complogo
Course home      Hardware      Software      Internet

Lesson 5:  Cybercrime & scams

 

Here are some names and descriptions of Cyber Scams - how online criminals try to take your money. Read the description of each scam, and then decide which name goes with each text. Click on the name first and then select the space in the text which goes with the name. Keep going until you have matched them all.

 

[......] A person selling a product on the internet receives an email from someone (generally abroad) who offers to buy the product. For some reason, the buyer overpays. Perhaps because he says a friend owes him money, and the friend will send the money to the seller. The seller should take what he is owed and pass on the rest to the buyer. The money always arrives as a beautifully forged banker's draft. This is a sort of cheque written by the bank, and was once considered almost as good as money. Once the draft has been paid in, the bank will often show that the money is in the sellers account. So the seller sends off the extra money which was 'overpaid' and often the thing he is selling as well. Only later does his bank discover the forgery and take back its money. This means that the seller has not only lost what he was selling, but some extra cash as well.

[......] A user receives an email telling him that there is a problem with his bank account, or that because new security software has been installed, he must re-enter his account details. A link is given in the email that leads to an official-looking web page. In reality, the web page is run by a scammer who takes the security information given and immediately uses it to withdraw money from his victim's account. Phishing emails can be detected by looking at the message code (which often shows that it was sent to many people at one time) and by looking at the link, which often goes to a different site to the one which which it shows in the email. It is easier to see these things if you do not view your emails in HTML. Look for other signs such as the message starting 'Dear customer' instead of using your name. If in doubt, close the email and type the address of your bank into the URL bar of a newly-opened browser window instead.

[......] This might be an .mp3 of your favourite song, it might be a spam email offering you a $300 software package for $3 - the one thing you can be sure of is that the person who produced the original product is not going to see any of the money. Sometimes, you get exactly what you have paid for - congratulations; you have found an honest thief. Sometimes you get a bit more than you paid for; some 'bonus' software which installs without you noticing. This may be a trojan which turns your computer into a bot, or a virus factory. It might install a mini-website serving illegal pornography, or just a keystroke logger which records all your passwords, including the passwords to your bank account. Even if the spyware does none of these things, once the counterfeiter has access to your computer he can use your name and personal details to open a bank account in your name, run up thousands of dollars of debts, and ruin your credit record so that you can never borrow money again. And you thought counterfeit software was cheap?

[......] Botnets are networks of computers that have been taken over by a scammer using trojans (see viruses exercise X) or a keystroke logger (see below). some botnets have hundreds or even thousands of captive computers. Before a big event the criminal emails websites that are connected to the event (for example betting sites just before a big horse race) and threatens to 'take down' the site unless he is paid a lot of money. If his victim refuses to pay, the 'bots' on the criminal's network all start to ask the website that they are attacking for web pages - lots and lots of web pages. all at once. The website can't cope with all the requests, and shuts down, just when it should be making the most money.

1 Ransomware
2 Lottery scam
3 The Overpayment scam
4 DDOS extortion
5 Cyber mules
6 Phishing
7 eBay fraud
8 419 scams
9 Counterfeit software

[......] You get an email from someone who says that he heard of you through a 'business acquaintance' (though the email does not give the name). The writer of the email is usually from Africa, or from Asia, and has suddenly found himself in charge of a massive fortune. Sometimes the writer pretends to be the relative of a dead african politician, or the manager of a bank, or even someone dying of a horrible disease who wants to give her money away to a deserving cause. Whatever happens, the writer wants you to supply your personal details and the number of your bank account so that countless millions of pounds can be deposited there. Except, it turns out that there is a small processing fee, and that another official needs to be bribed, and so the steady requests for money go on, each promising that this is the last before the big payout. Finally you may be asked to go to the country to finalize the details, which is a way of asking you to kidnap yourself and hand yourself over to some rather scary criminals.

[......] The advertisement looks promising. 'We are an business in Latvia/Estonia/some place far away. We need a client in your country to act as our agent. Reasonable wages for a small amount of money.' What the person answering the advertisment discovers is that the company wants them to take payments from people in their country, put them together into a single payment, and send this abroad. It sounds reasonable, until you realize that one of the biggest problems for people running phishing scams is that banks are suspicious of cash transfers abroad, and often check with the holders of the account that this is what they wish to do. So the cyber-mule takes the money stolen from accounts by phishing and transfers it to the criminals abroad - once or twice. It does not take long before the police have caught up with him and his bank account has been seized, but by then the real criminals have found another victim.

[......] For increased computer security, many people have a secure drive on their computer where all the information is encrypted. The problem is that if you have lost the password, you can't decrypt the information, and it is lost. Cyber thieves have realized this, and sometimes once they have gained control of a computer they encrypt all the information they can find. Then they leave a message on the screen giving information how the victim can get the data back in exchange for a payment (usually in the region of $400 or so). This type of theft has become more popular with the arrival of digital currencies such as bitcoin which make it harder to check where the money had been paid to.

[......] This is straightforward. Someone offers an expensive product at a very reasonable price, takes the money, and never sends the goods. Ebay are very aware of this danger, and offer protection schemes to allow buyers to get at least some of their money back, but it is a good idea to check carefully to see if you are dealing with a seller with a good reputation who has sold many expensive items before. A more sophisticated ebay fraud is when the buyer of an expensive product claims to have put the money in 'escrow'. 'Escrow' is when you give money to an independent agency which holds it until the goods that were ordered have actually arrived. Then they give the money to the seller. However, the fraudsters create their own fake escrow agencies, and as soon as they receive the goods, they quietly close down their 'escrow agency' and vanish with the expensive product - which was naturally sent to a temporary post box or holding address.

[......] This time you receive an email telling you that you have won a lottery that you didn't even know you had entered. The organizers want to know what bank account to pay your millions into. From here the process is similar to the 419 scam. It turns out that your lottery money is held in one bank account, and to get it, you have to pay the fees and the currency conversion costs. If you do this, there is another 'transaction charge' and a 'cross-border verification fee'. And so it goes on until finally the unfortunate 'winner' realizes that instead of gaining a large fortune, he has paid a small fortune to a very happy criminal.

Back

back