Avoiding Fraud on the Web by Gavin Whittaker

Avoiding Fraud on the Web From the Do I.T. Yourself Range

Gavin Whittaker

Welcome This Guide Will Show You What to Look Out For! From the Do I.T. Yourself Range

Copyright © Gavin Whittaker 2010

For Wisdom Publishing Ltd

Please recommend this free guide to your friends, family and work colleagues!

Subscribe to my blog at http://www.speeddemonit.co.uk for free PC performance & security

tips or follow me on Twitter at http://twitter.com/FREE_PC_Tips

The author makes no presentation or warranties to the accuracy or completeness of the content of

websites referred to in this book. The author is not advocating the use of these sites, merely

advising the reader and as such, specifically disclaims all warranties, including without limitation

warranties of fitness for a particular purpose. No warranty may be created or extended this

promotional material. The advice and strategies contained herein may not be suitable for every

situation.

The author will not be liable for damages arising from the advice in the book. The fact that an

organisation or website is referred to in this work as a citation and/or potential source of data does

not mean that the author endorses the information, websites or any recommendations it may make.

Readers should also be aware that websites listed in this work may have changed or disappeared

between when this work was written and when it is read.

Page 1

Avoiding Fraud on the Web

About the TCA Great Member Benefits

The Technology Channels Association was formed in 2009 initially incorporating the

Professional Computing Association and the Mac Technology Association. The TCA

represents the interests of all types of business in the various Digital Technology channels

including vendors, distributors, resellers and retailers. We aim to represent the members,

build confidence by providing information and enhance business relationships through

various activities including meetings seminars and many channel networking opportunities.

Join the TCA Today

Membership costs as little as £5 per month.

We are committed to providing you with advice and services that you will find valuable to

represent your best interests and that of our industry.

Membership of the TCA is for businesses and individuals who are part of the supply channel,

from vendors through to resellers and service providers; membership is not open to

end-users, whether individuals or businesses.

We have five different categories of membership and you can sign up immediately online if

you are paying with a credit card; however the preferred method of payment is by monthly

standing order. If you are joining as a Full Member you have the option of paying the full

amount annually.

http://www.tcauk.org

Page 2


Introduction 10 Great Tips to Avoiding Fraud on the Web This free guide gives you 10 great tips on how to avoid Internet fraud, in which you’ll learn how to: • Protect Yourself from Fraud • Highlight the Common Internet Scams • Give You the Knowledge & Confidence to Avoid Them Feel free to forward on this guide to your friends, family and work colleagues. I am of the firm belief that your digital world will be a safer if you make an effort to ensure your PC is secure. The Do I.T. Yourself range of books show you how to do this, quickly and easily! For that reason, I blog frequently at www.speeddemonit.co.uk with lots of free PC performance and security tips. Each tip is for the average Windows user, easy to understand and only takes a short time to implement. You can also follow me at http://twitter.com/FREE_PC_Tips Gavin is a technologist specialising in home and small business computing. His forthcoming publication “The Beginners Guide to a Fast & Secure PC” provides simple steps to show users how to protect their PC and personal data whilst also maximising their PC for performance and stability. Dealing with Online Cons Cyber-criminals work on the principle of getting something for nothing. They throw to the curb their integrity and simply look to make money from you dishonestly. If you ever do get ‘bitten’ online, it’s very likely that you weren’t targeted directly and that you were just unfortunate to get caught out. Con artists work on a vast level, targeting email addresses and computers globally. Below are some essentials steps you should carry out if you believe you’ve fallen for a scam: • Contact your bank or card provider immediately if any financial information has been exchanged • Change your login and passwords for any sites involved in the scam • Run a virus and spyware scan on your computer immediately as it is important you remove any malicious software that may have been installed on your computer. Don’t beat yourself up! – these people are good at what they do and you’re not their first victim and certainly won’t be the last. If you think you’ve been targeted directly, unless you can provide the police with specific details of the source of the attack, you’ll probably get very little support. However, if money is involved then notify the authorities immediately.

