Thursday, December 02, 2004

Internet Scams

It never ceases to amaze me how many ways there are for unscrupulous people to relieve unsuspecting victims of their money. There are the old, low-tech ways that still exist, such as classified ads in magazines and TV infomercials that promise get-rich-quick schemes for one low price.

And now, there is a new breed of deception, whereby charlatans make use of the Internet and e-mail to scam the gullible. In fact, some of the schemes are so polished that one no longer has to be completely gullible to fall for them.

If you are one of the zillions of Internet users who are members of the eBay online auction service, or PayPal, the online payment service, chances are you’ve received what’s called a spoof e-mail that tries to trick you into giving away your password and credit card information.

The first time I received such a spoof, a couple of years ago, I almost fell for it. I received an e-mail that had all the earmarks of being legitimate. It used eBay’s logo; it had eBay’s disclaimer at the bottom, and it sounded like it might have been written by someone at the auction service.
It claimed that my account was scheduled for termination because I had violated eBay’s terms of use policy. It said that I needed to verify my information with eBay or the account cancellation would go through.

What made me stop and think, however, was that the form that I was supposed to fill out to keep my account open was right there on the e-mail itself. I knew eBay would never ask me for my password. So I contacted the service and they told me the e-mail was a hoax.

That was the first time I had been “spoofed” by an Internet pirate. But it wasn’t the last. The hoax messages have lately started to get more and more frequent. Today alone I received three of them. All three were attempting to get into my PayPal account.

The hoaxers are become more cunning. Instead of asking for your information in the e-mail itself, the message includes an official-looking link that that takes you to a page that looks authentic. But it’s not.

Not only does the page look real, it might even include the name of the legitimate company in the Web address somewhere. But these pages are never legitimate.

For the sake of you who cringe at the use of an absolute modifier like “never,” let me say that again: E-mails from PayPal or eBay that want you to update your account information by going to a Web site and filling out a form that includes your password and credit card number are NEVER legitimate. Period.

Of course, these types of scams are not the only ones haunting the Net; they’re just the latest.
I still get e-mails from that guy in Nigeria who wants me to hold on to his $15 million for him while he arranges transportation to America. I get to keep 10 percent of it for myself. First, though, I have to give him my bank account number so he can make the deposit. I wonder if anybody has ever been naive enough to have fallen for that one.

No comments: