How to avoid online scams

Cybercrime is worth £14 billion a year and is being perpetrated across the world by everyone from the traditional organized crime gangs in Eastern Europe and the US to lone individuals. There is also a sophisticated (and sometimes not so sophisticated) mass of phishing or spamming operations being run everywhere from California to West Africa.

Back to top

Escape the hackers

One of the most basic and prevalent scams involves a fraudster hacking into a Facebook, Twitter, MySpace, or Bebo account and then contacting friends and family in order to pretend to be the real user and claiming that they urgently need money. If you receive a message of this sort over the Internet it is advisable to contact your friend or family member some other way before you send them any money.

Normally the offer of something that is too good to be true is just that – a request for the fees needed to pick up your lottery winnings is not going to be legitimate, but it is amazing how many people fall for the same trick every day.

A slightly more sophisticated con is the “prediction scam”. You receive a series of emails that provide the correct results of football games before they have happened. Then an email is sent offering future results for a price. The trick is mass emailing; while most people will have received incorrect results, a few will have been sent the right predictions for each game and will pay up.

Economy scams target those in poor financial situations. Unscrupulous criminals offer desperate individuals false loans, debt consolidation and other help.

Fraudsters have also started using hacked social networking accounts with all of these scams, because people are more likely to click on links sent by people they trust.

Phishing – obtaining data by deceit- is still the most common and popular form of fraud. The standard phishing email is sent from what looks like a legitimate organisation telling you of a bank account or PayPal security breach, the fraudster then tries to acquire sensitive data, often via a fake website.

Some fraudsters will pose as fraud officers for your bank, they will then conference call in the real bank, and listen as you recite your credit information.

Remote phishing scams are normally emails that offer something to download – sometimes free anti-spyware trials – that once downloaded launch a Trojan which records keyboard strokes and attempts to steal sensitive data. Alternatively they will download a virus that freezes your PC, a pop up then appears on screen telling you that you have a virus and to remove it must download their software for a fee. This is known as scareware.

E-Bay and other online auction sites can be very useful, but they also have their own risks. The obvious problem is buying a product that has been misrepresented, or doesn’t exist. The latter is a particular problem when buying festival tickets, which are not normally dispatched until a few days before the event, so you are buying something you cannot physically see.  Always check a seller’s ratings and stick with trusted payment companies such as PayPal.

Back to top

Be wary of too good to be true offers

All fraudsters thrive on basic human emotion; be it someone being lured into a too good to be true offer or sending money out of genuine concern for a relative.

Furthermore it remains prolific and profitable because law enforcement is so difficult. A UK resident duped into paying money into an international account, by a fraudster in South Africa, is a nightmare chain of different jurisdictions and almost impossible to convict.

Recent notable successes have been Operation Anjowan a Serious Organised Crime Agency operation that arrested and convicted several UK based criminals. Conviction rates however remain low. In March 2009 the government introduced the National Fraud Strategy, with “plea negotiations” to speed up complex cases and increase convictions.

Many countries have been slow to recognise the scale of fraud and reluctant to divert funds into tackling it. Victims whose bank accounts are defrauded are often covered by the bank’s insurance scheme, so once the initial shock is over and their money is returned few are bothered about pursuing charges.

Back to top

Beyond the obvious process of sending out scam emails, your data can be obtained through a variety of sources. Your card can be physically “swiped”, when a copy is made without your knowledge – so be wary of your card being swiped twice.

A more worrying development is the trade in consumer details, stolen from the dozens of organisations that have your details, from local government to your insurer, and sold for big bucks between criminals.

Back to top

Be vigilant

You should be wary at all times. Your vigilance is the best way to avoid falling victim to cybercriminals. Banks rarely email you, and would never ask you to verify your details this way. Be careful paying online unless it is a site you trust, and stay away from offers that are too good to be true.

In terms of software protection a good anti-virus package is vital, with regular updates to protect from new malware, spyware and Trojans out there and pop-blockers, for example Norton’s ‘360’ packages. Setting your email security high will prevent most spam getting through, and you can then mark which emails should and should not be trusted.

For those still sceptical about online fraud remember the story of Jeremy Clarkson. After describing the loss of government data CDs containing millions of personal details, as a “storm in a teacup”, Clarkson printed his bank details in his Sunday Times column to prove that identity theft was nothing to fear. A £500 direct debit was set up in his name to the British Diabetic Association.

Back to top

Images by Sidelong