The internet offers a huge range of opportunities to everyone and some people use it for good, some for bad. To say that there is a sucker born every minute is probably an understatement when it comes to the web as many, many people fall daily to internet based scams. For a company like us we spend hours and hours of time defending and countering internet-based attacks. Just this week, two scams were doing the rounds of classified based websites.
One of the tricks used is that the true victim is unaware of the scam right until the last minute, by which time it is generally too late. Many people are surprised by how organised and targeted internet-based scams are and think “ I’m so small, why would they attack me?” Like a few things in life as the scam unfolds you find that you are only part of a bigger and more complex picture. The timings used are very exact and ensure maximum impact on the intended targets and time periods -long weekends are favourites. During this time the scammers are banking on the fact that the targets are more relaxed and their system and web providers have less support available to manage or monitor events. From our point of view, we have support available in the AutoBase office during Saturday and have strict monitoring in place 24/7.
Along with timing, a scam will normally build in a number of stages that do not seem to link until the very last minute. The first step is to always gain access to user accounts. As there are many complex tools in place to stop the scammer hacking the user information directly, the easiest way is to just ask the users for their login information directly. Surprising, this does work with the old ‘click on this link to update your information’ trick. The user is further fooled as the site mirrors the expected interface, as it is a direct copy of the legitimate website. An extra step used to stop the user thinking something is wrong is when after the first attempt to enter your username and password , the second attempt works and redirects you back to the legitimate website.
With this user information, and generally before a weekend, the user information is used to change the following. The price is reduced only enough to make the items look attractive, but not enough to raise the suspicion of the purchaser. This leaves the purchaser with a sense of urgency around closing the deal. What makes the pricing look even more legitimate is the adding of comments stating that the company is running some type of sale before re-locating or closing down. Finally, the contact details have been updated to redirect enquires back to the scammer. Now the spider web is set.
As the purchasers start to make contact, the scammer feeds off the urgency of the buyer and states that they have had a number of enquires and to hold or secure the item a holding fee or deposit is required to be paid immediately. Stung! By the time it has come to the surface of what is happening, it is too late for some. Nowadays the scammers are heading back for a second go and enquiring about the vehicles that they have changed and updated. By doing this they then see when they have been sprung, as they are notified along with the other buyers that they have been involved in a scam.
The golden rule is to never reply to an email or click on a link requesting your username and details. No online trader or bank will ever ask you to do this and if you have any doubt call the company requesting the information directly. If it is found to be a scam, this kicks off a number of processes around getting the website removed and efforts in locating where the scammer operating from. This also allows any other users who could have been impacted to be contacted.
How do I identify a phishing scam?
· You receive an email from a company that you currently do business with and they are requesting you username and password
· The email could state your name or company. However generally they state Sir or Madam
· The email warns that you have been a victim of fraud
· The email says that you need to confirm or enter a new password
· The HTML tags behind the links on the email will reveal that the underlying URL usually does not link to a page within the authentic domain
· You did not initiate contact with the sender or may not have expected to receive it
· The email contains grammatical errors and spelling mistakes.