Gavin

Page 3


Scam One The “Make Money Quick” Scheme

We’ll start by looking at “work from home” or “make money quick” emails and websites. These schemes offer you a second income or a great reason to quit your day job and invest all of your time into a “proven” system. Let’s not assume that all of these work from home opportunities are a scam. There are some highly successful web based options out there. However there is without question a huge amount of scams that don’t give any return on your investment, whether your time, money or both! Most of these scams request an upfront payment for training, materials, administration or registration…you name it, there’s some kind of spin to entice you to part with your money. The scam types varies too. The most common types are those that require you to distribute flyers or assemble products and ship them on. The real trick however is when the scam itself involves you unknowingly promoting the scam again, to your friends, family and neighbourhood. How to Protect Yourself in this Situation • Research the company on the Internet. A poor website usually gives the game away • Ensure they are legitimately registered & verify their postal address and phone numbers • Do not get involved with anyone asking for an advance payment • Dismiss any offer of a big reward for just a little investment of your time and money Emails are typically identified by your email system as spam however some do slip through the net, so beware. Websites are usually very poorly designed and so look cheap and clunky. Just because the website may feature the HTTPS security padlock does not mean that the company is legitimate. Great Tips to Help Protect Yourself Further Download the Iconix email ID system from http://www.iconix.com/index.php. This fantastic free product visually identifies your emails as genuine and confirms that it's been verified as coming from the correct source. The Iconix website provides more information and the program works with all popular email services, whether web based or an installed email system like Microsoft Outlook.

Page 4


Scam Two When Disaster Strikes

Scammers only care about one thing, their back pocket. Which is why they look to make money dishonestly from major world disasters, events that have likely killed thousands, injured tens of thousands and left their country or society in complete disarray.

Good hearted people the world over are targeted by fake charity sites to pledge money to support causes, such as the Haiti 2010 earthquake. Within hours of the earthquake bogus web sites were everywhere on the Internet, processing donations that unfortunately never made it to their supposed beneficiaries. Similarly emails were being distributed asking you to click the link and pledge money to a scammer…

How to Protect Yourself in this Situation • Never donate money to a charity by clicking either a website or email link • That means go directly to the genuine charity site to donate • Investigate charities at the Charity Commission on www.charity-commission.gov.uk. Great Tips to Help Protect Yourself Further Online payments of whatever nature have a greater element of protection if you pay by credit card as opposed to a debit card. Online banking systems have had to evolve also to meet the constant attempts to breach both yours and their security measures. Therefore, if your bank offers you an extra level of protection, such as a 3D Security password, then take advantage of this free security feature. Most legitimate charities don’t ask for one off payments and instead ask for a small ongoing monthly contribution. So if you’re approached for a one time lump sum donation, be suspicious and do your research!

Page 5


Page 6

Scam Three The Trojan Horse

Trojans are code that is part of software you download from the Internet to do various things such as steal your usernames, passwords, bank login credentials and so on. Trojans are a major reason that there has been a significant rise of botnets – large networks of compromised computers that can be remotely controlled and called upon to spread further damage, whether by sending spam emails or launch attacks on websites you visit, without you knowing. So botnets, spread the Trojan further! Eliminating a Trojan is not easy and usually involves a complete format of your computer, meaning the re-installation of your operating system, your applications and all your other personal preferences and data. You’re unlikely to know if your PC is part of a botnet, however, if it is or you suspect it is then seek specialist technical support to ensure your personal files are backed up prior to re-installation. How to Protect Yourself in this Situation Identifying this type of con is by being mindful of what the links you’re clicking in emails or the programs you are downloading. A robust web browser such as Mozilla Firefox and up to date anti-virus and spyware protection plays a major role in your security too. Great Tips to Help Protect Yourself Further Avoiding this type of scam boils down to common sense and simply being on guard against suspect emails and not downloading software you cannot guarantee the source of. The McAfee Site Advisor tool is an extra layer of protection to proactively test websites for spyware, spam and scams so you can search, surf and shop more safely. Visit http://www.siteadvisor.com/ for more information and to download this great free tool.


