|
Common Email Scams To Avoid |
|
|
|
|
Tuesday, 25 March 2008 |
The Greeting Card Scam
Any email with the words postcard or e-card in the title, from a name you do not recognize, is most likely the greeting card virus which has been circulating frequently. The victim is told that someone they know has sent them an on-line greeting card, but end up actually being from someone they have never even heard of. Anyone reading this may have already received one or several of these at some point in the past. The email instructs the person to click a link which opens the card. This launches their web browser, points it to a page which displays a greeting card but also has a virus coded into it, which installs itself quietly in the background. Depending on the security status of the person's computer, this virus may or may not be blocked so the best thing to do is ignore these altogether. Most commonly, the infected machines are used as drones which work together to attack the same system at once with the intent of knocking it off line. This is called a distributed denial of service attack. Major areas in certain countries including Estonia have been brought down by these attacks. The originators are most likely located in St. Petersburg, Russia.
The Russian Bride Scam
There are a number of websites and email advertisements offering a marriage service which are actually Russian bride scams in disguise. Victims are duped into sending money for airfare and a visa. Most of the ones who have been caught actually turn out to be men posing as women who seek to immigrate. The Russian government is aware of this problem.
PayPal Phishing Scam
The PayPal Phishing scam is a simple idea. To put it in the easiest terms, the scammer sends the target an email claiming to be from Paypal (a popular internet payment processing and transfer solution). The message says the victim's personal info was lost in some way, a hacker broke in, or some other excuse to ask them to update their personal information. The reader is asked to click a link inside the message which takes them to the form where they can enter their details. The form looks exactly like one that would be on PayPal's web site. It even has the same site design, color scheme, logo and everything. In some cases, the link takes the user to a replica homepage instead of a form. The way one can discern that this is a scam is first by knowing that major solutions like PayPal, as well as banks, often have polices forbidding employees from using email to ask for personal information. Many companies will not even allow it, so you can count on this being a scam. The other dead giveaway is if you look at the actual address of the site which is supposedly part of PayPal. If it is fake, the address will not even be on the paypal.com domain.
Nigerian Oil Inheritance Scam
Another blight on the Internet are Nigerian fraudsters who trick Americans into posing as the closest living relative to a recently deceased oil tycoon. The trick is this business person does not really exist. A sum of about $3,000 or so is usually requested as a "release fee" for several million dollars to be transfered. If it sounds too good to be true, it is, because they keep the money without sending what they promised. They refer to one who has been beguiled by them as a mugu, which translates to big fool. The government of Nigeria is aware of this and labels it a 419 Scam.
Summary
Keep your eyes open and don't get duped!
|
Security Blog 
