How Cyber Criminal Operate

Common Scams Cyber Criminals Use to Trick You You may not have thought about this, but online crime has affected world wide web businesses and Internet users since the initial dawn and propagation of Internet-connected networks all over the world. Internet services and websites make it easy for us to pay bills, make online reservations, shop and work. And we’ve become increasingly mobile because of this. But pervasive access to our online assets also provides endless opportunities for cyber crime. Our freedom to navigate and access a large number of online locations represents our main vulnerability, because an open door always allows access in both directions. Criminal minds can reach these days further than ever before, into our work places and our homes. The attack methods and tools vary from traditional attack vectors, which use malicious software and vulnerabilities present in almost all the programs and applications (even in the popular Windows operating systems) to ingenious phishing scams deployed from unexpected regions of the world, where justice can’t easily reach out to catch the attackers. The most common ways to become vulnerable to a malware attack or phishing scam take place when you: shop online check your email access social media networks. With this in mind, we need to know what are the most popular schemes and techniques used by cyber criminals to reach for our private information and financial data, while tricking us into thinking that a legitimate exchange of information is taking place. We must not forget the cyber criminals’ final target is always our money and data, and that there is nothing they won’t do to achieve their malicious goals. The most common online scams that cyber criminals use to lure victims Phishing email scams These scams are based on phishing emails which try to persuade the victim to access a malicious website controlled by cyber criminals by clicking a malicious link. In most cases, these phishing emails seem to be coming from official bank authorities, trusted service providers (energy company, gas company, post office) or well-known online shops. If an unsuspecting user clicks one of the links contained, the user will be sent to a fake login access page which resembles the legitimate website pertaining to the impersonated. The scammers usually do this by creating a frightening story of how your bank account is under threat and how you really need to access it as soon as possible to change your login information (usually the password). Then they will lead you to a fake page created to emulate your bank’s website, where you’ll input your credentials to confirm your identity, as instructed. The attackers will then collect the information and keep it so they can corroborate it with more details about you or your company to gain access to your account and start withdrawing money. This scam relies on bringing the victim to a state of fear and worry about what may happen to her/his bank account, while also leveraging the authority and trust that a bank instils in an information exchange between the itself and its clients. This is one of the main techniques used by financial and data stealing malware for financial fraud purposes and there isn’t any reason why you shouldn’t be very well prepared for this attempt. But even if you install a good antivirus program and a specialized security software against this type of malware, there is no better way to stay safe from this threat, but by preventing the initial infection phase and also relying on your ability to detect threats and avoid pitfalls. The money laundering scam This money laundering scam – also known as the Nigerian scam – is a quite old scheme and most of us have already come across it in one form or another in our email inboxes. Since it’s an old scam, it has suffered multiple variations along the years. The typical scam starts when you receive an email message in which you are asked by an official government member, a businessman or the member of a wealthy family, usually a woman, to provide help in retrieving a large sum of money from a bank, paying initially small fees for papers and legal matters. For the services performed, you are promised a very large sum of money. Of course, this is just the beginning. Eventually you are requested to pay more and more for other additional services, such as transactions, transfer costs, etc. You even receive papers that are supposed to make you believe that all this is real. In the end, you are left broke and without any of the promised money. We have to mention here the cases where not only money was lost in the process, but sometimes people have been kidnapped or even worse. This particular scam relies on the natural curiosity that humans exhibit towards the idea of getting rich fast. Some are more gullible than others, which makes them more susceptible to becoming victims, because they genuinely trust that everyone will act out of honesty and selflessness. These are all very serious reasons to never even open such an email and send them to the spam folder asap. Greeting Card scams The greeting cards which arrive by email and pretend to be from a friend is another an old scam. If you open such an email and click the card, you will usually be sent to a cyber criminal controlled web location that downloads malicious software on your operating system. The malicious software which downloads on your system may be an annoying program launching pop-ups and unexpected windows all over the screen, but it may also be