By PC Plus, Sead Fadilpaši?

Safeguard yourself against online scams

These days, internet fraud is omnipresent. Most people and most organizations, regardless of their location or industry, were probably targeted multiple times already. The line between those who fell prey and those who didn’t is thin – the victims were, most likely, just a bit naive.

People who get their bank accounts drained first reach out to the banks, an anonymous bank manager told PC Magazine. The banks, however, can do very little, and instead redirect the victims to the police.

“It’s very sad,” they said, speaking about the real-life effects of internet crime.

Criminals don’t care if their victims are in good standing or poor. They will target their life savings, home, and dignity, all for a little profit. Phishing remains the most prevalent attack, deceiving unsuspecting victims into believing they are interacting with regular people, their friends and family, or legitimate institutions. By enticing victims to click on malicious links, criminals gain access to sensitive login credentials, compromising bank accounts and other valuable information.

Trend Micro Premium Security Suite plus ScamCheck

Powered by AI, Trend Micro Premium Security Suite with Trend Micro ScamCheck provides complete device security, identity protection, and scam prevention for up to 10 devices.

It works on Windows, Mac, Android, iOS, and Chromebook so you can secure all yours and your family’s devices whether you are at home or on the go.

The security suite includes Maximum Security with 24/7 support, Mobile Security, ID Protection, ID Theft Restoration, a Password Manager, Trend Micro Scam Chec,k and a secure VPN for protection on public WiFi.

View Deal

Cheating the system

“I call phishing ‘out cheating’,” says economist Dr Darrin Baines. “You must at some level trust the person who’s conning you. So, for example, someone sends you an email saying ‘I’m in Africa, why don’t you send me some money?’. There must be something in that narrative that triggers the feeling that they’re worth trusting.”

Happily, shoppers are becoming more web savvy, spending more online, and getting ripped off less. “Last year an estimated £153million of card fraud took place over the internet – a decrease of 16 percent from 2008, when e-commerce card fraud losses were approximately £182million,” says Mark Bowerman, spokesperson for the UK Cards Association.

In the same period, credit and debit cards were used to buy a record £47billion worth of goods and services online, which was up 15 percent from 2008. So the percentage of dodgy web transactions is dropping – but that doesn’t mean you should get complacent.

Bowerman advises consumers to get familiar with the latest advice in the Cardholders section of the Card Watch website. Knowing which cons are in operation is key to staying safe online. In some cases, the swindles are old ones that have migrated to the internet. But what are they? Let’s take a look at the scams, how to spot them, and how to avoid them.

Internet scams

Threat actors exploit various tactics to defraud unsuspecting individuals, collectively siphoning billions of dollars annually into the underground economy. Staying informed about the latest scams is something we all must do.

A common technique is advanced fee fraud, where victims are lured with promises of substantial financial gain, only to be subjected to escalating fees and expenses. This predatory approach can lead to devastating financial consequences, including bankruptcy and even suicide.

The infamous Nigerian 419 scam is a prime example of advanced fee fraud. Victims receive emails claiming to be from the family of a deceased official seeking assistance in transferring a large sum of money. While the initial request may seem innocuous, it quickly escalates into a series of fraudulent fees and demands.

Another common scam is the fake lottery, where victims are falsely notified of winning a substantial prize. To claim the prize, they are instructed to pay various fees and taxes, ultimately losing money and never seeing their “winnings”.

It’s essential to remember that unsolicited offers of wealth, especially from unknown sources, are highly suspicious. If you haven’t participated in a lottery or competition, it’s unlikely that you’ve won. Even if you did participate, always double-check via other means. As a bank manager wisely advises, always exercise caution and verify any unexpected claims of financial gain.

When gain is really loss

While we’re talking about easy money, it’s worth keeping your eye out for pump-and-dump scams. Here, criminals buy up a bucketload of unloved shares. Inboxes around the world are then sent spam tipping the stock as a sure-fire winner.

The hope is that people will contact their brokers, buy the stock, and push its price higher. When the price shifts up, the scammers unload their holdings and trousers a profit. This sale inevitably depletes the price and punters around the world are left nursing a loss.

The infallible prediction scam is also a criminal’s favorite. Here you’re promised, say, the name of a winning horse for a fee. You pay and you get a nag’s name. But the scammer is also talking to other people, telling them different horses in the race will win.

Inevitably one will win and the person who receives that horse’s name will believe the scammer is somehow in the know. When the next race comes along, the scammer contacts his pool of now-seduced clients and sends them different horses’ names. Again, some will inevitably get the winner’s name, further enhancing his reputation. In essence, the scammer is playing a mathematical game where he can’t lose.

