Federal agencies offer help in online fraud cases
I'm sure you can spot an email scam pretty quickly.
The one I received last week, which I will share below, had all the elements, plus a twist. This was a scam about a scam, starting with an attention grabbing subject line: "Provisional Approval to Compensate Scam Victims."
Signed by a top official: "Office of the Presidency, Federal Republic of Nigeria."
With an official message: "Your name appeared amongst the Scam victims here in Nigeria and you are to contact me with your exact contract/inheritance sum owed to you for verification."
A call for secrecy: "You are advised to keep this communication highly confidential."
A request for personal information: "Also contact me immediately with the following information's so that I can submit your file to the paying bank to commence your payment" (your name, phone, banking details and occupation).
And, the sign-off, which was a new one for me: "Sent from my Verizon Wireless BlackBerry."
While this email was a clear fraud, others may not be so obvious.
What if you or an employee of yours receives an email from a vendor you use, such as UPS or FedEx, saying there is a problem with a shipment? Or your bank, citing complications with your account? Or the Better Business Bureau, saying that complaint has been filed against you? Or a court saying that you have been served a subpoena?
Such emails are being used by cyber criminals to trick people into opening attachments containing malware that infects the local network you're working from.
According to a report titled, "Fraud Advisory for Businesses: Corporate Account Take Over," published by the U.S. Secret Service, the FBI, the Internet Crime Complaint Center (IC3) and the Financial Services Information Sharing and Analysis Center, the malware "allows the fraudster to `see' and track employee's activities across the business' internal network and on the Internet."
Alarmingly, "This tracking may include visits to your financial institution and use of your online banking credentials used to access accounts (account information, login, and passwords). Using this information, the fraudster can conduct unauthorized transactions that appear to be a legitimate transaction conducted by the company or employee."
This activity, which targets small businesses, is called corporate account takeover and is rising.
You'll find the full report, which also includes specific recommendations on how to enhance the security of your computers at the IC3 website, www.ic3.gov. It is an eye-opener and a must-read for anyone running a small business.
Cyber criminals are also posing as "applicants" on corporate job websites, infecting the company's system and gaining access to the company's banking credentials.
Here are some precautions to observe.
If you (or an employee) receive an email from someone you don't know, should you:
Respond to it? No.
Click on links contained in the email? No.
Open attachments? No.
Fill out forms that ask for personal information? No.
If you get an unsolicited email from your bank, brokerage firm, credit card issuer or a vendor, should you:
Respond directly, assuming it is from the organization? No. Go to the official website for the business instead of "linking" to it through the email -- or call the business to confirm that it is legitimate email. Don't use the contact phone number provided in the email, of course.
What if the email says there is a problem with your account and that you must respond immediately? Be wary, says the FBI. Creating a sense of urgency is a scammer's technique to get you to act quickly. Don't open attachments.
And another safety tip -- Use a dedicated computer to do banking. Use another to do web browsing and emailing.
To get up-to-date information on cyber scams, you can sign up for email alerts, as well as file complaints, on the IC3 website. IC3 is a partnership between the Federal Bureau of Investigation, the National White Collar Crime Center and the Bureau of Justice Assistance. IC3 receives, develops and refers criminal cyber crime complaints.
For more information, go to www.fbi.gov/scams-safety/e-scams.
Julie Jason, JD, LLM, author of the award-winning "The AARP Retirement Survival Guide: How to Make Smart Financial Decisions in Good Times and Bad," is a money manager and principal of Jackson, Grant Investment Advisers Inc. of Stamford. She welcomes questions for consideration in her column. Please email her at email@example.com or write to her c/o The Advocate and Greenwich Time, 9A Riverbend Drive South, Box 4910, Stamford, CT 06907. Copyright 2011 Julie Jason.