Archive | December, 2006
Email phishing is just getting oh so common today that I am frankly getting bored to death of it.
For goodness sake, I just received the following email from “Barclays Bank” here in the UK for the 7th time today!!
Dear Barclays International Online banking customer,
Barclays International Protection Department requests you to start the client details confirmation procedure. By clicking on the link at the bottom of this letter you will get all necessary instructions (edit: defrauded more like!) how to start and complete the confirmation procedure. The following steps are to be taken by all customers of the Barclays International Online banking.
Barclays International Protection Department apologizes for the inconveniencies caused to you, and is very grateful for your cooperation. (yeah, I bet you are!!)
To start the confirmation procedure, click the following link:
(There then follows a link to somewhere other than the official Barclays Bank website - surprise, surprise!)
I especially like some of the americanisms in their spelling - quite apt for a British bank eh?
Also, it’s rather curious that I receive phishing emails constantly from just about every bank but my own.
In fact, here in the UK, most phishing emails are for American banks.
With a lot of our email addresses having .co.uk on the end, or obviously belonging to British ISPs, you have to wonder just how dumb these would be scammers are.
So, what’s the best advice to prevent yourself from being defrauded by these scammers?
Easy!
Just remember - your bank isn’t going to ask for your confidential information… they already have it!
Never reply to unsolicited email as they are more often than not from people phishing.
Do a “mouseover” on links - this will often show that the link goes somewhere other than where it says it does.
Since the advent of the internet there has been a growing trade in virtual goods. This probably started with reports and then informational ebooks that could be electronically downloaded after payment. Such trades were commonplace on auction sites such as ebay. Though they have enforced stricter rules, you will still see many sellers offering such digital products.
More recently, however, a new tradeable commodity has come to light - characters, cash and equipment from the new massively multiplayer online roleplaying games (mmorpgs) that have gained in popularity in recent years.
Auction sites like ebay and gameplaying forums the world over have seen a sudden rise in trades of real world cash for online, virtual goods. Typically, this was fuelled by lazy gamers who wished to gain experience points, levels, equipment, etc without having to invest the necessary time to gain the advancements themselves. Many game developers moved quickly to outlaw this type of practice. However, it still goes on if you know where to look.
This has led to a new type of scam though. Just like the emails you can receive from “paypal” asking you to verify your details, phishing has become common amongst the mmorpg community. The email that the scammers issue states that unusual activity has been detected on your account. Of course, you need to sign in through their link in the email in order to verify your details.
Do this, however, at your peril - once the scammer has your details you are likely to find your password changed and your account sold to a third party in the blink of an eye. Currently there are no legal practices to deal with this type of transaction and likely none will be in place in the near future. Therefore, it is down to each individual game player to remain vigilant. Lose your account to one of these scammers and it is highly likely that you will be able to do nothing about it whatsoever.
With the “legitimate” trade in virtual property going underground due to the game developers’ rules it is hard to estimate how much trade actually occurs. Some estimates put the figure at up to $1bn a year! As with every area in life, such large figures will always attract the fraudsters and the scammers. Some companies, such as Blizzard who developed World of Warcraft, have now relented and allowed trade of items through their own online marketplace. However, this is still very much done with “caveat emptor” - let the buyer beware!
So, in conclusion, I believe it would be right to say that mmorpgs offer tremendous opportunities for gameplayers both in terms of the fun of playing them and in the potential to make real world cash if so inclined. Just be careful who you give your log in details to though!
Imagine the scenario. Your ordinary, law-abiding life is shattered by a phone call informing you that a warrant has been issued for your arrest. Why? Because you failed to appear in court to fulfill the jury service to which you had been summoned.
Of course you will protest your innocence, and rightly so, for you are adamant and certain that you were never informed of this jusry service. Getting more and more upset, you think nothing of confirming your identity in order to clear this mess up.
The scammer, for that is what he is, on the other end of the phone, will take advantage of the confused and upset state you are now in. He can “help” you of course. By soliciting personal information he can verify your identity and clear this mess up for you. He’ll take your passport details, your driving licence number, your full name and address. In other words… everything he needs to successfully steal your identity.
