Crimes at Cyber Headlines

Wednesday, October 28, 2009

Email Fraud


Courtesy wikipedia
Fraud has existed perhaps as long or longer than money. Any new sociological change can engender new forms of fraud, or other crime. Almost as soon as e-mail became widely used, it began to be used to defraud people via e-mail fraud. E-mail fraud can take the form of a "con game" or scam. Confidence tricks tend to exploit the inherent greed and dishonesty of their victims: the prospect of a 'bargain' or 'something for nothing' can be very tempting. E-mail fraud, as with other 'bunco schemes' relies on naive individuals who put their confidence in get-rich-quick schemes such as 'too good to be true' investments or offers to sell popular items at 'impossibly low' prices. Many people have lost their life savings due to fraud.

Forms of e-mail fraud

Spoofing

E-mail sent from someone pretending to be someone else is known as spoofing. Spoofing may take place in a number of ways. Common to all of them is that the actual sender's name and the origin of the message are concealed or masked from the recipient. Many, if not most, instances of e-mail fraud use at least minimal spoofing, as most frauds are clearly criminal acts. Criminals typically try to avoid easy traceability.

Phishing for data

Some spoof messages purport to be from an existing company, perhaps one with which the intended victim already has a business relationship. The 'bait' in this instance may appear to be a message from 'the fraud department' of, for example, the victim's bank, which asks the customer to: "confirm their information"; "log in to their account"; "create a new password", or similar requests. If the 'fish' takes the 'bait', they are 'hooked' -- their account information is now in the hands of the con man, to do with as they wish. See Phishing.

Bogus offers

E-mail solicitations to purchase goods or services may be instances of attempted fraud. The fraudulent offer typically features a popular item or service, at a drastically reduced price.

Items may be offered in advance of their actual availability, for instance, the latest video game may be offered prior to its release, but at a similar price to a normal sale. In this case, the "greed factor" is the desire to get something that nobody else has, and before everyone else can get it, rather than a reduction in price. Of course, the item is never delivered, as it was not a legitimate offer in the first place.

Such an offer may even be no more than a phishing attempt to obtain the victim's credit card information, with the intent of using the information to fraudulently obtain goods or services, paid for by the hapless victim, who may not know they were scammed until their credit card has been "used up".

Requests for help

The "request for help" type of e-mail fraud takes this form. An e-mail is sent requesting help in some way, but including a reward for this help as a "hook," such as a large amount of money, a treasure, or some artifact of supposedly great value.

This type of scam has existed at least since the Renaissance, known as the "Spanish Prisoner" or "Turkish Prisoner" scam. In its original form, this scheme has the con man purport to be in correspondence with a wealthy person who has been imprisoned under a false identity, and is relying on the confidence artist to raise money to secure his release. The con man tells the "mark" (victim) that he is "allowed" to supply money, for which he should expect a generous reward when the prisoner returns. The confidence artist claims to have chosen the victim for their reputation for honesty.

Other form of fraudulent help requests is represented by romance scam. Under this, fraudsters (pretended males or females) build online relationships, and after some time, they ask for money from the victims, claiming the money is needed due to the fact they have lost their money (or their luggage was stolen), they have been beaten or otherwise harmed and they need to get out of the country to fly to the victim's country.

This confidence trick is similar to the face-to-face con, known as the "Stranger With a Kind Face," which is the likely origin of at least the title of the vaudevillian routine known by the same name, as "Niagara Falls," or as "Slowly I turned..."

The modern e-mail version of this scam, known variously as the "Nigerian scam", "Nigerian All-Stars," etc., because it is typically based in Nigeria, is an advance fee fraud. The lottery scam is a contemporary twist on this scam.

Avoiding e-mail fraud

Due to the widespread use of web bugs in email, simply opening an email can potentially alert the sender that the address to which the email is sent is a valid address. This can also happen when the mail is 'reported' as spam, in some cases: if the email is forwarded for inspection, and opened, the sender will be notified in the same way as if the addressee opened it.
E-mail fraud may be avoided by:

  • Keeping one's e-mail address as secret as possible.


  • Using a spam filter.


  • Ignoring unsolicited e-mails of all types, simply deleting them.


  • Not giving in to greed, since greed is often the element that allows one to be "hooked".

Many frauds go unreported to authorities, due to shame, guilty feelings or embarrassment.

above image is from techshout.com