Fraudsters take advantage of innocent consumers daily through
check, ATM (automated teller machine), and Internet scams. These
gifted scammers use the latest technology to make it harder and
harder to detect if your transactions are legit. Knowing the latest
trends in the scamming industry can help you protect yourself from
Phishing incidents take center stage in Internet scams as
they've increased dramatically in popularity in the past year.
Phishers use the Internet to steal money and personal identities.
Victims usually receive fraudulent e-mails containing authentic
looking company logos and familiar graphics and are asked to
divulge financial information. A study by the Gartner technology
research firm shows 52 million U.S. Internet users received
phishing e-mail during the past 12 months, from which 1.8 million
consumers divulged information and one million fell victim. While
consumers at banks and credit unions are prime targets, AOL and
eBay users also are victims of frequent attacks. Elizabeth was a
victim of an AOL attack when she discovered her credit card number
had been stolen from her online AOL wallet. She now enters her
credit card number and password each time she makes a purchase, no
longer keeping them saved. Elizabeth responded to "What's Your
Story?" on the Home and Family Finance Resource Center Web site, as
did other contributors in this article.
"Fifty-two million U.S. Internet users received phishing
e-mail during the past 12 months."
As consumers such as Elizabeth catch on, phishers develop new
ways to scam their victims. Many phishers now are trying techniques
that have worked well for virus writers. The newest phishing scam
is activated when you simply open an e-mail, no clicking required.
Once infected, the scammers change the IP (Internet Protocol)
address in your PC's Hosts file to their choosing. The fraudsters
then associate the IP address with bogus bank/credit union Web
sites, which forces your browser to go to fake Web sites that look
like your financial institution's site.
A phisher using the name Robotecteur is responsible for sending
out the e-mail virus "I Still Love You" to three million people.
The virus recorded user names and passwords when the user visited
any of 30 online banks and payment Web sites programmed in the
virus. Robotecteur then received e-mails containing the sensitive
This form of phishing is different because the scammers don't
have to lure you to a specific Web site. Instead, they get your
username and password once you log in to a banking Web site. A
keylogger then records your information and takes screen shots of
your PC activity.
Unfortunately, most PC users will not detect a problem until
it's too late, because most are not knowledgeable with Hosts files.
While the attacks have only occurred in Brazil, Australia, and the
United Kingdom, security experts expect to see the scam soon in the
U.S. However, experts also say all phishing scams, these included,
are preventable. As always, run and update antivirus software
frequently and, if you don't have one already, install a firewall.
More information about phishing is available on the Anti-Phishing
Working Group Web site.
While phishing remains a high concern, experts also caution
consumers against high-risk Internet use. The FTC (Federal Trade
Commission) reports 55% of filed complaints are related to Internet
fraud. The median loss for an Internet attack is $195. While online
banking is safe, consumers still are more fearful of online banking
transactions than giving out financial information for online
shopping. Experts advise consumers to monitor their accounts
regularly rather than wait for the monthly mailed statement.
"The most common check scam is the "Nigerian Advance Fee
Fraud," with 100 victims daily."
Brad, from Maryland, noticed unusual activity on his card, which
he hadn't used in several months. Brad noticed the suspicious
charges when he checked his online account. His quick action
allowed him to resolve the matter before anything was posted on his
Experts say it's also a good idea to change your online banking
and shopping account passwords every three to six months. And to
avoid being led to fraudulent Web sites, retype the Web address in
your browser rather than click through e-mail links. These simple
steps can protect you from serious hassles down the road.
While scammers increasingly turn to the Internet, consumers
still are targets of check scams. During a five-month period from
January to June 2004, check scams collected an average $5,000 loss
per consumer. Fraudsters increasingly use e-mail to contact their
There are several variations of the check scam; the most common
strategy is the "Nigerian Advance Fee Fraud," with 100 victims
daily. The scammer proposes to send the victim a check for an extra
sum and requests the victim wire back the excess money. The
scammers often are from--or at least claim to be from--other
countries, which explains why it is too difficult for them to make
direct payment. Scammers offer to buy something you have for sale,
offer you collection of a sweepstakes you won, or pay you to work
Victims often send the product or money to the scammer once they
receive payment. However, the realistic looking checks sent to
victims are forgeries and, unfortunately, the victims are
responsible for the money they withdraw against the bad check.
Experts advise sellers to not send refunds or deliver goods in the
period it takes cashiers' checks to clear.
Like all scammers, those who target ATM users use the latest
technology to their advantage. The newest ATM scam involves
skimming. Fraudsters make counterfeit ATM cards by using a skimmer,
which is a card-swipe device that reads the information on a
consumer's ATM card. Scammers take a blank card and encode all the
information from an ATM card when they swipe immediately after the
machine's last transaction. The skimmer catches the PIN (personal
identification number) through a small camera mounted on the ATM.
The consumer is unaware they've been scammed because the ATM card
has not been stolen and still works at other machines.
"Fifty-five percent of filed complaints are related to
Joyce, from Colorado, fell victim to such an attack. Because her
card wasn't stolen, she didn't detect a problem until her checking
account was down almost $800. After contacting Bellco Financial
Services, Joyce was able to erase the damage done by the shopping
spree she never took.
The "Lebanese Loop" is another popular ATM scam. Scammers insert
a portable steel loop into an ATM card slot. The scammer usually
approaches the victim while at the machine, and poses as the person
next in line. Victims are advised to enter their PINs three times
and then hit cancel to get the machine to accept the cards. The
scammer is able to memorize the PIN for future use and the machine
keeps the card because of the excessive number of attempts to enter
the correct PIN. Victims leave in frustration because they couldn't
get any money and they've lost their card. Once the loop is taken
out of the ATM the scammer has the card and the PIN number for
future transactions. This is a relatively new scam that many
experts believe will be short-lived due to fast technology
While it is difficult to guarantee protection from ATM scammers,
there are security tips that lessen the risk. Be on the lookout for
anything out of the ordinary at the ATM, such as odd- looking
equipment or wires. As always, monitor your accounts regularly to
make sure there is no unusual activity.
If you've been scammed, the FTC Web site has information on the steps you
need to take to clear your name and protect your identity.