Crooks Use High-Tech Scams to Commit Fraud
Judy Dahl
One of the most common methods of identity theft is through stolen purses and wallets, but, increasingly, crooks are using technology to commit fraud. Here are some of the most common scams and tips for guarding against them.
Skimming
How it works: Skimmers swipe your credit or debit card through a handheld device, or they install an overlay device�a slightly different color than the machine�on an ATM or gas pump. The device gleans information�your name, account number, expiration date, security features�off the magnetic stripe on the back of the card. The thief copies information from your card to a fraudulent one and sells it to a counterfeiter.
How to avoid it: Try not to let your card out of your sight when shopping or in a restaurant, and watch for devices on ATMs and gas pumps.
Pretexting
How it works: A criminal gets your personal information under false pretenses, such as by calling and posing as a survey firm, then sells it to people who may use it to get credit in your name, steal your assets, or investigate or sue you.
How to avoid it: Never give out your financial information via phone or e-mail unless you initiated the contact.
Keep your firewall and virus-protection software up-to-date.
Phishing
How it works: Scammers send e-mails�often including the name and logo of a legitimate business or financial institution�luring victims to a "spoofed" or fake Web site where they're asked to enter personal information.
How to avoid it: Beware of e-mails that use a generic greeting (Dear Visa customer, or Dear friend) rather than your name, refer to an urgent problem, say that your account will be shut down unless you reconfirm billing or other personal information, or urge you to click on a link within an unsolicited message. Remember: A legitimate business or financial institution will never ask you to enter sensitive financial information via e-mail.
Smishing
Smishing is phishing via SMS (short message service) and it's targeted at cell phone users who use text messaging.
How it works: You receive a text message along these lines: "We're confirming you've signed up for our dating service. You will be charged $2 a day unless you cancel your order." The message includes a Web link that routes you to the main phishing page, where you're prompted to download a program�a Trojan horse that turns your computer into a zombie controlled by hackers and used within a larger network to steal personal account information and perform other malicious activities.
How to avoid it: Be cautious about deregistering from a service when you're sure you didn't make a formal arrangement with the sender. Be as vigilant about security for your cell phone as you are for your computer. If you have children who have cell phones, warn them about this scam as well. Fraudsters have long tried to talk people out of their money with hard-luck stories.
Vishing
How it works: You receive a phone call from an automated random dialer informing you that your credit card has been used illegally and asking you to call a fake 800 number, where you'll be asked to confirm your account details. Or you may receive an e-mail asking you to call a toll-free number.
How to avoid it: If you get a call asking you to give personal information, hang up and call the financial institution that issued your card, using the number on the back of the card. Your provider will know if the call is legitimate. Delete any e-mail requests making similar requests, and never provide personal information in response to an e-mail.
Pharming
How it works: When you type in an Internet address and hit enter, you're redirected to a fake Web site where you're asked to submit personal information.
A hacker may have hijacked the legitimate site and is redirecting all traffic.
Malware such as viruses and Trojans may be directing you to the site.
A minor misspelling of the domain name (vvestcu.org vs. westcu.org) may trigger the redirection.
It may be DNS (domain name server) poisoning, which is most dangerous of all�a poisoned server is redirecting traffic. Basically, you enter a Web address into your browser, and poisoned servers send you to a Web site other than the one you requested.
How to avoid it: Keep your firewall and virus-protection software up-to-date. Also, look for "https:" in the URL before entering sensitive information and for the closed padlock icon in your browser frame, separate from the vendor Web site window; these indicate secure sites. A legitimate business or financial institution will never ask you to enter sensitive financial information via e-mail.
Online payday loans
How it works: While all payday loans have certain features�such as loan- shark-high interest rates�in common, loans arranged online are even more troublesome than those applied for in person. The online loan applications ask for the personal and financial information anyone would need to steal your identity. And some online payday lenders lack secure Internet connections, so you could be broadcasting your personal information throughout cyberspace. You'd have to give the lender permission to access your checking account to withdraw fees and interest, which could result in overdraft fees from the lender and your financial institutions. Since lenders want you to renew or "flip" the loans, they often make it difficult to pay them off, and it's typically difficult to track the lender down.
How to avoid it: If you're thinking about a payday loan, call your credit union first. It likely offers low-cost, borrower-friendly alternatives. As Todd Mark, vice president of education for Consumer Credit Counseling Service of Greater Dallas, warns, "It's just plain and simple a bad idea to give a payday lender access to your account."
Published February 23, 2009
|
