Cyber Security Lesson 4: Recognizing E-mail Scams

emailscam

In Lesson 2, we mentioned that hackers tend to use e-mail communication to trick their victims into downloading malware or leaking their secure information (i.e. bank account numbers, social security numbers, etc.). Since e-mail is such a powerful and convenient communication tool, this understandably makes people nervous… how do you recognize legitimate e-mails from scams?!

Well, the team at HKA has done our research and are here to help!

Recognizing E-mail Scams:

While it is impossible to explain or even know every e-mail scam that’s out there, we are able to inform you on the most used and most dangerous scams. After you are able to recognize these scams, you can use your new found skill to weed out the rest!

There are five categories that the top e-mail scams fall under:

  • “Old-fashioned” Fraud Schemes
  • Social Engineering/Phishing E-mail Scams
  • Trojan Horse Scams
  • 419 Advanced Fee Fraud Schemes
  • Virus Generated E-mail Scams

“Old-Fashioned” Fraud Schemes: These scams have existed since before e-mail. They have been revamped for e-mail and are constantly being reused. The FTC has a list of the 12 most common, aptly named “The Dirty Dozen”:

  1. Bogus Business Opportunities: e-mails that promise the opportunity to make a great deal of money with little effort, while giving little information about the business opportunity. It may contain a link to a website where you can buy an “information kit”. Subject lines include: “Put your computer to work for you!”, “Get Rich Quick!”, “eBay Insider Secrets Revealed”.
  2. Chain Letters: e-mails with outrageous claims that contain malware. Subject lines include: “You’re about to make $50,000 in 90 days!”
  3. Work-at-home Schemes: e-mails much like Bogus Business Opportunities which promise you the opportunity to make more while working at home. Subject lines include: “Be Your Own Boss”, “Set Your Own Hours”.
  4. Health and Diet Scams: e-mails that offer quick fixes with amazing results through “scientific breakthroughs”. Some even come with testimonials from “cured consumers” and endorsements from “famous medical experts”. Subject lines include: “Need to lose weight for summer?”, “Take years off your appearance!”, “Natural Health Remedy That Works!”
  5. Easy Money: e-mails that offer easy ways to earn money quick. Subject lines include: “Learn how to make $4,000 in one day”, “Make unlimited profits exchanging money on world currency markets”.
  6. Free Goods: e-mails that offer valuable items, such as computers, for free if you sign up as a member. After paying the membership fees, you then realize you are not eligible for the free items until you recruit other members. Subject lines include: “Get a FREE Mac Laptop!”
  7. Investment Opportunities: e-mails that claim outrageously high rates of return with no risk. They may even offer fake statistics and misrepresent the significance of a current event. Subject lines include: “Invest now! Make money! NO risk!”
  8. Bulk E-mail Schemes: e-mails that claim that you can make money sending out your own solicitations via bulk e-mail and will offer to sell you lists of e-mail addresses or software. They do not state that the lists are fake or that several states have laws regulating the sending of bulk e-mails that you will be violating. Subject lines include: “Make easy money!”
  9. Cable Descrambler Kit: e-mails that claim they can sell you a cable descrambler kit so you can receive cable television without paying the subscription fees. They do not mention that the kits do not normally work or that stealing cable service is illegal! Subject lines include: “Get FREE Cable!”
  10. Guaranteed Loans and Credit: e-mails that offer financial loans like home-equity loans or guaranteed, unsecured credit cards regardless of your credit for a small fee. These “loans” end up being a list of lending institutions and the credit cards never arrive. Subject lines include: “Get your guaranteed credit card TODAY!”
  11. Credit Repair Scams: e-mails that offer to either wipe your credit record or create a new credit record for you for a fee. Wiping your credit record is impossible and creating a new one is illegal! Subject lines include: “Repair your credit NOW!”
  12. Vacation Prize Promotions: e-mails that claim you have been selected to receive a “luxury” vacation at a bargain-basement price! IF you get an actual vacation, the accommodations are far from deluxe. Subject lines include: “You’ve won a BAHAMAS VACATION!”

Social Engineering/Phishing E-mail Scams: As we explained in Lesson 2, phishing (or social engineering) e-mails are crafted to look like they come from a legitimate institution. They include a link to a counterfeit web site that resembles the real website, enticing you to put in your personal and secure information such as your account number and password. *If you were to view the scam e-mail in HTML, you would probably see that the visible link and the actual link information coded into the e-mail are two different locations! Some of the most common phishing e-mails include:

  • Fake correspondence from a bank or financial institution, claiming there is a “problem” with your account. These e-mails request you validate your account online and provide you a link to a counterfeit website.
  • Fake communications from online payment and auction services (i.e. Amazon or eBay) or internet service providers (i.e. AT&T). These e-mails claim there is a “problem” with your account and request that you access a (bogus) website to provide personal and account information.
  • Fake accusations that you violated the Patriot Act. The e-mail seems to be sent from the FDIC and states that the FDIC refuses to ensure your account because of “suspected violations of the USA Patriot Act”. It then requests you provide information via an online form. If you fill out the information, the hacker is able to easily steal your identity!
  • Fake communications from an IT Department. These e-mails claim that they need your passwords and other secure information, which hackers can then use to hack your organization’s networks and computers.
  • Low-tech versions of any of the above asking you to fax back information on a printed form you can download from a counterfeit website or as an e-mail attachment.

