Avoiding Potential Fraud
Internet fraud can occur in chat rooms, email, message boards, or on websites. Phishing is an example of a social engineering technique used to deceive users and exploit the poor usability of current web security technologies. Some of these techniques include:
PayPal Checklist
Online merchants such as PayPal often provide security tips to help consumers protect their personal information.
- Communications purporting to be from popular social web sites, auction sites, online payment processors, or IT administrators
- Emails containing links to websites infected with malware, also known as email spoofing
- Instant messaging directing users to enter details at a fake website that has a look and feel almost identical to the legitimate one
Other online fraud, such as pharming, occurs when a hacker redirects website traffic from a legitimate website to the hacker's fraudulent website by exploiting vulnerabilities in the Domain Name System (DNS). By corrupting a computer's knowledge of how a site's domain name maps to its IP address, the attacker causes the victim's computer to communicate with the wrong server. This technique, which is also known as domain hijacking, uses a fake website posing as a legitimate site. The site typically requests the user's personal information, allowing the attacker to "phish," or steal the victim's passwords, PIN, or bank account number.
In addition to phishing and illegal hacking, online consumers can also fall victim to purchase frauds, car theft (via websites such AutoTrader), real estate fraud (via websites such as Craigslist), illegal wire transfers, online auctions, retail schemes and call tag scams. In a call tag scam, criminals use stolen credit card and tracking information to purchase goods online for shipment to the legitimate cardholder.
Consumer Tools for Fighting Internet Fraud
Attempts to deal with the growing number of reported phishing incidents and other Internet fraud include legislation, user training, public awareness and technical security measures. There are also several companies that specialize in monitoring and alerting users to any activity involving their personal data. If someone attempts to steal the user's online identity, these companies assist the user with securing their online information and paying for the services needed to help them recover their information and resolve the situation.
Another tactic users employ to avoid fraud is erasing hard drives when throwing away old computers. Computers include a wealth of personal information such as bank account numbers and tax information. Erasing the hard drive can reduce the possibility of identity theft and other forms of fraud. Consumers are repeatedly warned to be cautious when donating computers or cell phones and other digital devices to unknown organizations.
Clearing private data such as individual browsing history can also reduce potential fraud. Internet browsers usually provide a "preferences" dialogue that allows web users to delete all history, including cookies, the Internet cache, saved form data, passwords and Internet downloads.