Scam Four The Virtual Auction Thief

Page 7

Online auction sites such as eBay are unfortunately rife with fraudulent activity. It affects not only the buyers but the sellers too. Not only does this spoil the online auction fun for the rest of us but it means we constantly have to be on our guard.

The most common scam is to target sellers overseas. The buyer may offer to pay you by cheque or ask you to ship the item to an address different to that confirmed against the credit card used to pay for the item. Of course, the communications from the other party may seem all very genuine and friendly. You have no reason to suspect that in a few weeks or months , it will all turn out that you’ve been paid with a stolen card or a cheque that never cleared properly….problem is, you shipped the item, spent the money and unfortunately will be out of pocket!

Banks usually credit funds from deposited cheques to an account within a few working days – the money has been cleared for value however does not mean the money actually belongs to you yet. The source of the cheque (i.e. the foreign bank) has to clear the cheque for ‘fate’. This can take some time and usually means because you’ve been scammed and have spent the money that appeared to clear so soon …the bank can claim it back. The other con is when you ship internationally to a different address to that of the credit card. The ‘story’ the buyer may spin you as to why they need the item shipping to a different address may sound very convincing however whether they pay by card, by PayPal or cheque, stick to your guns and only ship to the correct and verified address. Better still, don’t take the risk, re-list the item and only sell to someone in your country with lots of great feedback and a high feedback score. How to Protect Yourself in this Situation • Use a service like PayPal for added protection • Check the buyer/sellers feedback before going through with the deal • Don’t ship to addresses different to those against the eBay or PayPal account • If you smell a rat, immediately back away from the transaction.


Scam Five “We Just Need Your Details”

Advance fee fraud, a scam promising you money that doesn’t exist but has whet so many peoples appetites internationally has unfortunately been very successful. The situation begins with the receipt of an email claiming to be able to share a vast amount of money with you, subject to you helping them export this sum. The source of these funds is typically a war-torn or corrupt country….this should be your first warning sign. In order for you to help them transfer the money and so give you a slice of the action too, they ask for an advance fee to help them overcome a “minor cash flow problem”. With your small investment the money can be released. The prospective return on investment excites computer users to take leave of their senses and give their money away all because the lump sump they’ve been promised seems so obtainable now, just out of reach! This kind of fraud is typically associated with emails from Nigeria and even has its own criminal code – 419. I’m sure it’ll be no surprise to you that other countries have followed Nigeria’s lead and prolifically send out advance-fee fraud related emails. How to Protect Yourself in this Situation Knowing about this type of scam means you’ll recognise this type of email immediately and know to press the Delete button. Great Tips to Help Protect Yourself Further The ScamBuster blog at http://scammo.blogspot.com/ is a great source of information, giving you lots more details about the common scams, especially Code 419. You’ll see examples of such emails so you have a good idea of what they look like.

Page 8


Scam Six Congratulations!

Page 9

Said in jest, there’s a millionaire made every minute online. Emails arriving in your inbox informing you of a vast lottery win is a common type of con. Spotting them is again down to common sense, after all, how can you win this lottery if you didn’t enter it in the first place!

If you click the links in such emails then the flood gates are opened to phishing, spyware and scareware, which we’ll look at next. In addition, the request for personal data so they can send you the cheque is of course another scam and only contributes towards the theft of your personal identity. Unfortunately people do actually fall for this scam, eager to give away their address, date of birth, contact details and in the not too distant future comes back to bite them...hard!