Human loss for profit

Playing with emotion is a lucrative game for scammers, and within hours of a natural disaster, emails begging for help begin to flood inboxes. But these emails are spam, and rather than collecting money for charity, the sites they point to save credit card details for later use.

It’s a nasty con that exploits human kindness, but it’s easy to avoid by waiting until an appeal is launched in the media and visiting the official site when it’s announced.

Doctor Feelbad

A large amount of spam concerns fake drugs, where spammers target those looking for a good time. Viagra, stimulants, smart drugs and prescription-only medicines are all apparently freely available via internet pharmacies. In some instances, outfits have even offered cannabis and ecstasy.

The problem with buying illicit drugs online is that you’re hardly likely to complain if they don’t arrive. If you don’t get what you paid for, there’s no comeback. And what happens if the pharmacy is simply collecting credit card details? It isn’t worth the risk.

The cold call support con

Yet another typical scam involves cold callers posing as representatives from your internet service provider, claiming that your computer is infected with a virus and requires immediate attention. To address the purported issue, they request remote access to your device.

From there, they can do two things: Either ask for payment (and steal your credit card information in the process), or install malware on the device, using the remote access you provided.

Online auction scams

Online auction sites, while offering a treasure trove of deals, can also be breeding grounds for scams that exploit trust in the system. As economist Dr. Baines explains, an online reputation built through user ratings plays an important part for establishing trust.

Platforms like eBay rely heavily on this system, allowing buyers and sellers to rate each other. However, savvy bargain hunters need to be aware of several prevalent scams before bidding farewell to their cash.

Account hijack

A perfect seller reputation with 100% positive feedback is valuable, and scammers know this. They attempt to trick you into surrendering your password, allowing you to log in, change your details, and lock you out. While you scramble to prove your ownership to the auction site, the scammer exploits your good standing by creating listings for non-existent items.

Beware of phishing, if you want to stay safe. Never click on links within emails claiming to be from the auction site requesting login verification. Always log in directly through the platform’s official website.

Wire and escrow scams

Always utilize the built-in payment system offered by the auction site. If a seller insists on using wire transfer services like Western Union instead of secure options like PayPal, refuse. Wire transfers are not protected against fraud, and your money could disappear without a trace.

Scammers may offer high-value items (cameras are a popular target) at significantly lower prices to entice buyers. You win the auction, and send the money, but the transaction is rejected. The seller then claims a problem with their PayPal account and requests an alternative, unsecured payment method. Unaware of the scam, you send the money, and the seller vanishes.

Another similar scam is the fake escrow. Escrow services act as trusted third parties, holding the buyer’s money until the seller delivers the goods. While reputable platforms like eBay might suggest legitimate escrow services like escrow.com, be wary if the seller proposes a different service. Sending money through such channels could be akin to throwing it into a black hole.

Sending goods before payment

The auction winner might fabricate a story about delayed funds and offer fake documentation to prove they’ll pay soon. However, don’t be fooled. This tactic aims to pressure you into dispatching the goods before receiving payment.

Remember to never ship goods before receiving payment securely in your PayPal or bank account.

The chargeback

This scam exploits reputable payment systems. You receive payment via PayPal, and ship the purchased item, only for the buyer to file a false claim with PayPal stating they never received it. After that, PayPal refunds the buyer, leaving you out of pocket.

To counteract this, make sure to only ship items to PayPal-confirmed addresses.

Also, always utilize tracked delivery services like Recorded Delivery. Include the cost of secure shipping in your pricing, but avoid overcharging for postage. Inflated shipping charges can be deceptive themselves.

Try to understand these common scams and always adopt safe practices. If you do, you can become a more informed and secure online auction participant.

Inflated or unknown postage charges

This is a borderline scam that tempts many new sellers keen to maximise their auction income. If you’ve ever sold anything on Ebay, you’ll know that postage on a small item such as a book doesn’t cost a lot – maybe £2 including the time to go to the Post Office.

Always take the postage charges into account when weighing up a bargain – especially if the stated postal method is second class, unrecorded post. If the seller says that he’ll only tell you the postage charge if you win the auction, he’s probably a con man – and you’d be very wise to look elsewhere.

Payment for information

This is an interesting scam because it involves selling information about how to get goods rather than selling the goods themselves. The listing page might show something like an iPhone, and the description is worded as if you’ll be getting one, but what you actually buy is information about how to find items with descriptions that contain spelling mistakes and are therefore not being bid upon.

This is a handy tactic, but there’s no need for you to pay for these details.

Counterfeit goods

Sites such as eBay work hard to remove counterfeit goods as soon as they appear, but some get through. You should be suspicious of any auction listing that shows a generic photograph, and be very wary of items where the label isn’t on display. If the seller says that the item is “like” a well-known brand, leave it well alone.

Another tactic used by sellers of counterfeit goods is to keep the listing short so people think they’re missing out on a bargain. If you see any of these signs, it’s a good idea to report the auction.

Shill bidding

Shill bidding – artificially inflating the price by bidding on your own goods – is illegal in the UK. It may be that a legitimate bidder is desperate to win an auction and will always outbid you, but sometimes the bidder is not what they seem.

The way to protect yourself from this subtle con is to set yourself a clear limit not bid a penny more. If the seller is shill bidding and outbids you, he wins his own item and wastes his time instead of getting your cash.

“I’m not an expert”

Exercise caution when dealing with sellers who are unclear about the item they’re offering. This ambiguity might be a ploy to conceal defects or misrepresent the product. The phrase “sold as seen” is often used to mask potential issues, so it’s vital to approach such listings with skepticism.

To avoid this type of scam, ask specific questions to clarify any doubts and seek detailed information from the seller. If the seller is evasive or unwilling to provide clear answers, it’s best to avoid the auction and report any suspicious activity to the appropriate authorities.

Social networking scams

Social media platforms, built on trust and connection, have become fertile ground for cybercriminals. As Dr. Baines aptly notes, our online reputation and the perceptions of others significantly influence our digital interactions.

While we may be cautious about directly responding to phishing emails, we are more likely to trust information shared by friends and acquaintances. Unfortunately, these individuals may be unaware of the risks or have their accounts compromised, inadvertently spreading malicious links and threats.

This tactic echoes early email scams, where well-meaning individuals would forward chain emails warning of fictitious viruses capable of causing physical damage to computers. These hoaxes exploited human psychology, leveraging trust and fear to spread misinformation. Today, these same psychological principles are exploited to distribute actual malware.

Be wary of apps

In the race for revenue, many social networking sites allow users to install web apps and pass the time playing embedded games. However, the proliferation of apps is such that it’s difficult to keep up with new ones, even for the site’s dedicated security staff.

Because of this, there’s a real danger that you could accidentally install malware. Without proper antivirus protection, you could then see your Facebook or MySpace account hijacked and used to send spam and malware, or your credit card details being sold and abused.

Search for any app that you want to install to see if it’s been reported as dodgy – and ensure you’re running decent antivirus software too. Hackers who specialize in malware for social networking sites know that good lies can travel around the world faster than they can be exposed. A good example is the rise in cons that rely on worried friends passing on supposed advice about how to avoid the latest threat.

A flurry of wall posts on Facebook that include a link to a malicious web page can lend a level of credibility to a phishing site that can’t be achieved easily in any other way. There’s a good chance that many people will repost the link for their pool of friends to read without even checking the site to see if it’s legitimate first.

When you receive such a link from a friend, the first thing you should do is search for it to see if it’s been flagged as a scam. If it has, the responsible thing to do is to warn others by posting the news. It may embarrass your friend, but you’ll be saving their bacon in the long run, as well as that of their other friends. Just be careful how you word the update – you don’t want it to appear as if you’ve been hacked too!

The friend in trouble

A growing problem for social networking sites with chat facilities is the ‘friend in trouble’ scam. After hijacking an account, the con man starts a chat with somebody. He exchanges hellos and then says he has a problem. He’s on holiday in a dodgy part of the world and, unsurprisingly, has been robbed. Can you help him out by wiring him the money he needs to get home? Why wouldn’t you want to help out a friend you know in real life?

That’s the central mechanism that makes this con work. Your job is to try to decide whether you’re about to ignore a real plea for help. The easiest way of telling if the person is really your friend is to ask several questions only the real friend would know the answer to. Remember that the scammer has access to the information in your profile, the profile of the account he’s hijacked, and those of your mutual friends.

Because of this, be sure to ask about unique events that may have happened decades ago, and which neither of you has spoken about for years. It’s surprising just how quickly a scammer will make excuses and leave, whereupon you must contact the account’s real owner and tell him what happened.

“Is this you?”

This scam highlights the power of trust in online relationships. Some time ago, X (while it was still called Twitter) users received direct messages from seemingly compromised friend accounts, warning them to delete a photo uploaded to an unknown site. This vague yet urgent message, coupled with the perceived trust in the sender, enticed many users to click on the malicious link, leading to malware infection.

To protect yourself from such scams, it’s critical to verify the authenticity of messages, especially when they appear urgent or suspicious. Avoid responding directly to the message and instead opt for alternative communication channels like phone calls or email to confirm the sender’s intent.