Ever opened your email to find an “official” notice from your ISP or maybe your bank claiming your account was suspended? Before you click that link and fill out that form with your personal information, find out what the FBI has to say about bogus emails threats and scams.
I recently received an email stating that my Internet provider, AOL.com, was about to suspend my account as payment for services had not yet been received. An attachment was enclosed, which the sender said was a survey I had to fill out if I wanted my service to continue.
Considering that my AOL account was in fact paid, I was suspicious of the email message and I didn’t fill out the survey. Instead, I forwarded the suspicious email to AOL security. As I suspected, the email was a fraud. Perhaps the sender was hoping to get personal information from me, or perhaps the sender was simply seeking to maliciously infect my computer with a virus.
I’m not the only person receiving fraudulent emails, according to the FBI.
As computers and the internet are indispensable today to most business people, and so many business transactions are conducted via email, it is only natural that criminal predators are drawn to the Internet.
Computer users have to be on guard against thieves and scam artists, such as the senders of emails, text messages, or telephone calls that are supposedly from your credit card/debit card company. The email directs you to contact a telephone number to re-activate your card due to a security issue.
There are reports of different variations of this scheme (like my AOL billing email), known as “vishing.” These attacks against financial institutions, businesses and consumers continue to rise at an alarming rate, according to the FBI.
Vishing operates like phishing by persuading users to divulge their “Personally Identifiable Information,” or PII as the FBI calls it, by claiming their account was suspended, deactivated, or terminated. Email recipients are directed to contact their bank via a telephone number provided in the email or by an automated recording.
When you call the telephone number, you are greeted with a message that goes something like this, “Welcome to the bank of …” You are then asked to enter your card number in order to resolve a pending security issue. I didn’t call or respond to my bogus-AOL email, so I’m not sure if the recording actually thanks you for being a victim or wishes you a nice day.
Trying to be truly authentic, some fraudulent emails claim that the bank would never contact customers to obtain their PII by any means, including email, mail, or instant messenger. These emails further warn recipients not to provide sensitive information when requested in an email and not to click on embedded links, claiming they could contain “malicious software aimed at capturing login credentials.”
Bu the FBI warns us to be aware that these spam emails may actually contain malicious code (malware) which can harm your computer. The FBI advises computer users to be wary of any email received from an unknown sender. Don’t open any unsolicited email and don’t click on any links provided
The FBI also reports that cyber criminals are sending out emails stating that a complaint has been filed against them or their company with the Department of Justice, the IRS, the Social Security Administration, or the Better Business Bureau.
The emails are intended to appear from real government agencies, and they address the user directly by name with other personal information often contained in the email as well. The FBI states that consistent with past history, the scam is likely an effort to secure personal information. According to the FBI, the nature of these scams is to create a false sense of urgency for the user in hope that they will provide the scammers with a response via a simple click on a hyperlink, opening an attachment, or by initiating a telephone call.
The FBI believes the email refers to a complaint that is in the form of an attachment, which actually contains virus software designed to steal passwords from the computer user. The virus is wrapped in a screensaver file, which most anti-virus programs cannot detect its malicious intent. Once downloaded, the virus is designed to monitor username and password logins, and record the activity, as well as other password-type information, entered on the compromised machine.
The FBI also reports a clever, new version of fraud that involves the sending of text messages to cell phones claiming the recipient’s online bank account has expired. The message instructs the recipient to renew their online bank account by using the link provided.
If you have a question concerning your account or credit/debit card, you should contact your bank, using a telephone number from your statement or a telephone book.
The FBI says that there are so many criminal methodologies out there in cyber-space, it’s impossible to list every criminal scenario. The scams are evolving as rapidly as the technology itself. So be aware of emails, telephone calls or text messages that ask for your personal information.