails and certainly don’t buy domain names from them. It’s just another scam. If you really want a Chinese domain name buy one from a reputable registrar.

A fake promotional email, claiming to be from MasterCard SecureCode, offers a 16% discount on all purchases. This could be enough to tempt readers to sign up on the fake web site.

The email has a link to a web site that has been made to look the same as MasterCard’s web site with a form to sign up. The personal details entered here end up going to a scammer. Personal details including your credit card’s number, expiry date, 3 digit security code, and your date of birth.

If you receive an unsolicited email offering 16% discounts just delete it. And don’t click on links in these emails, instead go to a web browser and type in the address you need.

There’s a new phishing trick that involved the user downloading a security certificate. It’s been spotted on a fake Bank of America web site. When this fake page is accessed the user is asked to create a digital certificate.

The control is downloaded to the PC using Microsoft Certificate Enrolment Code. This ads a false sense of security for users.

The next step on the web site asks users to download a file called sophialite.exe This is a malicious program.

So if you end up at a web site that looks like the Bank of America pay close attention to the address shown in your web browser, make sure it’s exactly right.

Where do stolen credit card numbers go?

One place is a web site called SellCVV2. Recently credit card details were discovered being sold on this site. Prices range from US$38 for a small set of credit card details.  This is a fairly professional service offering guarantees and volume discounts on the stolen information.

It now seems that the site’s illegal contents have been cleared out since this information was made public. This doesn’t mean that the black market for stolen credit card numbers has disappeared, it’s only moved to another place.

 
This is how the site appears now.

Vishing is short for voice phishing. This involves tricking someone into calling a phone number, listening to a recorded message, then being tricked into providing personal information to the phone service.

Why would someone want to set this up? To collect your personal information, such as credit card number, its expiry date, your date of birth, PIN codes, etc. That information is then either sold on the black market or used by the scammers to steal or spend your money (this is also called identity theft).

Setting up an automated phone system like the ones described here is fairly easy these days, and fairly cheap.

Do people fall for it? Oddly enough, yes. Hopefully by now everyone’s getting the message not to trust strange web sites on the internet. But less obvious methods such as automated phone services are easily forgotten.

Anti virus software can’t stop you making a phone call. And people can be more trusting of “old fashioned” technology such as phones.

How does it work in practice? Here’s a summary of a recent vishing attempt.

1. Emails are sent in bulk to as many people as possible.
2. The emails have forged headers to appear to come from service@irs.gov
3. The email contains an important looking message. Note that it doesn’t have any links to click on, instead it gives a phone number.

1. Internal Revenue Service Tax Refund

   After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $215.

   Tax Refund Number: <number here> – Will Expire on <date here>

   Attention!

   Tax refunds can be sent only to VISA or Mastercard DEBIT CARDS.

   To receive your tax refund please call the IRS Tax Refund Department at: 602-427-59x

   Internal Revenue Service

Tips to avoid this scam:

• A good anti virus package will detect fraudulent emails such as the one above and filter them out, so invest in one if you haven’t already.
• In a company (small or large) invest in mail filtering. This is usually not included in corporate anti virus software.
• Think carefully why you received this email. Did you really lodge a tax submit a tax return recently, and in the country the email says it’s from? (e.g., if you live in USA and receive an email offering a tax refund from Australia, it’s most probably a scam).
• Does your country’s tax department even have your email address? If you didn’t give it to them then why are you receiving this email?
• Don’t blindly dial the number shown in the email. Look them up in your local phone book.

This isn’t limited to tax refunds. Other vishing variations may appear to be from banks or other financial institutions.

Another variation of this scam is to send people an SMS instead of an email, with a shorter version of the message above. Treat SMS’s like you would treat emails. Note: it’s also easy to forge SMS’s to appear to come from other people.

Automated voice systems can also initiate phone calls with fake caller IDs. The technology’s easily available. VoIP systems are even easier to set up.

The potential to trick people into handing over personal details is just as easy using phones as it is using emails and web pages.