one of the worst types of financial malware around. If your system becomes infected with such dangerous malware, your system’s vulnerabilities may be used to defraud your bank account or your computer can become part of a botnet, a larger network of affected computers leveraged to launch other cyber attacks. In this unfortunate event, your computer will start sending private data and financial information to a malicious server controlled by IT criminals. To keep yourself safe from identity theft and data breach, we recommend using a specialized security program against this type of dangers, and follow the guidelines described in the previous lessons. A guaranteed bank loan or credit card scam Difficult times push people into getting trapped by “too good to be true” bank offers that guarantee large amounts of money and which have already been “pre-approved” by the bank. If such an incredible pre-approved loan is offered to you out of the blue, simply use your common sense and just think about it. Ask yourself this: How is it possible for a bank to offer such a large sum of money without knowing your financial situation? Though it may seem unlikely for people to get trapped by this scam, there are a number of people who lost a few hundred dollars by paying the “mandatory” processing fees required by the scammers. Be warned and always double check the information with the institution that seems to have issued it by simply calling the bank. This can also be useful to them, so they can shut down such attacks and keep other potential victims from falling into this trap. Lottery scam This is another classic scam which never seems to get old. The lottery scam comes as an email message informing that you’ve won a huge amount of money and all you need to do is pay some small fees before you can collect your fortune. It doesn’t matter that you don’t recall ever purchasing lottery tickets. Since it addresses some of our wildest fantasies, such as quitting our jobs and having fun for the rest of our lives without ever working again, our imagination easily falls prey to images of a dream house, endless summer vacations or expensive items that you’ve only dreamt about. But the dream ends as soon as you find out you have been just another victim of this scam. Train yourself to resist temptation, curiosity and the urge to find out whether something like this can actually be possible. It will serve you well when you’re bombarded with such attempts, because they are not rare at all. The hitman scam One of the most frequent scams you can meet online is the “hitman” extortion attempt, who sends an email threatening the target in order to obtain money. This type of scam may come in various forms, such as the one threatening a family member, which can be kidnapped unless a ransom is paid in a time frame provided by the scammers. To create the appearance of a real danger, the message is associated with numerous details from the potential victim’s life, collected from an online account, a personal blog or most frequently, from a social media account. The best way to handle this is to call the police and report the threat, so they can track the attacker and shut down his operation, consequently protecting other potential victims. You can also call the Action Fraud Police at 0300 123 2040 (Action Fraud is not an emergency service dial 999 if you are in immediate danger). Online romance scams Since this scam addresses our subjective self and not our rational side, we are more likely to drop our guard and leave aside any logical analysis. This scam takes place on social media sites, like Facebook, or by sending a simple email to the potential target. The male scammers are often located in West Africa, while the female scammers are often based in Eastern parts of Europe. Cyber criminals have been using this method for years by relying on online dating services. They have improved their approach by testing the potential victims’ reactions. This scheme may unfold over several months or longer, in order to gain the trust of the victim. In many cases, it even goes to the moment when a meeting is arranged. When this happens, two things may take place: an “unpredictable” event occurs and the scammer needs money as soon as possible for his/her passport or other details; if the victim comes from a rich family, he/she may be kidnapped and a large sum of money could be requested from the family. It goes without saying that being a little suspicious goes a long way when it comes to your protection, both online and offline. Fake antivirus software We all saw at least once this message on our screens: “You have been infected! Download antivirus X right now to protect your computer!” Many of these pop-ups are very well created to resemble an actual message you get from Windows or from a normal security product. If you are lucky, it is nothing more than an innocent hoax which will bother you by sending numerous unwanted pop-ups on your screen while you navigate online. In this case, to get rid of the annoying pop-ups, we recommend scanning your system using a good antivirus product. If you are not so lucky and you click one of the fake pop-up windows, malicious code, such as a Trojan or a keylogger can be downloaded on your system. This kind of message could come from one of the most dangerous ransomware threats around, such as CryptoLocker, which is capable of blocking and encrypting your operating system, requesting a sum of money in order to send you a decryption key. To avoid this situation, we recommend using a