The banks are now proactive with regards to identity theft and only recently did I receive a call from my bank to let me know they were sending me a new card. They had every reason to believe mine had been duplicated at a cash point. However, that shouldn’t mean you can rest on your laurels. Anybody seeking your personal details should be questioned as to why and for what use...listen to their tone of voice, watch their body language or if online, ask to speak to them by phone. How to Protect Yourself in this Situation No matter how convincing the email may look, never click the link. If (and only if) you did enter the lottery in question should you open your browser and manually type in the website address of the lottery provider yourself, accessing your account and checking directly. Great Tips to Help Protect Yourself Further Most web browsers remember a lot of your personal data you type into online forms, such as your address, phone number and so on. Now this might be all very convenient for you however you are putting your identity are significant risk by doing so. If a hacker gains access to your PC, this is one of the first memory locations they’ll look in. So, go into your browser options page and delete all of your forms, history and stored passwords ensuring you also turn off the settings that will remember your details the next time you enter them.


Scam Seven The Scareware Nightmare

Page 10

Scareware are pop-up windows that try to convince you that you have an infection. Computer users are tricked into installing convincing (but malicious) software that actually creates problems on your PC! This software then scares you further by highlighting lots of additional fictitious problems and how to pay to fix them. The difficulty lies in that this software can look very convincing and often dupes the user into paying for the fix. The fix never comes, instead comes hassle as these scammers remotely access your PC and steal your personal data – all whilst you’ve paid for the ‘pleasure’. A leading Internet security vendor stated that in 2009, there were over 43 million failed scareware attempts worldwide. Such failed attempts emphasise that anti-virus and spyware software does its job. Scareware is prolific and I don’t want you to get caught out! How to Protect Yourself in this Situation Awareness and common sense are your best bet in fighting scareware, as is ensuring you are using the latest version of your browser and that your anti-virus and spyware software is up to date. If you’ve got a scareware infection then it’s typically too late. The more you reboot your PC or the more times you click the various warning buttons can actually allow the malicious program to get a tighter hold of your PC. Unless your a techie, seek specialist support. Great Tips to Help Protect Yourself Further Paul Lubic is a guest writer on my blog at www.speeddemonit.co.uk. He has written a fantastic ar-ticle called “Identify Theft and Internet Security”...and I urge you to read it. This article gives a bit more background as to the various types of scareware and also a few helpful hints on how to try to remove it yourself.


Scam Eight The Technical Support Con

Page 11

Cold calls from companies about your PC having a problem should immediately set off alarm bells, and here’s why.

Paying someone to fix a ‘non-existent’ fault is one of the oldest tricks in the book. The scam usually starts with an unsolicited call from someone claiming to be a technical support provider. They typically give you a vague description of the problem they’ve apparently found and then guide you through some steps so they can connect to your PC remotely. Once they have access, they simply access your data for criminal purposes.

They may pretend to fix problems but they may well create new ones too besides installing malicious software. To boot, you’ll be expected to pay a fee for this technical support privilege. You might even be coaxed into signing up for a monthly support contract! How to Protect Yourself in this Situation Knowing what to do is simple – hang up the phone. Great Tips to Help Protect Yourself Further There are some types of remote access software that are legitimate, for example LogMeIn or Windows Remote Desktop Connection. You should know that the scammers sometimes do use these tools in an effort to look professional and genuine. Anybody wanting remote access to your PC really needs to be somebody you already know (and trust) or from your company IT Department. If you ever look at your PC and you notice things happening such as the mouse moving and selecting options without your control then either turn off your Internet connection immediately or pull the plug, disconnect from the mains and seek technical support. The fact that somebody managed to gain control of your PC without you even allowing them means you have a vulnerability on your PC that a hacker has exploited. For this reason, keep your Windows operating system up to date, downloading the important updates as soon as they are released. My book “The Beginners Guide to a Fast & Secure PC” goes in to much greater detail about keeping all of your software up to date and uses lots of great free software to protect you at all times.


Scam Nine Social Networking Scams

Page 12

A new BIG con associated with social networking sites such as Facebook, YouTube and so on is to get full access to your account. With this not only do they get your personal details but those of your friends too! When you login to your chosen social media site, always check the Internet link shown in your browser. Similar to phishing emails, there many different scams out there to get hold of your social site login details. With such login credentials, the fraudsters not only have access to your details stored on the site but access to all of your ‘friends’, ‘followers’, or ‘connections’…they have wide-spread access to a lot of data. They can do damage to you and your friends just by getting one set of login credentials!

How to Protect Yourself The golden rule is to avoid clicking links in email updates from your social media sites. Instead type the correct web address (i.e. www.facebook.com) into the browser yourself to be sure you’re not being redirected to a site to steal your login details. Don’t connect with people you do not know. Finally, change your security settings to ensure only you (and maybe your friends) can access your stored profile information.

Great Tips to Help Protect Yourself Further Visit my blog at www.speeddemonit.co.uk to read the article “Increase Your Online Security”. This blog introduces you to a great free program that a lot of the banks have now adopted too. This program always ensures that when you click a link, you are being directed to the genuine site. You can also add extra sites such as Facebook, eBay, PayPal, LinkedIn and so on...a great security tool.


Scam Ten Phishing

Page 13

Phishing is the receipt of unsolicited emails (spam) that request you click a link to confirm: • Your Bank Details • That you wish to Receive a Tax Refund • Or to Access your PayPal Account. They are lots of other variations too…. This phishing technique is common and people fall victim to it every day. The email is formatted to look official and until you click one of the links within the email you’re safe. Upon clicking a link however you’ll be directed to a web site that again has been carefully crafted to look like the login page of the official site. If the user follows the phishing email link and enters their security details into the erroneous site, the usual trick is to display a login error message before the user is unknowingly sent to the official site to login for a 2nd time, leaving them none the wiser that their login details have now been stolen. Now that the fraudsters have the users details they can login to the official site as the user and commit fraud! Millions of pounds from global users is stolen every year through phishing. Banks often consider losses arising from phishing emails to be the fault of the user and therefore will not refund the lost money! How to Protect Yourself Although spam and junk filters can typically detect a phishing email the only sure-fire way to protect yourself is to never provide personal information in response to an unsolicited email. If the email really does look convincing, do not click any links in the email but instead go directly to the organisations web page to login and check your account. There are tools built into leading Internet browsers to help prevent phishing, however human logic, awareness and common sense prevail every time. Great Tips to Help Protect Yourself Further Never visit a bank or payment service by clicking a link in an email


Conclusion Now You Know What to Look Out For! Thank you for reading this quick guide. I hope you’ve found it very useful and informative. Lots of additional tips for protecting yourself online and increasing the performance of your PC can be found at www.speeddemonit.co.uk. If you enter your email address into the ‘subscription’ section at my site, all new tips will be delivered direct to your inbox. And..unlike the con-artists and scammers out there, I won’t share your email address with anybody else - promise! The chances are your PC is not as fast or secure as could be. For that reason you might want to look at my forthcoming book “The Beginner’s Guide to a Fast & Secure PC”. This book is for anyone with a Windows desktop or laptop computer that is used for business, at home or both. You’ll discover how to: • Easily remove unnecessary programs and files that slow your PC down

• Tweak settings to make your computer quicker and smoother than ever before

• Protect you and your data from viruses, hackers and spyware

• Download and install software to optimise your PC for increased speed and security. All the software used in the book is free and will deliver great results! If you have any questions about my books, my blog then email me at [email protected] Be safe online, protect yourself!

Gavin P.S. please recommend this free guide to your friends, family and work colleagues!

Page 14


Copyright Gavin Whittaker 2010 www.speeddemonit.co.uk For Wisdom Publishing Ltd

Documents

Avoiding Fraud on the Web by Gavin Whittaker