NEW YORK, April 21 /PRNewswire/ -- The National Cyber-Forensics & Training Alliance (NCFTA) has identified its top-five spam scams of March 2005. These include fraudulent e-mail purporting to come from the Federal Bureau of Investigation (FBI) and the redirecting of a Web request to another, bogus location.
The NCFTA is a nonprofit organization focusing on cyber crime issues. It operates the Direct Marketing Association's (The DMA) Operation SLAM Spam in affiliation with the FBI. SLAM Spam is supported financially by The DMA. The DMA is working with NCFTA, as well as federal authorities, nonprofit organizations, and business organizations, to fight fraudulent spam.
"The Internet represents the 'New Frontier' when it comes to fraud," said Patricia Kachura, Senior Vice President, Ethics and Consumer Affairs, The DMA. "Everyone, consumers and businesses alike, must be constantly vigilant to scams that seek to collect personal or financial information to be used to commit fraud."
Online fraud cost merchants $2.6 billion in 2004, an increase of $700 million from 2003, according to a survey conducted by CyberSource Corporation. Approximately two percent of all online sales are fraudulent. While significant resources are being dedicated to fighting fraud, it is still imperative that consumers and merchants also take direct responsibility and make sure they know with whom they are doing business before providing valuable personal and financial information.
The top five spam scams for March identified by the NCFTA include:
1. Pharming Attacks: Pharming is the redirecting of an individual's Web
request to another location. For example, if an individual with an
infected computer conducts online business with a specific bank, that
person will type the bank link into the address bar, but will be
redirected to a designated phishing site that looks very similar to
the authentic site but is, in fact, fraudulent. Because the
individual did not click on any obscure link, the site will appear to
be legitimate.
Pharming can also result from a hijacked Domain Name Server (DNS), an
Internet service that translates domain names into IP addresses.
When a hacker poisons a DNS, he or she changes the specific record
for a domain, sending individuals to a Web site very different from
the one they intended to access -- without their knowledge. Usually,
the hacker does this by posing as an official who has the authority
to change the destination of a domain name. DNS poisoning is also
possible via software vulnerability.
2. Google Hacking: NCFTA has identified a site advertising several
hundred instances of scammers using the Google search engine to
retrieve sensitive information from individuals. Using an explicit
search command, it is possible for scammers to find business resumes
that individuals have posted on the Web. These documents often
contain information such as Social Security numbers, family history,
dates of birth, home addresses, phone numbers, and education.
Individuals who unknowingly provide all this personal information are
very susceptible to identity theft. NCFTA is compiling information
about the hacking site to be turned over to law enforcement if
specific violations can be identified. NCFTA through The DMA also
has alerted the Federal Trade Commission to this scam.
3. FBI Virus/Spam Hoax: The NCFTA has assisted the FBI with its
investigation concerning a fraudulent e-mail hoax
(http://www.ifccfbi.gov/strategy/wn050223.asp). The FBI has become
aware of spam e-mail fraudulently claiming to be from fbi.gov
accounts. The e-mail sounds official, even threatening, in tone, and
appears to be sent from the e-mail addresses of police@fbi.gov,
fbi@fbi.gov, officer@fbi.gov, and web@fbi.gov. The recipient is
enticed to open an attachment that contains a W32.Sober.K@mm worm.
The actual text of the e-mail is shown below:
You have visited illegal Websites.
Dear Sir/Madam,
We have logged your IP address on more than 40 illegal Websites.
Important: Please answer our questions! The list of questions are
attached.
Yours faithfully, M. John Stellford
Federal Bureau of Investigation -- FBI --
935 Pennsylvania Avenue, NW, Room 2130
Washington, DC 20535
(202)324-3000
4. Phishing: Phishing attacks use spoofed e-mails and fake Web sites to
fool recipients into revealing personal information or to have a
Trojan/virus placed into their computer. By using trusted brands of
well-known companies such as financial institutions, online
retailers, ISPs, and credit card companies, phishers attempt to dupe
innocent consumers into revealing their personal information.
Phishing schemes are often delivered via spam e-mail.
5. Nigerian Scams: There are several variations of this scam that, at
its core, either informs the recipient that he/she is allegedly due a
large sum of money or asks for their assistance with some form of
illegal money laundering. The recipient either will be asked to
provide money as "processing fees" or personal financial information
to facilitate the transaction. These scams, which were more abundant
last year, have reemerged in conjunction with the tsunami scams.
The above five spam scams are based solely on limited NCFTA data. However, this information is then shared with the FBI, which, with assistance from The DMA's SLAM Spam project, provides law enforcement authorities with a much more robust understanding of the top spam scams.
Useful tips to detecting and combating fraudulent spam, include:
* Never reveal personal information to an unverified recipient. This includes:
-- Login names and passwords
-- Credit card numbers
-- PIN numbers
-- Bank account numbers
-- Mother's maiden name
-- Social Security number
-- Date of birth
* Never respond to requests for the personal information listed above via
e-mail. If the e-mail looks "phishy," call the company that claims to
have sent you the e-mail to verify its authenticity. Look up the phone
number on your own and do not trust any numbers supplied by the e-mail
without verifying them. Never trust hyperlinks in e-mails. Visit Web
sites by typing the URL into your address bar. Review your credit card
and bank statements for any unusual transactions. Report them
immediately if you find any unauthorized transactions.
* Report suspected abuses of your personal information to the proper
authorities. Do not use the same passwords on multiple sites.
* Avoid opening spam that contain attachments, especially if they contain
an ".exe" or ".d11" suffix.
* Eliminate spyware by following the list of countermeasures offered by
the NCFTA. These can be found by visiting The DMA's Web site and
clicking on the "For Consumers" section (http://www.dmaconsumers.org/).
To obtain additional information about fraudulent spam and to learn tips for not getting phished, please visit the following DMA and FTC Web sites: http://www.the-dma.org/, http://www.ftc.gov/bcp/conline/pubs/online/inbox.htm