The Anti-Phishing Working Group is a great resource to learn more about phishing scams and to report if you believe you are a victim of phishing.

Trojan Horse Scams: These e-mails contain attachments that promise something you might be interested in, such as a joke, photograph, or software patch. When downloaded, the attachment contains malware that also gets downloaded. This malware can do any of the following:

  • Create a security vulnerability on your computer
  • Open a secret “backdoor” to allow an attacker access to your computer
  • Log and send your keystrokes to a hacker so they can discover your passwords and usernames to your secure accounts
  • Monitor your online transactions and activities
  • Provide a hacker access to your files
  • Turn your computer into a “bot” that hackers can use to send spam, launch denial-of-service attacks, or spread the virus to other computers

Some of the most common Trojan Horse Scams have included the following:

  • The “Love Bug” e-mail, which states it contains a love letter from a secret admirer
  • An e-mail posing as a virtual postcard
  • An e-mail disguised as a security bulletin from a software vendor and offering a software patch
  • An e-mail with a “funny joke” attached
  • An e-mail claiming to be from an antivirus vendor and offering a “virus sweeper” free of charge

419 Advanced Fee Fraud Schemes: *Due to the nature of these scams, the following was taken verbatim from the US-CERTThese schemes are quite elaborate and despite their somewhat preposterous appearance manage to hook a surprising number of victims. Essentially, these scams attempt to entice the victim into a bogus plot to acquire and split a large sum of cash.

Many perpetrators of this kind of fraud have been Nigerian citizens. Consequently, the name “419 scheme” is taken from the section of the Nigerian penal code that addresses fraud.

419 scams are recognizable by their subject lines, which frequently call for an urgent response or refer to a personal introduction, and sender names, which are frequently (though not always) African or African inspired. Examples of senders and subject lines include those in the list below. You should note, however, that these examples are merely a few of the many thousands of variations of names, subject lines, or stories used in these scams.

Sender: usman bello Subject line: URGENT REPLY NEEDED
Sender: Charles Connech Subject line: Re: Pleased to meet you!
Sender: Miss Kate Kasaka Subject line: Miss Kate Kasaka
Sender: Mr.Adnan A.K.Ismail Subject line: Cooperation
Sender: MR. Michael Okpala Subject line: Good dey from MR. Michael Okpala

 

A 419 Advanced Fee Fraud begins with an e-mail that looks like this:

Date: Wednesday, August 24, 2008 5:55 PM -0700
From: “Mr. Henry Bassey Udoma” henrybassey_udoma@example.com.ar
To: mrtarget@example.com
Subject: From: Henry (Regarding Dr. H. Paul Jacobi)
From: Henry (Regarding Dr. H. Paul Jacobi)

Hello,

I am sending you this private email to make a passionate appeal to you for assistance. Kindly accept my apology for contacting you this way and forgive me if this is not acceptable to you. My name is Henry Bassey Udoma; I am an auditor at one of the Nigerian Banks. On Tuesday, 19 January, 2006, one Dr. H. Paul Jacobi a foreigner, made a numbered time (Fixed) Deposit, valued at £10,550,000.00 (Ten Million, Five Hundred and Fifty Thousand Pounds) for twelve calendar months in my Bank Branch.

Upon Maturity, we sent a routine notification to his forwarding address but got no reply. After a month, we sent a reminder and finally we discovered from his company that Dr. Paul A. Jacobi was aboard the Egypt Air Flight 990, which crashed into the Atlantic Ocean on October 31, 2006. After further investigation, it was discovered that he died without making a WILL and all attempts to trace his next of kin proved abortive….

 

These schemes work by getting the victim to take the initial bait, then slowly convincing him or her of the legitimacy of the plot through a series of forged documents, carefully crafted communications, and even visits by the victim to the country of origin for meetings with bogus officials in bogus government offices. At a key juncture in the scam, the perpetrators will ask the victim to advance them money to pay fake fees or bribes. Additionally, they may extract what amounts to an extortion payment by threatening to cut the victim out of the plot. Once the perpetrators believe they’ve gotten all they could from the victim, they cut off communication and vanish.

In short, if you discover an e-mail in your inbox proposing a complicated arrangement to secure and split funds in a foreign land, you can safely assume someone is trying to ensnare you in a 419 scam.

Virus-Generated E-mail Scams: These e-mails seem to be coming from a familiar address, such as that of a friend, coworker, or relative, but actually contain a virus. Many viruses spread by first searching for all e-mail addresses on an infected computer and then sending themselves to these addresses, disguised as an e-mail sent from the victim. These e-mails generally contain the characteristics of “Old-Fashioned” Fraud Schemes or Trojan Horse Scams.


Now that you know how to recognize e-mail scams, you need to know how to protect yourself from them! Stayed tuned for our next post!

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s