New and new types of internet based scams are coming to knowledge in the recent years. It is necessary for all internet users that they at least try to know about the basic of the patterns used by scammers to deceive them. So in this article we are going to discuss in what ways scammers can deceive us and how we can prevent to fall victim to the scammers.
Beware of Scams:
People are getting to know about the prospective scams but with each day the hackers and criminals are coming up with newer strategies to deceive us. Hackers are in quest of our financial, password, and personal information. They use all sort of information to deceive us. It is important not to share your sensitive information with strangers on the internet. A scam can result in to identity theft, normal theft, loss of access to accounts or compromised computer. And a compromised computer can send all available information to the hacker.
The term Social Engineering refers to manipulating people to break normal security procedures. The main principle behind this strategy of the hackers is the fact that people are easy to manipulate by persuading them. It means that people can be tricked by showing a genuine looking reason but it is difficult to force them into some act. That’s why social engineers play with the natural tendencies of the people. They use the weakness of the people who take pity on someone and agree to help someone in need. The scams discussed in this article are examples of social engineering.
Key Indicators of a Scam:
Most of the time criminal people use emails, other internet based service and telephone calls to trick people into describing some useful information. Following are some key indicators of fake programs or scams,
- Someone asks about your private information, financial account information, Social Security Number, money, or your password.
- Someone sends you an email with a link and asks to follow the link or an attachment and ask to open it.
- Someone sends an email and ask you to send it to all your friends and family members.
- Someone asks you to believe something unusual. And offers you a huge amount of money against your cooperation.
- Someone lets you know or your observe in the email that,
- This email is addressed to a person other than you.
- The sender or/and receiver name is not written.
- The email contains spelling or grammatical errors.
- The link in the email appears to be misleading.
- The email contains an suspicious file extension (e.g.: *.zip, *.exe, *.vbs, *.bin, *.com, *.pif, *.zzx)
- The sender is sending a link containing an e-card or a tracking link of a parcel sent by sender.
- The sender says you to follow a link and check his or her pictures of videos and you do not even know the sender.
How to Protect Yourself:
- Always install a registered antivirus that automatically updates and receives updates and patches to coup with newer problems. If possible purchase antivirus, because purchased antivirus are software are more efficient than a free one.
- Do not you ever tell someone about your password if someone reaches you through email, instant message or phone call. Do not share even your password related hint because one can identify your password using that hint.
- Do not ever share your sensitive personal, financial, log-in, business, system or network information to unknown people asking for this kind of information.
- Do not ever open files, click a link or call numbers in unsolicited emails, text messages, instant messages, Facebook postings, tweets, etc.
- Do not click on the link. First go to the default page of the website appearing in that email and check what’s on that website.
- Malicious links are harmful to your computer or the link may end up you to websites programmed to steal your information. Malicious attachments can harm your computer. Even some links look like a link of a good and secure website but he lead to some other website that the sender want you to visit.
- If you determine that the sender is unknown, then ignore or delete it.
- The cryptic or shortened websites links (e.g. Tiny URLs) are widely used today. These links are particularly risky because you can’t easily tell where they are supposed to go.
- Do not click on suspicious links or pop-up windows. Keep your web browser’s pop-up blocker on to help prevent these automatically opening windows.
- Once you determine that the email is spam and suspicious, delete it right away. Do not open, forward or reply to them.
Report Spam and Phishing:
It is important to take action of any scam or hacking attempt against you. Do report this matter to your email service, your organization’s IT Security officials. If possible, try to take help of some expert that can guide you on the important steps you can take to prevent yourself from any future attack.
Impersonation: In this kind of attack, the sender pretends to be someone from authorized persons that can request some information from you. In this case, the sender poses as an IT representative of a concerned organization in order to obtain information and sometimes direct access to systems. It is a common practice among the hackers that they first gather data related to a victims choices and they ways in which that person can easily be persuaded to share information. It is possible that a hacker sends a different email to an accountant than that of the email that hacker sends to a doctor or engineer.
Dumpster Diving: This kind of attack means the attacker physically go near the place of the victim and tries to check the garbage of the victim. All the matter present in the bin portrays the interests and habits of the victim. It has been observed that the attacker tries his or her best to explore any accessible knowledge about a prospective victim. Generally, hacker checks the profiles of the victim and checks the interests of a victim. This information help attacker device a plan to persuade towards his or her offer accordingly. If a person shares ‘investments’ related quotes or/and articles on his or her Facebook profile, then the attacker would come up with an attractive investment proposal.
- It is a scam in which an attacker tries to steal information or passwords, compromise computers or trick you out of money. These kind of attacks are generated through emails as email is free and fastest way to reach out victims. Sometimes attackers send its message using text messages, posts on social media sites, pop-up windows or phone calls. This kind of attacker may ask for your name, account information, date of birth, ID document, Social Security number, passport, address, etc. They may persuade you to click on a link or open a file.
- Here are some examples:
- “There’s a problem with your account” – the attacker can send you this kind of message to ask for your password.
- “Click this link” – the attacker can send this message to land you on a website that is malicious and can make you click on such an option that can compromise your system.
- “Open this attachment” – it is similar to “click this link,” by sending this kind of email, the attacker want you to open the attach file which may be a virus application and installing which can compromise your system.
- Security alerts are often observed on different websites. Generally these security alerts are advertisements of information or system security firms. But sometimes by clicking on security alert, you land on a website that is malicious and can harm your system.
- Money Phishing is a common technique used by attackers. In this kind of phishing attack, the attacker pretends to be a native of another country and ask for your help in getting a sum of money and agrees to give you a major share of that money. Moreover, sometimes attackers send friendship messages to the persons of opposite gender and ask for friendship by saying that he or she is interested victim. These relationships also end up in a fraud.
- An important point to note that your email service, like Yahoo, Hotmail or Gmail will never in any condition ask for your password, Social Security number, or any confidential or personal information.
- There are plenty of resources on the internet that teaches us how to prevent ourselves from a scam. For more details please refer to internet.