|
'Tis the season to be wary of online scams
Dec 13, 2009 (The Pittsburgh Tribune-Review - McClatchy-Tribune Information Services via COMTEX) --
For cyber criminals, online holiday shoppers are like presents under the Christmas tree.
Scams range from outright theft -- people selling merchandise they don't have -- to insidious attacks that swipe credit card and other financial information. Often, the shopper doesn't even know it. Some phony links that appear in e-mail inboxes contain malware that infects computers and records every keystroke. Criminals siphon personal information to wipe out a person's credit and bank accounts.
That's why people must be extra vigilant when opening holiday eCards or electronic "letters from Santa," said Fred Touchette, senior security analyst at AppRiver, an e-mail and Web-security company based in Florida.
"Spammers will send out generic e-mails to shoppers who are avoiding crowds by shopping online," Touchette said. "They'll contain links to a (retail) Web site that looks exactly like the real one. Then after the person enters all their information, they'll direct you to the real site, so you're none the wiser."
There is a growing pool of potential victims. People have spent about $16 billion buying products online so far this holiday season, up 3 percent over last year, according to comScore, a Virginia-based company that tracks online purchases.
"And the bad guys are getting better at what they're doing," Touchette said.
The Pennsylvania Commission on Crime and Delinquency on Friday reported Pennsylvania consumers filed more than 10,000 ID theft complaints in 2008, according to the Federal Trade Commission. Of those complaints, 23 percent reported Internet/e-mail fraud as the source of identity thefts, compared to 22 percent reported as credit card fraud, the commission said.
More than 30 million Americans became victims of identity theft in the past five years, according to the national Identity Theft Resource Center. The U.S. Department of Justice cites identity theft as the No. 1 crime in the nation, surpassing drug trafficking.
Inspector Andrew Richards, who leads the white-collar section of Postal Inspection Service in Robinson, and his team is working with eBay investigators on a case involving an area woman who Richards said victimized about 3,000 people and stole about $300,000 by selling goods she didn't have. The investigation is ongoing, and Richards did not identify the woman.
"We found out about it a couple months ago. We shut her down," said Richards, whose section receives about 100 reports a week of claims of online scams and fraud.
Another nefarious holiday con is the request for donations to a fake charitable organization in an e-mail that appears to come from a friend or family member, said Lyn Oaks, chief marketing officer for TrustedID, an identity-theft prevention company in California.
"There's a lot of phishing going on right now where spammers attach themselves to things you'll be comfortable with," Oaks said.
Bogus e-mails that claim Federal Express, UPS or DHL can't ship a package because credit card information is out-of-date are malicious attacks, said Scott Stevenson, CEO of EliminateIdTheft in Atlanta.
"Ignore the e-mail that says you have to update your credit card information," Stevenson said.
David Perry, global director of education at Trend Micro, a security software company headquartered in Tokyo, advises shoppers to be wary of free wireless hot spots: criminals have software to hack into WiFi connections and see what's on other people's computers; don't keep credit-card information on hard drives; think about using Bill Me Later or Google Checkout, which offer ways to pay without needing a credit card; don't use public computers to shop online.
George Moskoff, 55, a California management consultant, and Bruce Hoag, 57, an American organizational psychologist living in Vicenza, Italy, said they've been victims of frauds on eBay, the popular online auction site.
Neither lost too much money -- $50 to $100 -- but each con burned up time and generated frustration. Officials from eBay were helpful and responsive to their complaints, Moskoff and Hoag said.
"But I don't know if they ever caught the guy," said Hoag, who purchased unusable Web page design software. "That's the way we want the Internet: No one's in charge. But the problem is, who has jurisdiction? I was living in the U.K., but the transaction was handled by a U.S. company."
Detective Mike Overholt, of the Pittsburgh Bureau of Police computer crime unit, said it's difficult to find perpetrators.
"They're often overseas," he said. "And we can't go to Europe and arrest them. I have a file cabinet full of cases we never solved. Once they get your credit card information, they're selling it within minutes."
Overholt said Western Pennsylvania residents who believe they're victims of online fraud should call their local police departments and file reports.
Some experts say online threats have grown so large that most people have infected computers, or have had their identities stolen.
"We're beyond viruses," said Perry. "The malware now being used is nonreplicating and 60,000 new types are sent out every day. That's one every 1 1/2 seconds."
That malware hides in a person's computer, ready to steal credit card and other financial information, he said.
"It's recording everything you type on your computer and sending it to an organized crime outfit in Russia, Brazil, China or somewhere here in the United States," Perry said.
Perry advises people to update security software.
"Show some common sense," he said. "The brother of the prince of Nigeria is not writing you for any reason. That's fraud. Yet hundreds of thousands of people fall for it every year."
Anne Madrid, an inspector for the Hayward police department in California, one of the first in the country to receive training on dealing with identity theft and Internet fraud, froze her credit -- and recommends others do so.
"You have to do it in writing," Madrid said. "A template letter exists that you write to each of the three credit bureaus: Experian, Equifax and TransUnion."
That's great if you want to prevent accounts of credit, said Nils Frederiksen, a spokesman for the Pennsylvania Office of the Attorney General.
"But if you're shopping for a new house or buying a car, you have to unfreeze it every time you want to open a new line of credit," he said.
Cyber vigilant
To protect yourself from cybercrime:
--Beware of unsolicited e-mails for promotions that seem too good to be true. Often, they are ploys to get credit card and personal information.
--Never click on an e-mail link having to do with financial institutions. Go to the institution's Web site. If you have an account there, log in to see if there is a problem.
--Shop at reputable Web sites. Check with the Better Business Bureau. Just because a Web site bears the Better Business Bureau logo, doesn't mean its really a member. Find someone who has done business with the company. Crooks often post fake reviews of Web sites. Try typing in the name of the company with the word "scam" and the word "complaint" in a Google search.
--When entering payment information, make sure the address in the browser starts with https. Https encrypts information such as your credit card number. Use a reputable site and verify it is encrypting data.
--Consider getting a credit card with a low spending limit and use that exclusively for online shopping.
--Pay attention to the Web site you go to. If you see something that says you need to install software or update software, close your browser and do not click on anything on that Web page. If you land on a page and it starts "scanning your computer," it is a hoax. Close your browser immediately.
If you believe you are a phishing victim, contact your bank immediately.
Source: ESET, Randy Abrams, Director of Technical Education
To see more of The Pittsburgh Tribune-Review or to subscribe to the newspaper,
go to http://www.pittsburghlive.com/x/pittsburghtrib/. Copyright (c) 2009, The
Pittsburgh Tribune-Review Distributed by McClatchy-Tribune Information Services.
For reprints, email tmsreprints@permissionsgroup.com, call 800-374-7985 or
847-635-6550, send a fax to 847-635-6968, or write to The Permissions Group
Inc., 1247 Milwaukee Ave., Suite 303, Glenview, IL 60025, USA.
[ Back To TMCnet.com's Homepage ]
|
SUBSCRIPTIONS
TMCnet LOGIN
WEBINARS
Facebook 
Find Solutions for Enterprises, SMBs & Service Providers at the INTERNET TELEPHONY Conference and EXPO West, October 4-6, 2010. Los Angeles, CA.
