On Crime & Security
I recently received an e-mail stating that my Internet provider, AOL.com, was about to suspend my account as payment for services had not yet been received. An attachment was enclosed, which the sender said was a survey I had to fill out if I wanted my service to continue.
Considering that my AOL account was in fact paid, I was suspicious of the e-mail message and I didn't fill out the survey. Instead, I forwarded the suspicious e-mail to AOL security. As I suspected, the e-mail was a fraud. Perhaps the sender was hoping to get personal information from me, or perhaps the sender was simply seeking to maliciously infect my computer with a virus.
I'm not the only person receiving fraudulent e-mails, according to the FBI.
As computers and the Internet are indispensable today to most business people, and so many business transactions are conducted via e-mail, it is only natural that criminal predators are drawn to the Internet.
Computer users have to be on guard against thieves and scam artists, such as the senders of e-mails, text messages, or telephone calls that are supposedly from your credit card/debit card company. The e-mail directs you to contact a telephone number to re-activate your card due to a security issue.
There are reports of different variations of this scheme (like my AOL billing e-mail), which is known as "vishing". These attacks against financial institutions, businesses and consumers continue to rise at an alarming rate, according to the FBI.
Vishing operates like phishing by persuading users to divulge their "Personally Identifiable Information," or PII as the FBI calls it, by claiming their account was suspended, deactivated, or terminated. E-mail recipients are directed to contact their bank via a telephone number provided in the e-mail or by an automated recording.
When you call the telephone number, you are greeted with a message that goes something like this, "Welcome to the bank of ......" You are then asked to enter your card number in order to resolve a pending security issue. I didn't call or respond to my bogus-AOL e-mail, so I'm not sure if the recording actually thanks you for being a victim or wishes you a nice day.
Trying to be truly authentic, some fraudulent e-mails claim that the bank would never contact customers to obtain their PII by any means, including e-mail, mail, or instant messenger. These e-mails further warn recipients not to provide sensitive information when requested in an e-mail and not to click on embedded links, claiming they could contain "malicious software aimed at capturing login credentials."
Bu the FBI warns us to be aware that these spam e-mails may actually contain malicious code (malware) which can harm your computer. The FBI advises computer users to be wary of any e-mail received from an unknown sender. Don't open any unsolicited e-mail and don't click on any links provided
The FBI also reports that cyber criminals are sending out e-mails stating that a complaint has been filed against them or their company with the Department of Justice, the IRS, the Social Security Administration, or the Better Business Bureau.
The e-mails are intended to appear from real government agencies, and they address the user directly by name with other personal information often contained in the e-mail as well. The FBI states that consistent with past history, the scam is likely an effort to secure personal information. According to the FBI, the nature of these scams is to create a false sense of urgency for the user in hope that they will provide the crooks with a response via a simple click on a hyperlink, opening an attachment, or by initiating a telephone call.
The FBI believes the e-mail refers to a complaint that is in the form of an attachment, which actually contains virus software designed to steal passwords from the computer user. The virus is wrapped in a screensaver file, which most anti-virus programs cannot detect its malicious intent. Once downloaded, the virus is designed to monitor username and password logins, and record the activity, as well as other password-type information, entered on the compromised machine
The FBI also reports a clever, new version of fraud that involves the sending of text messages to cell phones claiming the recipient's on-line bank account has expired. The message instructs the recipient to renew their on-line bank account by using the link provided.
If you have a question concerning your account or credit/debit card, you should contact your bank, using a telephone number from your statement or a telephone book.
The FBI says that there are so many criminal methodologies out there in cyber-space, it's impossible to list every criminal scenario. The scams are evolving as rapidly as the technology itself. So be aware of e-mails, telephone calls or text messages that ask for your personal information.
"It's where the money was," Willy Sutton was reported to have said when asked why he robbed banks. I think that if Mr. Sutton were alive today he might well be a cyber criminal rather than a bank robber.