A GUIDE FOR FINANCIAL FRAUD INVESTIGATION & PRECAUTION, SHIVANI SHARMA [read my book txt] 📗
- Author: SHIVANI SHARMA
Book online «A GUIDE FOR FINANCIAL FRAUD INVESTIGATION & PRECAUTION, SHIVANI SHARMA [read my book txt] 📗». Author SHIVANI SHARMA
But scammers no longer rely solely on emails sent out to would-be victims. They now take a proactive approach, using virus programming to cause pop-up messages or warnings to warn the user of some serious and urgent problem. In some cases, such a pop-up message warns that the user’s computer is under attack, and advises him to click on the window for help. Doing so, however, may provide a clearer path into the user’s computer.
Phishing Scam Types
Phishing scams vary in scope and method – while many emails seem to throw out a wide net, others are targeted directly at a particular person or company. In addition to this broad email tactic, a number of electronic scam types have been identified, including:
Spear Phishing – Emails that look very authentic, often including the user’s complete name, or making reference to some actual activity or project the user is involved with. This information is obtained by the scammers through online research, and even by hacking into a legitimate database. This is the most successful phishing type, accounting for over 90% of attacks. Whaling – Spear phishing that targets the email of a high-ranking business executive, in an attempt to compromise the company’s network and gain important financial or client information. According to the FBI, in the two and a half years between October 2013, and May 2016, nearly 18,000 U.S. victims accounted for a loss of $2.3 billion. Cloud Phishing – As people rely heavily on backing up, storing, and sharing their information on cloud servers, such as DropBox, Google Docs, and OneDrive, scammers have begun trying to trick people out of their cloud login credentials. This may be done through phishing emails and gives these people access to whatever photos and documents are saved on the victim’s account.
Examples of Phishing Messages
Many of the old phishing messages contained poorly worded requests, spelling errors, second-language grammatical errors, and other red-flag issues. Today’s more sophisticated scammer uses official-sounding language to urge his victims to act. Examples of these read something like this:
“Our regular verification of accounts discovered some irregularity in your information. Please click here to update and verify your account information.” “Our records indicate that payment on your account is past due. Please click here to make your payment today.” (Alternatively, it may state that the account was overcharged, instructing the victim to click a link or call a certain number to receive a refund. The victim will then be asked to provide his or her bank account information for the refund.) “We suspect that an unauthorized transaction has appeared on your account. To ensure your account has not been compromised, please click the link below and confirm your identity.”In these examples, phishing messages often include some type of threat, or other sense of urgency, such as a threat of account closure if the user fails to respond immediately, or placing a very short limit on receiving a “refund.”
Phishing in Social Media
Social media platforms have turned the world into a veritable social village, encouraging people to engage in friendly relationships with others from around the globe. This has opened up a whole new frontier for phishing scammers, who maintain a variety of social email accounts with made-up names, stolen photos, and non-existent personal information.
There is an epidemic of scammers preying on people who are looking to forge personal relationships. After establishing a certain level of trust, by faking circumstances that would give them common grounds with their victim, these criminals begin duping their victims out of their hard-earned money. These requests are almost always based on a false “urgent” need, such as to pay court fees, medical bills, or for a plane ticket. Once the victim has sent money for one such need, it is easy for them to believe the scammer has other important needs for cash.
The hallmark of this type of fraud tends to be the targeting of older Americans who have at least some ability to spend sizeable amounts of money. The scammer will make up excuses about why he cannot meet his victim face-to-face. These excuses range from a sudden trip for work to illness, hospitalization, and even jail. Their requests for money are as varied, and often don’t make sense to someone on the outside looking in.
Protecting Yourself Against Phishing
The first line of defense against phishing is to never reply to, or click links within, suspect emails. If an email or message appears to be from a legitimate institution, such as your bank or credit card company and warns that there may be a problem with your account, DO NOT reply. Rather, call the institution using the phone number on your statement or card, to ask about the problem. None of these institutions will ask for your login information or password, so such a request should raise a red flag in anyone’s mind.
Other tips for protecting yourself against phishing include:
NEVER send your personal information, such as account numbers, your social security number, driver’s license number, or other identifying information in an email. NEVER enter personal information into a website if you are not absolutely certain it is a valid website. NEVER click on a link provided in an email, or call a phone number in an email if personal information may be involved. Look up the phone number yourself, or go to the company’s website yourself, to avoid being hijacked by the scammer. Update your computer’s anti-virus and anti-spyware programs regularly, and make sure your firewall is always up. Check the privacy settings on your social network accounts to limit who has access to your private information.
How to Report Phishing
As the crime of identity theft through phishing has become a global threat, a number of governmental agencies and private organizations have taken up the cause of tracking down these criminals for prosecution and protecting consumers. Most social networking sites provide information on protecting yourself against phishing, as well as advice on reporting it. For example, Facebook encourages its users to report suspected phishing on their site to phish@fb.com.
The Anti-Phishing Working Group (“APWG”) was formed to bring together a global response to various types of cybercrime. The APWG provides a way to report phishing, and instructions on what information should be forwarded with your report. The group’s public awareness campaign has adopted the slogan “STOP. THINK. CONNECT.” to encourage people to be more aware of their online presence.
In the U.S., cybercrime, including phishing, can be reported to the Federal Trade Commission (“FTC”) by forward the suspicious email to spam@uce.gov. The FBI’s Internet Crime Complaint Center (“ic3”) also takes reports of cybercrime through its website form. Whenever you are reporting phishing or suspected internet fraud, it is important to record and save as much information as possible. Saving the actual emails is vital, as these contain more information than the date, time, and purported sender. To a knowledgeable person, additional information, such as where the message actually came from, may be gleaned.
Criminal Phishing Example in Operation Phish Phry
In 2009, the director of the FBI announced a major win in taking down an international phishing ring. The agency rounded up more than 50 suspects from the U.S., and nearly as many from Egypt, charging them with targeting U.S. banks and account holders, attempting to steal their account information through phishing scams and other types of computer fraud. These scammers ultimately transferred about $1.5 million to phony accounts under their control.
The two-year investigation in Operation Phish Phry was headed up by the FBI and involved the Secret Service, the Electronics Crimes Task Force, and state and local law enforcement; as well as officials in Egypt. The driving concern that brings together so many agencies from around the globe is that, in some instances, such large scale internet fraud and cybercrime may be linked to fundraising activities by terrorist groups. While these agencies attack this type of crime on a grand scale, it is up to individuals to safeguard their information, and report suspected phishing attacks.
CYBER CRIME AND THE LAW
In the era of the cyber world as the usage of computers became more popular, there was an expansion in the growth of technology as well, and the term ‘Cyber’ became more familiar to the people. The evolution of Information Technology (IT) gave birth to cyberspace wherein the internet provides equal opportunities to all the people to access any information, data storage, analyze, etc. with the use of high technology. Due to an increase in the number of netizens, misuse of technology in cyberspace was clutching up which gave birth to cyber crimes at the domestic and international levels as well.
Though the word Crime carries its general meaning as “a legal wrong that can be followed by criminal proceedings which may result in punishment” whereas Cyber Crime may be “unlawful acts wherein the computer is either a tool or target or both”.
The world 1st computer-specific law was enacted in the year 1970 by the German State of Hesse in the form of the ‘Data Protection Act, 1970’ with the advancement of cyber technology. With the emergence of technology, the misuse of technology has also expanded to its optimum level and then there arises a need for strict statutory laws to regulate the criminal activities in the cyber world and to protect the technological advancement system. It is under these circumstances Indian parliament passed it's “INFORMATION TECHNOLOGY ACT, 2000” on 17th Oct to have its exhaustive law to deal with the technology in the field of e-commerce, e-governance, e-banking as well as penalties and punishments in the field of cybercrimes.
Cyber Crimes Means: It could be hackers vandalizing your site, viewing confidential information, stealing trade secrets or intellectual property with the use of the internet. It can also include ‘denial of services’ and viruses attacks preventing regular traffic from reaching your site. Cybercrimes are not limited to outsiders except in case of viruses and concerning security related cyber crimes that usually done by the employees of particular company who can easily access the password and data storage of the company for their benefits. Cyber crimes also includes criminal activities done with the use of computers which further perpetuates crimes i.e. financial crimes, sale of illegal articles, pornography, online gambling, intellectual property crime, e-mail, spoofing, forgery, cyber defamation, cyber stalking, unauthorized access to Computer system, theft of information contained in the electronic form, e-mail bombing, physically damaging the computer system etc.
Classifications Of Cyber Crimes: Cyber Crimes which are growing day by day, it is very difficult to find out what is actually a cyber crime and what is the conventional crime so to come out of this confusion, cyber crimes can be classified under different categories which are as follows:
Cyber Crimes against Persons:There are certain offences which affects the personality of individuals can be defined
Comments (0)