In Australia your Tax File Number (TFN) is used by the Australian Tax Office to identify you. It could be used against you by other people to commit identity theft and fraud so you should take measures to ensure its security. Below are some tips to help you with this:

• Don’t give it out to just anyone else who asks – it’s confidential. See the list below.
• There have been bogus job ads on the internet and in newspapers that ask people to provide quite detailed personal information including tax file numbers. Don’t provide any of this information until you’ve met the potential employer at their office and confirmed their validity.
• Don’t carry your Tax File Number in your wallet or mobile phone
• Securely destroy any mail you receive from the Tax Office showing this number
• Only use tax agents that are registered on the Tax Agents Board, http://www.tabd.gov.au/

The following are allowed to request your Tax File Number:

• the Tax Office
• employers
• banks & other financial institutions
• tax agents
• Centrelink
• superannuation funds

Some people have been receiving emails that appear to come from Google AdWords. The email has a long story about your account being suspended and gives you a link to reactivate it.

At first glance the link  to Google Adwords seems genuine but instead it takes you to a fake web site that looks exactly like Google Adwords. It lets you type in your username and password, sends it to the person who setup this fake site, then takes you to the login page of the real Google Adwords site.

This is a common phishing email targeting Google Adwords customers.

Usually to identify real links from fake malicious links put the mouse pointer over the link and wait a second. Most email clients will show you the true destination either in a yellow tool-tip or at the bottom of the window.

I checked my spam folder and found one of these emails, let’s have a close look at it:

The sender looks legitimate. Look at the part in the angled brackets, adwords-noreply@google.com. Technically the sender’s name & email is trivial to forge. This email didn’t really originate from Google.

Now at the end of the email is a link to http://adwords.google.com/select/login. At first glance this look innocent. What everyone should get into the habit of doing is putting the mouse pointer over the link (without clicking) and looking at the bottom of the screen to see where it really points to.

Let’s have a look at where this link would really take you:

It’s says: http://adwrods.google.select.ncjd43.cn (NOTE: don’t try visiting this site).

This is not Google’s site. It’s hosted on ncjd32.cn (always look at the last 2 parts of the URL, as explained in our earlier article). CN stands for China, so this fake site was registered in China – something that should make you suspicious of this link. Also note they spelt adwords wrong (adwrods). The word Google in this link doesn’t have anything to do with the real Google, it’s only here to trick casual readers.

So there you have it, an example on how to spot a phishing email.

A good virus & spam filtering system will filter out most of these phishing emails.

Note: Google Adwords is an advertising service run by Google. Go to Google’s site and type in adwords to find the real site.

Here’s an interesting story that hopefully raises your awareness of identity theft.

Gregory Kopiloff, from Seattle USA, has pleaded guilty to a number of fraud related crimes and has been jailed for 4 years. He used LimeWire to download tax and credit reports, bank statements and student financial aid applications that people had made available using this P2P system.

Why would anyone put sensitive documents on a file sharing program for everyone to see? Maybe the people who put these files up thought they have nothing to lose, that documents should be free and shared. Whatever the reason documents like these are sensitive and should not be shared, especially through anonymous file sharing programs like LimeWire.

Gregory used this information, as well as dumpster diving and mail theft, to commit identity theft. He obtained credit cards and debit cards under these people’s names and used them to spend US$73,000 in online purchases.

In this case it’s not the technology that’s at fault, it’s the misconceived value placed on financial documents by regular people.

It’s no surprise there are so many stolen credit card numbers being bought and sold on the internet. Earlier this week there was a data intrusion to Hannaford Bros.’s network and 4.2 million credit card number were stolen, together with their expiry dates. Hannaford is a popular supermarket chain in USA.

If you shopped at Hannaford with a credit card recently then check your credit card statements for misuse.

The official notice from Hannaford’s CEO is here.

eBay fraud is rampant in Romania, Russia and China. In fact, eBay says that the majority of all eBay phishing emails comes from these countries.

Mark Lee is the trust and safety manager for eBay UK and he’s made the following comments:

• “[there's] no fear of real punishment [in these countries]“
• “These attacks are definitely organised”
• “There are towns in Romania where the entire focus is on sites like eBay as the main source of income”

There have been several hundred arrests in Romania after eBay initiated a campaign to stop fraud, in June 2007. But this hasn’t stopped them and it’s still rampant in these parts.

Techniques used by these criminals include asking eBay shoppers for personal details (when people bid or ask questions on the site) – this is known as phishing and the personal details are later used to commit other crimes.

If you use eBay to buy or sell goods have a read here [ http://pages.ebay.com/securitycenter/ ] for tips and tutorials on eBay security. And continue to read FraudO.com for online security tips.

There’s a new phishing attack targeting PayPal customers. It begins with an email like the following:

Subject: PayPal Account Review Department

Dear PayPal customer,

We recently reviewed your account, and we suspect an unauthorized transaction on your account

Protecting your account is our primary concern. As a preventive measure we have temporary limited your access to sensitive information.

