Internet Fraudsters Get Personal

May 2009


With all the media attention that’s been rightfully paid to growing problems of hackers, malware and other high-tech cyber-attacks, a recent study from the Virginia-based National White Collar Crime Center (NW3C) is a reminder not to forget about more elemental versions of Internet crime. The confidence trick—often perpetrated via e-mail—is still an efficient means of lining the pocketbook.

“One of the reasons it goes on so much is that there’s such a variety in the story,” says Jason Boone, research assistant with NW3C, a non-profit organization that assists law enforcement in high-tech criminal investigations. “Unless you ignore all these [twists], you can get sucked into it.”

The newest scams aren’t your old-fashioned investment scheme proposed in an e-mail by an overseas “government” or “banking” official with a poor command of English. According to Boone, new scams are more targeted, sophisticated and successful in ensnaring unsuspecting marks.  Fraudsters posing as representatives of banks or other trusted institutions address targets by their first names. Some have taken to targeting regional victims by posing as officials from local institutions. “In this area, people are receiving calls a West Virginia-based bank,” Boone says, speaking from his Fairmont, West Virginia office.

“It’s not a legitimate call but a recording saying ‘you’re receiving this call from [this] bank—we have some concerns about your account, and it has been put on hold until you can verify your information is secure.’” Victims who call the number provided are met with another recording instructing them to supply personal banking details. “All they want you to do is to directly enter in your information,” Boone says.

According to the NW3C’s 2008 Internet Crime Report, complaints of Internet crime last year were up 33 percent from 2007. From January through December 2008, consumers filed 275,284 complaints online, through the Internet Crime Complaint Center (IC3) web site. While the self-reported data is not a perfect barometer of total Internet crime (many online victims aren’t immediately aware they’ve been targeted, or how), the NW3C data reflects persistent problems with some of the most common forms of Internet crime. Non-delivered merchandise was the most prevalent type of reported Internet fraud, accounting for 32.9 percent of all cases, while auction fraud, at 25.5 percent, and credit/debit fraud, at 9.0 percent, rounded out the top three categories. (Through a partnership, complainants report directly to the IC3.)

Consumers should be on alert for such snares as confidence fraud and Nigerian letter fraud, which rank fourth (7.9 percent) and seventh (2.8 percent), respectively.

Boone says victims are not “stupid,” as is sometimes thought, but just not informed about the variety of fraud that’s out there. “They might hear on the news or something ‘be on the lookout for a Nigerian letter scheme’ and they’re expecting a letter from Africa or an e-mail stating it’s from Africa,” he says. But instead it could be an e-mail from someone who purports to be a member of a local clergy looking for donations.

Boone says hard financial times have made people more susceptible to online ploys. “For the first three months of 2008, we received on average 20,000 complaints each month. This year, we’re already seeing 30,000 complaints each month,” Boone says.  Scams promising tax rebates or other federal rebates have been used by scammers in recent months, he says, and phishing schemes continue to flourish with the help of technologies like voice-over-Internet protocol that help scammers better conceal their identities.

The best advice for consumers? Take a step back, and verify the identity of anyone you’re dealing with by telephone or on the Internet. Always enter the URLs of trusted web sites manually; don’t follow links. If you do wind up on a site you’re unsure of, close the browser and return to the URL you know to be associated with the site. Only deal with representatives by telephone after you’ve called a number known to be legitimate—“grab your billing statement or open your phone book,” when in doubt, Boone says. “It only takes a few seconds to make sure everything is on the up and up before you take a few steps forward.”