The Hot Season of Cyber Scams is on

With more than 2 billion people connected online, the Internet has become the favorite playground of scammers. There are thousands of scams in circulation today and it would be difficult to list them all. But they clearly pursue the same goal: extort money from their victims by taking advantage of their credulity.

With major upcoming media events around the globe, it is likely that scammers will arouse the curiosity of Internet users in the coming days starting with ‘fake lotteries’. These consist of spam emails sent to users to inform them that they are one of the lucky winners eligible for a large money amount or an exciting high-value prize. To collect their winnings, users are asked to first pay duties. Of course, whether they pay or not, they will never receive their prizes.

Another type of scam, called ‘purchase fraud’, promising tickets at discount prices for major events, is blossoming on the Web too. By surfing on classified ads websites such as eBay and Craigslist, users may find tickets at low prices. They should be very suspicious during this hot event period, as the seemingly good deals are oftentimes pure frauds.

A third type of scam that one may come across is the ‘rogue AV’. During major sports or political events, many users browse the Internet to learn about scores, results and other hot news. From a simple search on their favorite search engine, it is quite possible for users to get to a malicious website (or a legitimate website that has been hacked) with a pop-up window on their screen indicating that their computer is infected (even if they already have an antivirus (AV) program) and offering to clean it. This false message typically prompts users to click on the pop-up, enabling the installation of a fake AV without their knowledge and, next, the installation of Trojans to collect users’ key data such as passwords and banking numbers.

Above are the main examples of scams that we can expect during the Olympic Games, UEFA or US presidential elections. Now, there are others types of scams which are also very active:

Video Hoaxes and Social Networks
In this case, users receive a message from a Facebook friend claiming to offer "exclusive" images or "rare" video footage, especially after a major event - like Michael Jackson's death, the March 2011 tsunami in Japan or Osama bin Laden's execution - hits the news. These images or videos are often fake. Clicking on the link will take users to a legitimate looking Facebook page where they will be asked to copy and paste a link onto their browser, which will install malware onto the computer and automatically spread the scam to the users’ contacts.

If you wish to contribute to disaster relief efforts like the nuclear disaster in Fukushima or the earthquakes in New Zealand, use the official website or send a cheque to the official organisation’s office – do not reply to unsolicited emails.

Phishing & Identity Theft
Users may receive an email from their bank and/or Paypal highlighting that their account is blocked and requiring them to complete a form with their bank login details to remedy the situation. Those users should not reply and keep in mind that their bank would never ask for their banking ID by email. If they give away their banking credentials, their account could be completely emptied by scammers. This technique, called phishing, is also used by scammers to acquire other sensitive information like social security numbers. This scam can quickly become a major issue that affects more people than just the victim: damage can snowball when stolen credentials are used in second-stage attacks.

Advance Fee “Nigerian” Fraud
This scam has existed in various forms for centuries. The concept is simple: convince the victims they are going to receive a huge amount of money in exchange for little or no effort on their part. After making contact with the victim, the scammer would ask for fees to release the money. More money may be requested subsequently. This type of fraud can sometimes lead to serious financial losses by the victim.

Sweetheart Swindles
Perpetrators develop a long-distance relationship with their intended victims. In most cases, the cybercriminals pass themselves off as wealthy businessmen working abroad, or charming women looking for someone to take care of them. When the contact is made, it isn’t long before the perpetrator starts asking for money.   

All the above scams are flooding the Web and even well-informed Internet users might be snared. So, here are some basic but important tips to avoid losing key personal information or money:
- Requests for password or credit card information should set off alarm bells − double check before you comply.
- Be very wary of links that either lead to applications or external websites, especially if they are embedded in email or private messages discussing topical events or celebrities.
- Shortened URLs are becoming very popular with the rise of micro-blogging and social networking services. They are a convenient tool for abuse – clicking on them can direct you to a malicious website without warning.  
- Be cautious about revealing information typically used by Web services to recover your password, such as your mother’s maiden name, your favourite hobby or the school you went to. Once in the public domain, this information can be easily found and used to access your accounts or even establish a loan in your name.
- Never send money to anyone you have never met in person
- Review financial statements on a weekly or monthly basis. The earlier you spot an error, the easier it is to resolve.
- Believe the popular saying: “If it's too good to be true, then it probably is”
- If you haven't entered for a lottery, you can't win it.