GMP Crest
You are here > Home > Internet help and guidance > Email scam guidance
Added: 01/24/2006 at 09:37:19 AM    Last Updated: 04/09/2010 at 02:43:52 PM

Internet help and guidance


Email scam guidance


The golden rule when reading emails is:  If it appears too good to be true, then it probably is!

Many emails are circulated from online criminals in an attempt to capture important security information from innocent email users.  This is done sending out fake emails regarding important banking and security information and then directing the user to an official looking website on which they submit existing details, which can be misused.  The process is known as 'Phishing' (pronounced fishing) 

Examples of such spoof emails titles are:
-- Update your credit / debit card on your eBay Account
-- eBay Update your billing information
-- AOL Payment Notification
-- Paypal Account Verification
-- Official Information from Citibank/Lloyds TSB/Barclays Bank/etc.....
-- Official Information from UK

Scammers are sending masses of spoof or fake emails out in an attempt to acquire users' Identities, passwords, credit card numbers, pins and bank account details to commit fraud.
Most of these spoof emails contain links to a forged web page or site. The email text urges you to click link on this to complete an essential account procedure such as account verification, invalid credit card/debit card details, account security update, account suspension, to name but a few.

Once the 'criminals' have this information then it can be used in a number of ways. Your credit card can be used for unauthorised purchases, or your bank account cleared out. One of the most common hoaxes is for users of online auction sites to have had their accounts hijacked in this manner and then have their accounts used to list high value items (such as mobile phones, televisions, video cameras) then receive payments from hopeful buyers but never send the goods.

Examples of widely used emails scams
West African or 419 Advance Fee Scam emails:
This Scam operates as follows: the target receives an unsolicited fax, email, or letter often concerning Nigeria or another African nation containing either a money laundering or other illegal proposal.

Common variations on this Scam include:

-- A 'bequest' left you in a will; 'money cleaning' where your contact has a lot of currency that needs to be 'chemically cleaned' before it can be used and he needs the cost of the chemicals,
-- 'spoof banks' where there is supposedly money in your name already on deposit; 'paying' for a purchase with a check larger than the amount required and asking for change to be advanced,
-- Fake lottery 419,
-- Ordering items and commodities off 'trading' sites on the web and then cheating the seller.

The variations of Advance Fee Fraud (419) are very creative and virtually endless.

At some point, the victim is asked to pay up front an Advance Fee of some sort, be it an 'Advance Fee', 'Transfer Tax', 'Performance Bond', or to extend credit, grant COD privileges, send back 'change' on an over payment on a cashier's check or money order. If the victim pays the Fee, there are often many 'Complications' which require still more advance payments until the victim either quits, runs out of money, or both.

Precautions to prevent being scammed via an email:

-- Treat all email with suspicion - What you see in the email body and the sender's address or return address can be forged.
-- Any email received from someone you don't know, especially if there is an attachment should be treated with suspicion. If in doubt don't open it.
-- Never use a link in an email to get to any web page!   If you must go there, type the URL directly into your browser's address bar.
-- Ensure that all of your software is up to date - for instance, if you use Microsoft's Windows run Windows Update every day when you first connect to the Internet.  If you use other operating systems or browsers then check daily for patches or updates.  Security 'loop holes' are regularly discovered in software and many of these scams have utilised vulnerability in Interne t browsers.
-- Ins tall a reliable anti-viru s package that is able to scan all messages, including those from reliable sources.
-- Update your virus software at least once a week or more frequently if you can. Most anti-virus software packages provide "live updates" from the supplier's website every time you connect to the Internet.
-- Never send personal or financial information to any one via email!
-- Use a browser that prohibits 'pop ups' (new windows) being launched. Such a program would prevent the display of pages born with their address bar spoofed.

logo
Privacy Statement | Disclaimer | Terms & Conditions
Copyright © 2010 Greater Manchester Police.
GMP on Facebook GMP on Twitter
GMP on YouTube GMP on Flickr