specialized security product against this type of financial malware, besides your traditional antivirus program, to enhance your protection and keep you safe from the latest threats. Facebook impersonation scam (hijacked profile scam) Facebook is the most popular social media network in the world, and because of this important companies and businesses worldwide use it to engage in conversations with customers and to promote their products. With so many friends and connections on this online platform, we use Facebook not only to check our friends’ activities and news, but also to chat, send and receive messages. If most friends, colleagues and social connections are on Facebook, it is quite normal for such a place to attract also unwanted attention from online scammers. Just imagine your account being hacked by a cyber criminal, who can gain access to your close friends and family and to all the private data shared in your Facebook messages. Since it is so important for your privacy and online security, you should be very careful in protecting your personal online accounts and enable the double authentication feature as soon as possible. By using this method, you can add an important additional layer of security, in this case your phone number. Be very careful which links you click in your Facebook newsfeed or in your Facebook messages, but be wary of cyber threats on other networks as well. Also, educate your employees about this, because they can become a liability in terms of cyber security if they should fall prey to a scam like this one. Make money fast scams (Economic scams) Another common online scam is this popular method used by cyber criminals to make easy money by promising non-existent jobs, plans and methods of getting rich quickly and money from official government sources. It is quite the simple and effective approach, because it addresses the victim’s need for financial wellbeing, especially when that person is in a difficult financial situation. From this point of view, this scamming method is similar to the romance scam mentioned above, where cyber criminals address the emotional needs of the victim and then his financial means. The fraudulent posting of non-existent jobs for a variety of positions is part of the online criminals’ arsenal. Using various job types, such as work-at-home scams, the victim is lured into giving away personal information and financial data with the promise of getting a well-paid job which can bring a lot of money in a very short period of time. Just follow a simple rule to avoid this scam: if it’s too good to be true, it’s probably a trap. Travel scams These scams usually appear in the hot summer months or during the short winter vacations, for Christmas or New Year’s Day. Here’s how it happens: you receive an email with an amazing offer for an extraordinary, but usually unattainable destination, an exotic place. The offer expires in a short period of time, so you’re nudged not to miss it. The problem is that some of these offers actually hide some necessary costs until you pay for the initial offer and others simply take your money without sending you anywhere. In these type of cases, we suggest that you study very well a travel offer and look for hidden costs, such as: airport taxes, tickets that you need to pay to access a local attraction, check if the meals are included or not, other local transport costs between your airport and the hotel or between the hotel and the main attractions mentioned in the initial offer, etc. Besides this, we suggest that you check if paying individually for plane tickets and for accommodation gives you the same results as in the offer you received. Sometimes, even if we pay more for a plane ticket to reach Asia from Europe or North America, you may be amazed at how cheap the accommodation costs can be compared to the rich Western countries. Moreover, it’s good to do a background check on the company issuing the offer, so you can make sure it actually exists and it’s not a ghost company set up to deceive vacation seekers such as yourself. Think like a journalist: always double or triple check the facts until you are absolutely certain that the information checks out. It will serve you well online, where sometimes even the most knowledgeable people can mistake fake information for true data. Online scams have evolved considerably, by using increasingly sophisticated means of deceiving users, especially in the known rich countries from the Western world. According to the FBI, online scams have increased over the last 10 years and the total losses doubled in the recent years, affecting both private individuals and large scale businesses. For this reason, cyber criminal activities are now subject to federal investigations and are treated as a very serious problem. For an extended list of common fraud schemes discovered and analysed by FBI, check this article. You may think that you can’t be fooled by these online scams, since some of them are quite hilarious, such as the one threatening you to send money or the one where scammers pretend to be FBI agents. But some stories are so convincing for the potential victims that it is difficult to know how to deal with them. This is why it’s best to be prepared at all times. Since some scams are so well organized and convincing, and the people behind so difficult to catch, we need to acknowledge what the most popular and successful online scams used against us are and adapt our defences accordingly

Comments

Popular posts from this blog

Ben-smile Jokes2

Work online