If the scammer, masquerading as a court official, is particularly malicious he may even take further advantage of you by claiming that the arrest warrant can only be revoked by paying a fine there and then. If he tricks you into doing this then he will not only have stolen your identity but will also have gained your credit card details along with the all important 3 digit security code on the back - everything he needs to start spending right away.
Remember:
- Always be on your guard when asked for personal information, especially over the phone or online
- Courts very rarely, if ever, ring prospective jurors
- Court communication is almost exclusively via the postal service
Click fraud is a relatively new phenomenon, made possible by the advent of publisher networks on the internet.
The major players - google and yahoo - have their own context based advertising systems. The principle of context based advertising is that publishers sign up and pay for keywords which then appear on search results and web pages with related content. The positioning in the SERPS (search engine results pages) and the type of sites the ads appear on vary according to how much the publisher wishes to “bid” on their chosen keyword or phrase.
Sounds like an ideal way for an advertiser to reach their target audience doesn’t it? Well.. yes and no. Of course, the genuine clicks that this type of advertising attracts will be from exactly the right type of audience to buy the related product or service available on the site they are redirected to.
However, the threat of click fraud is ever present. There are a couple of main reasons why someone would want to click on your ads, thereby making you pay for the click, despite having no interest in your product or service -
- Click Fraud by Competitors
A competitor stands to gain if your advertising budget is depleted by useless click-throughs. There have been many incidents where advertisers have tracked where their clicks have come from and have discovered the majority have been from one ip address - that of a business competitor.
- Click Fraud by Web Site Owners
Context based advertising appears not only on the SERPS but on related web pages too. With Google, for example, their adsense code can be placed on nigh on any site on the internet. When an adsense ad is clicked, the amount paid by the advertiser is split between Google and the owner of the website that the adsense was on. Therefore it can be very tempting for website owners to click on the adsense on their own sites, or get a friend or family member to do it for them.
Of course, Google, amongst others, is wise to this and will eventually catch on to the persistent click fraudsters. However, it takes time, and there will undoubtedly be some element of click fraud that will always go unnoticed and unrefunded.
With independant studies showing the level of fraudulent clicks online to be anywhere between 2% and 50% of all clicks, it can be a potentially expensive way to gain exposure to your business. In recent years, terms such as “mesothelioma” were costing around $70 per click - imagine if that was you paying that amount every time a greedy webmaster wanted to earn more cash by fraudulently clicking your ads on their website!!
Scamtypes Launches
December 28, 2006 – After months of development, ScamTypes.com is proud to announce that it has officially launched. The new weblog profiles many of the latest scams from around the world so that they can be avoided.
The web site was launched just earlier this month on December 17th, 2006, but even though it is barely a week old, ScamTypes.com has already become a leading resource for the latest scam news and is updated on a daily basis.
At ScamTypes.com, you will find detailed information on various scams so that you can get all the information you need to make sure that you stay as far away from the scam as possible. One of the best features of ScamTypes.com is that they do not stick to a specific niche of scams, but rather profile many different types of scams from online dating scams to credit card fraud to identity theft and everything in between.
The site defines itself as, “a new site dealing with the ever increasing threat of fraud, deception and confidence trickstering that can be found both online and in the real world.â€
“Our main goal with ScamTypes.com is to help people keep their money and not give it away to scammers,†said webmaster Lee Munson. “You worked hard for your money and with the information published on our web site, you can prevent yourself from falling prey to any of the most current scams .â€
The site also contains example messages in many posts so you can get a sense of what type of e-mails or messages are typically sent out by the scamming group and can hence send these e-mails into your trash, instead of replying and “falling for the scam.â€
When asked for future plans with ScamTypes.com, webmaster Lee Munson said, “We shall continuously be on the lookout for all types of scams and will be reporting on how they work, why some people are duped and best tips for avoiding them.†You visit the site and get all of the latest information on the latest scams at www.ScamTypes.com
Sunday, December 31, 2006
0 Comments