Oct. 6, 2013
Getty Images
Here's a scary scenario. You're innocently surfing the Web, maybe on an
unfamiliar site, not paying close attention. Suddenly your computer
screen fills with illegal pornographic images of minors. You try to
navigate away, but a warning screen branded by the National Security
Administration's Internet Surveillance Program pops up with the message:
"Your computer has been locked due to suspicion of illegal content
downloading and distribution."
You are then offered a sort of Hobson's choice: Pay a fine immediately, or face prosecution for downloading child pornography.
The folks behind that scam were actually based in Russia, SC Magazine reported, not NSA headquarters. The number of people entrapped by this type of scam has been increasing exponentially. In a recent report
from McAfee, an Internet security company, there were fewer than 25,000
samples of ransomware catalogued per quarter in the first half of 2011.
In the second quarter of 2013 alone, the number of new samples
multiplied to more than 320,000, (which was double the number in the
first quarter of this year).
"During the past two quarters we have catalogued more ransomware than in
all previous periods combined," MacAfee found. "This trend is also
reflected by warnings from law enforcement and federal agencies around
the globe."
If you think the most common cyber scam
still involves deposed Nigerian royalty eliciting your help to extract
fortunes from African banks, your time machine has stalled. Cyber ninjas
have become far more creative, sophisticated and inscrutable. With that
in mind, here are five links you should never, ever click.
1.
| Mobile Apps That Are Unfamiliar to You |
It's easy to think of spam and phishing as email-based scams. But with
the rise of mobile devices, scammers have added mobile apps to their
repertoire. Malware attacks on Android phones grew by 35 percent to
nearly 18,000 new samples in the second quarter of 2013, according to
McAfee.
It appears the onslaught will only grow worse. While the number of
attempted mobile device hacks increased by just over a third, the total
number of new malware applications discovered by McAfee researchers in
the second quarter was double the number found in the first. This trend
suggests that cyber scam artists are honing their craft.
Mobile malware takes many forms. It could purport to come from your
bank. It could trick you into paying for a fake dating app. Some
scammers even "weaponize" legitimate apps, turning real programs into
spying machines that siphon your location, contact and other data away
from legal enterprises and funnel it into the black market.
How to Avoid It: Control the impulse! Don't just click
on any app no matter how cool it seems at first blush. And just because
you see it in the app store doesn't mean it's safe. Do the research to
make sure it's the real deal before you download.
2.
| Remote Access |
In the latest and most popular iteration of this scam, con men pose as
employees of Microsoft. They send emails, instant messages or texts with
warnings that your computer has contracted a virus,
and provide a link that you can click so a "Microsoft employee" can fix
the problem. The thieves claim to work for different divisions of
Microsoft such as Windows Helpdesk and the Microsoft Research and
Development Team.
Once the scammers gain access, they "can install malicious software,
steal personal information, take control of the computer remotely or
direct consumers to fraudulent websites where they are asked to enter
their credit card information," according to the Better Business Bureau.
How to Avoid It: Never trust an unsolicited contact.
Only provide personal information or agree to a remote access session
when you initiate communication. If, for some reason, you are contacted
by anyone representing an institution with which you have a
relationship, always confirm the authenticity and contact information of
the organization before you respond and then only to the appropriate
department.
3.
| Porn |
While you mindlessly surf the Internet, you may accidentally click on
sketchy ads or spam. Or perhaps you get an email with a tantalizing
picture or link, which ultimately sends you to a site rife with illegal
pornographic images. Such despicable lures are just one part of the
larger epidemic of ransomware.
How to Avoid It: Pay attention! Absentminded clicking
can land you in a world of pain. Also, deal with businesses that are
security minded. These businesses have their websites tested at least
annually for vulnerabilities, then fix the security gaps before you get
trapped in them. Intentionally clicking on illegal sites, however, will
(and should) entitle you to a one-way ticket to a federal sleep-away
camp for a not inconsequential period of time.
4.
| Authority Scams |
Email, texts or phone calls alerting us to issues with our checking
accounts, tax returns and credit cards tend to elicit knee-jerk instant
responses (and are designed to do so). A natural tendency is to
immediately provide whatever personal information is required to
identify ourselves and make the problem go away.
This is not lost on scammers, which is what makes "authority scams" so
appealing to those on the dark side. From May 2012 through April 2013,
102,100 Internet users globally received phishing attacks every day,
twice the number of recipients the previous two years, according to a report
by Kapersky Lab, an Internet security company. Of those attempts, 20%
involved scammers impersonating banks. Of all fake and deceptive
websites, 50% of those discovered by Kapersky attempted to impersonate
banks, credit card companies and other financial services such as
PayPal.
How to Avoid It: Before clicking any links, entering
any username or password information or flinging any kind of precious
personal information into the ether, stop, take a breath and think. No
reputable financial institution, or government entity, would ever ask
you to provide such data via email; nor would they cold-call potential
victims of fraud and request sensitive personal data. If you receive an
email alerting you to fraud and requesting that you verify by email your
account username and password, it is – by definition – a scam.
5.
| Drug Spam |
For nearly as long as there's been email, there's been spam. Creative
criminals have used lures of all stripes to entice people into clicking
on links in their emails. Email has become the "carrier" for malware.
The email subject may be about a job, travel, shopping discounts, sex,
news, or, the most popular, drugs. McAfee's research team has found that
about 20 percent of all spam emails sent to recipients in the U.S.
referenced drugs in the subject line. It's no wonder with the cost of
healthcare in the U.S. that this is a particularly effective subject
line. Delivery service notification, in which fraudsters claiming to be
from UPS or FedEx say they could not deliver a package, came in a
distant second.
How to Avoid It: Don't take the bait. Why would you buy
drugs from anyone who contacts you blindly over the Internet? Your
health, your bank account, or both will suffer. And, if you're expecting
a package, contact the shipper directly.
These scams will continue as long as people will fall for them. It's all
about fear, carelessness, curiosity or distraction -- any of which can
lead to financial issues, health implications or being labeled a
criminal — even a sexual predator. The convenience and access of the
Internet creates vulnerabilities, opportunities and also requires
personal responsibility. Before you click, weigh each against the other
and do the smart thing.
Adam Levin is chairman and cofounder of Credit.com and Identity Theft 911.
His experience as former director of the New Jersey Division of
Consumer Affairs gives him unique insight into consumer privacy,
legislation and financial advocacy. He is a nationally recognized expert
on identity theft and credit.