Paypal features. To ensure that your account is not compromised, simply hit “Resolution Center” to confirm your identity as member of Paypel.

• Login to your Paypal with your Paypal username and password.
• Confirm your identity as a card member of Paypal

Please confirm account information by clicking here Resolution Center and complete the “Steps to Remove Limitations.”

All typos and grammatical errors are from the original email.

If someone was to click on the link provided in the email they would be taken to a hacked copy of PayPal’s site and they’d be asked to provide their bank’s name, ATM PIN code, mother’s maiden name, birth date,and social security number. All very personal information that the real PayPal doesn’t need.

So avoid traps like these by never giving out sensitive information like the above, not trusting emails you didn’t ask for, and most of all use a good antivirus package that also scans web sites for attacks such as this. Also have a look at the new version of Haute we discussed recently, available for free.

There are thousands of phishing emails such as this and over time the quality of them gets better, such as the tax scams we wrote about earlier (Australian version here, US version here) and the student phishing attack last month.

Imagine someone steals your eBay password and bids $3,002,500 on an item on eBay? That’s what happened last week to someone only identified as jopsoup.

His password was stolen while he was at an internet cafe and it was used to make a bid on a record collection.

The matter’s been cleared up by eBay because it was of such a large amount. For smaller items it might not end so well. Always be cautious when using other people’s computers, especially public computers at internet cafes or at hotels.

(Full article here)

The US Federal Trade Commission (FTC) has released a report showing some statistics on fraud for 2007. These statistics come from people who report incidents of fraud to them, so it’s really limited to USA. The problem worldwide would be much much worse.

The top 20 complaint categories were:

Rank    Category    Complaints

1. Identity Theft    258,427
2. Shop-at-Home/Catalog Sales    62,811
3. Internet Services    42,266
4. Foreign Money Offers    32,868
5. Prizes/Sweepstakes and Lotteries    32,162
6. Computer Equipment and Software    27,036
7. Internet Auctions    24,376
8. Health Care Claims    16,097
9. Travel, Vacations, and Timeshares    14,903
10. Advance-Fee Loans and Credit Protection/Repair    14,342
11. Investments    13,705
12. Magazines and Buyers Clubs    12,970
13. Business Opportunities and Work-at-Home Plans    11,362
14. Real Estate (Not Timeshares)    9,475
15. Office Supplies and Services    9,211
16. Telephone Services    8,155
17. Employ. Agencies/Job Counsel/Overseas Work    5,932
18. Debt Management/Credit Counseling    3,442
19. Multi-Level Mktg./Pyramids/Chain Letters    3,092
20. Charitable Solicitations    1,843

That’s 258,427 cases of identity theft in one year, in one country! The total fraud losses recorded in this report totals more than $1.2 billion. The full report is here.

The tax refund scam mentioned a few days ago now comes in an Australian version. It’s the same email and same scam but customised to look like the Australian Tax Office (ATO). They even make a fake website that copies the ATO’s website.

The scam involves asking people for their credit card number, expiry date, security code, and other personal details.

Emails are being sent claiming to be from USA’s IRS department. They claim to offer a $375 refund for filling out a form. The form is hosted on a hacked web site, not on the IRS’s web site. The form asks for a large amount of personal information including credit card numbers and PIN numbers. This information is collected (a trick known as phishing) and later used to commit identity theft (and effectively stealing your money).

When doing any taxes online please ensure the website is correct. See this earlier article on how to recognise deceptive domain names (URLs) and check for SSL certificates on the page (double click on the padlock icon in Internet Explorer, read who owns the site).

Good antivirus packages these days will also keep track of which web sites you go to and alert you if it’s a known fraud site. So it’s a good investment to purchase one.

Any web address that ends with .com.au.com should be treated with caution. At the moment these pages are redirecting to a fake anti spyware page, tricking people into downloading malicious software.

For example an address such as importantcompany.com.au.com

• is not the same as importantcompany.com.au
• is not the same as importantcompany.com

Because the last few letters are different it takes users to a completely different site. Even having one different letter or the dot in a slightly different position is enough for your computer to go to a different site, one owned and operated by an individual with questionable intentions.

In this example importantcompany could be any company or web site you’re familiar with (eg Google).

This is a problem because people are good at recognising patterns and the addresses look similar. However they are in fact different. Care should always be taken with deceptive addresses.