Knowledge is power. Cybercriminals know this and so, too, should anyone who accesses the Internet for personal enjoyment, work or to conduct personal business. With cybercrime rates and their associated costs continually on the rise, it’s imperative for Internet users to understand some of the most common threats in order to avoid them.
There are several types of online safety risks that anyone – even those with highly sophisticated antiviral protections – can find themselves vulnerable to. Having an understanding of what they are and how they work can enable avoidance even if all other forms of protection fail.
As they are in the offline worlds, scams are any type of scheme that is designed to part a person from their money or information that can lead others to the ability to access a target’s money. These schemes are often highly sophisticated and are meant to dupe victims into believing they are legitimate operations. Keep in mind, however, that not all Internet scams are sophisticated, but in many cases, they still work.
According to the FBI, some of the more common Internet scams include:
Protecting against scams can be as simple as heeding the old cliché: “If it sounds too good to be true, it probably is.” If an offer is unsolicited or it just smells fishy, it probably is. Do not respond to unsolicited emails. Do not follow through on “business-related” email links. Instead, go directly to the website in question. If applying for a credit card based on an offer, for example, go to the known banking company’s website directly to apply. Do not follow the link through.
Phishing scams are quite popular and don’t often have to be sophisticated to be effective. In this type of scheme, a bad guy solicits personal information, such as passwords, user names, bank account information and so on, by convincing the target the request comes from a reputable source. In essence, victims of phishing schemes willingly give up data about themselves because they believe they are dealing with a reputable source.
Phishing schemes take place online and off. In the online arena, they are often introduced via emails that may profess to come from a bank, government agency, business or other trusted source. Phishing schemes often rely on fake websites that are designed to look identical to their legitimate counterparts to collect and capture the data victims unwittingly share. A phishing email, for example, might include a link to a fake bank website that has been set up to mirror the actual, legitimate bank’s website.
This is a variation on the phishing scheme that is often more difficult to detect. In a spoofing scheme, the bad guys actually send out emails that appear to come from the trusted, legitimate source. If a person banks with ABC Money, for example, and email from that bank has an abcmoney.com identifier, the spoofed email will have the same. Essentially, the bad guys are sending out forgeries.
Since spoofing can be especially difficult to spot and easy to fall for it’s important for anyone who receives “official” email correspondence to think twice before clicking through on links and sharing information. Beyond avoiding links in an email since they can lead to bogus mirror websites, if possible, call the entity directly to see if the email is valid before taking action online to respond to whatever the request asks.
Internet hoaxes are often benign stunts meant to gain publicity or just create an environment of excitement as a hoax goes viral. Many notable online hoaxes have caught a ton of press and attention without necessarily harming anyone. One of the more famous examples of online hoaxes include the BBC’s April Fool’s Day flying penguin video.
Online hoaxes, however, aren’t always quite so innocent. If a request for money or information is attached to a viral email, video or social media share, take heed. It is possible whatever is being promoted is less than legitimate. To safeguard against hoaxes, be sure to:
Cybercriminals believe in diversifying to reel in new targets to their schemes. Attacks online can come in all forms from the very mundane to the overly sophisticated. Protecting against them requires a healthy dose of skepticism, good online security protection programs, and a willingness to follow through to make sure something is as it appears before information is shared.
Email Emma Kavanagh