Five new phishing scams to watch out for

Phishing is the term that describes the illegal attempt to steal sensitive information from unsuspecting people, most frequently over the internet.

It often seeks to trick people into submitting their account passwords, banking or other financial information, or the answers to security questions. While some of the scams are clearly identifiable, due to their lack of professional appearance or poor grammar, others are sophisticated enough to create a money-making opportunity for the criminals behind the scams.

Here are some of the newest scams to watch out for.

1. Web Browser Hijacking and Scareware

Hijacking occurs when malicious software that redirects web searches to fake websites is installed on a computer. For example, a pop-up ad that appears to be from a reputable internet security software company may indicate that your computer is under attack. Once the unsuspecting person clicks on the scareware message he is redirected to a fake website offering for purchase special software to combat the threat.

Once hijacked, the user may have difficulty reaching certain sites, since each search or address entry is redirected to another fraudulent website or sales pitch. At the least, web browser hijacking can be annoying. In certain circumstances, people enter credit card information into fake websites that are there for the sole purpose of collecting this type of information

2. Smishing

Smishing is a type of criminal activity that is similar to phishing, but uses cell phone text messaging to bait its victims. The name combines SMS (Short Message Service, the technology used for cell phone text messaging) with phishing. This deceptive practice sends text messages claiming various occurrences that require immediate action from the victim. For example, the message might indicate that you will be charged a daily fee for your recent (non-existent) subscription, unless you cancel your order.

The message could also indicate that your bank account or credit card will be closed unless you update your details within a short amount of time, or that the account has already been closed and you must respond to reactivate. The directions will state that you must visit a particular website (that may even appear legitimate) or that you must call a specified phone number to cancel, confirm, update or reactivate your account. Information that is collected can be used to make online purchases, or can be used to manufacture fake credit or debit cards that can quickly be distributed anywhere in the world.

3. eBay Phishing Attacks

Some eBay users have fallen prey to scammers gaining private account information by emailing eBay users that a temporary hold has been placed on their accounts, requiring verification. Once the victim clicks on the link provided in the email, they are directed to a bogus site that gathers the personal information.

4. Craigslist Phishing Scams

Craigslist hosts online classified advertisements with sections for jobs, housing and sale items, among other categories. Users have accounts with personal information that scammers may try to steal through phishing emails. The emails are sent to Craigslist users indicating that the account has been blocked because of multiple failed login attempts. The message claims that the account will be deleted unless the user clicks on a link to sign in and confirm his or her identity. Once the victim enters the information in the bogus website, the scammer can use the account to set up fake sales items or for other nefarious purposes.

5. Relief Appeals

Following world-wide natural disasters, many people receive either emails or text messages urging them to make a donation to assist those affected by the disaster. The scammers pose as legitimate charitable organizations promising to use your donation for a good cause. Instead, these can be phishing scams designed to gain access to your personal information, including the credit card number they hope you will enter to make a donation.

In addition, some of these message may include links for alleged photographs of the disaster, as with some fake Haitian earthquake relief messages from earlier this year, that are actually viruses that can infect your computer. In general, if you wish to donate to a charitable organization following a natural disaster, research the organization requesting the donation or donate only to well-established organizations - and only through their official website or phone number.

The Bottom Line

Phishing and smishing are here to stay. While new variants pop up every day, many of these scams revolve around the same principles: scare tactics that make you give up your personal information to avoid charges, subscriptions and account closures or other undesirable outcomes. You can help protect yourself by being suspicious of any email, letter, text message or phone call that requires you to take any action that would divulge any type of personal information. Your bank, credit card and accounts like eBay would never contact you in this manner requiring you to enter personal information.



Related Posts

No comments: