Sep 15, 2013
Posted by Robert Creech in: May Contain Nuts
(“May contain nuts” – a series of short articles discussing familiar topics which we should all revisit once in a while)
In the early 20th century two con-men, George C. Parker and William McCloundy, successfully ‘sold’ the Brooklyn Bridge to unwitting and, one assumes, wealthy tourists. There are other similar, perhaps apocryphal, stories and it is from these that we have the phrase “If you believe that, I’ve got a bridge to sell you.”
Changing situations present new opportunities for the dishonest minority and technology has been no exception.
Many of us will have received emails advising that we are in line for a small fortune of overseas wealth……subject to confirming our banking details or covering the modest administration fees up front. In fact this scam predates email having been seen on standard letters and faxes, even acquiring its own identification of “419” which refers to the article of the Nigerian Criminal Code dealing with fraud.
The scam tapped into greed or desperation though most of us would like to think ourselves savvy enough to not fall for this. Some schemes, however, are a little more thought out. A quick search of the internet will provide a wealth of information and examples but I have picked out a few to illustrate what should set the alarm bells ringing.
The “Virus” phone call;
The Pitch – you receive a phone call, often claiming to be from Microsoft, advising that you have a virus on your PC. They can talk you through what might be wrong and, by following the caller’s instruction, end up having access to your PC to demonstrate the problem.
The Scam – you will either be asked for credit card details to pay for the fix or, by following the caller’s instructions, may have installed something which allows the scammer access to further personal details such as bank details.
The Clues – Even if an organisation has accurately identified your PC as containing a virus they shouldn’t have access to information that matches this to your phone number.
The Correct Response – end the call and, if you have any doubts, check with your trusted IT support regarding the welfare of your PC or laptop.
The on-screen Virus Warning (or drive-by download)
The Pitch – an unexpected screen pops up and displays a virus warning and/or a visual representation of a virus scan in progress identifying ‘threats’ on your system.
The Scam – at this point in time things may still be quite benign, but click on any of the warning windows at your peril as you may be accepting a further download. You may have already inadvertently triggered some software without realizing it.
The Clues – the warning screen is actually a browser window and may even show up as such on the taskbar. The name of the faux virus software ‘scanning’ your system will be unfamiliar to you compared with your installed anti-virus software
The Correct Response – resist the temptation to click on any windows. Close active windows from the task bar or task manager. Run scans using your legitimate anti-virus software and, if you have any doubts, check with your trusted IT support regarding the welfare of your PC or laptop.
The ‘Surprise’ Parcel notification
The Pitch – you receive an email containing a notification that your delivery has shipped or needs to be collected. The mail contains a link for further details.
The Scam – the link takes you to a compromised site or may even be straight to a download of some malicious software.
The Clues – In the more poorly constructed examples the sending address will look false. If you are asked to open an attachment or click on the link, be suspicious.
The Correct Response – as with any email of which you are unsure of either sender, content or both, delete it. If your curiosity is roused, check on line or in local business directories for contact details of the courier company and contact their customer service to see whether there really is a parcel to collect.
There are many, many more examples so plenty of scope to revisit the subject in a subsequent article. What I hope we can take away from this piece is the principles of being both vigilant and sceptical. Good anti-virus software is a must, appropriate email scanning tools (on the PC or at source) is a useful addition but, ultimately, we must keep our wits about us and look for the clues in the various media which is open to exploitation.
Finally, do remember that the confidence trickster is so named for a reason. If one does fall foul of a particular scam then then appreciate that you have been exploited by someone else’s dishonesty and trickery. However, if you are in the habit of clicking links in emails and accepting unsolicited correspondence at face value, ask me for the going price on the bridge I’m currently selling.