March 26th, 2011
Seminar Invitation Scam
Online Security Dangers. Email Scams, Seminar Invitation
This is another email scam although a bit more convincing and clever than the others. The online security threat seems to come from a legitimate .edu email address (check the image). We are not sure whether this online email scammer has hacked the .edu email address or used some other mapping technic to derive the source of the email. However the contact person that is supposed to arrange ‘free travel’ arrangements for you has a personal email address and is not a .edu email.
You are invited to send in research papers for presentation at a seminar. It is very likely that anyone who falls for this online fraud will have their ‘summary papers’ approved and get an invitiation to the seminar. The email scam claims that travel and visa arrangements will be handled by the institute. It is easy to guess what would happen next. If you do respond to the email, you will get the ‘good news’ that your papers are selected and the ticket arrangements made. You will be asked to contact another person or seminar coordinator for getting the hotel arrangements made. You will ofcourse need to send payment for that expense – wish goodbye to your money.
Please alert your friends, relatives and collegues regarding this email scam. We will refer to this as the seminiar-invitation-scam for further updates or postings.
December 7th, 2010
If you thought that online security threats were not related to phone calls that you receive, check out this telephone scam that uses online transactions to mess up your finances. This scam has been quite rampant in Asian countries for the last couple of years. Some of these scam ‘call centers’ have been identified and closed but, the ease with which money can be made attracts more fraudsters to the business.
This is a typical case in Thailand. You receive a call on your cell phone, pick the call and you get a recorded message that your credit card bill is overdue and the card is about to be deactivated by your bank. There are a few variations in the call content, at times the recorded message actually gives you a huge figure like 45,000 Baht (1,500 U.S dollars) that is supposed to be pending payment on your card.
The message then continues to ask you to press ‘0’ or ‘1’ for operator assistance. Once you get to the ‘operator’ a real person will try to get all your credit card details. This is basically information required to make an online purchase using the card. It is believed that some companies in China, Taiwan and Malaysia can actually use this information to make a ‘fake’ credit card that can be used to make purchases in stores or online.
While outstanding credit card payments might be a problem for many of us, answering such calls can just add to your financial woes. It is recommended that you always keep your credit card company’s telephone number at hand. Should you receive a such a call, disconnect the line and call your credit card company for clarification and details.
This report has been compiled by the Kaisilver network team. We do hope that you will pass the information to your friends, relatives and collegues. It is only shared information like this that can keep online scammers away.
October 1st, 2010
Beware Outsourcing Website Development.
It is quite common to find emails sent by people offering to make a website for you. Such web development services need to be thoroughly scrutinized before you can rely on their honesty and services. In recent times, several emails originating with Chinese domain extensions have been received by thousands of people across the globe. It is important to understand the dangers of using such services, we explain the issue in more detail below.
A person named XYZ hires a web company named ABC123web (all names are imaginary) to make his website. ABC123web prepares a complete website that also allows online purchases to be made. Once the project is completed, XYZ is given all access to the website by ABC123web. What XYZ is not aware of is that, the website access login details are known to ABC123web.
Such a situation is dangerous as ABC123web can effectively control and access everything on the website made for XYZ. By inserting a small code in the website pages, it is possible to get full information regarding the traffic, ranking and even the sales figures of the website owned by XYZ. It is important that XYZ changes all login details including passwords once the website is handed over to him.
A nasty case of the dangers of outsourcing website development came to light in recent months. A small company hired a consultant to develop it’s website. Towards the end of the project, a problem developed between the company and the consultant. Unfortunately the consultant still held the access details to the website, the customer never cared to re-initialize the details. The consultant hacked into the website of the company through a remote connection. He then uploaded various junk pages and junk (even obscene) images to the website. It was only a few months later that the company could put things together again.
If you are interested in outsouring your web development activities, make sure that you choose the right provider. Check for past projects, call up those clients and take their opinion too. Small web developers have little control over their staff. Even disgruntled junior staff can do damage to the websites that they have access to.
It is also possible for the developer to include a small code into the website source. This code can provide valuable information regarding the performance of your website to the developer. This information can continue to flow out even after the site is completed and handed over to you.
Keep this report in mind and also encourage your friends and acquaintances to read this write up.
August 20th, 2010
Visiting Your Country, Make Online Bookings Fraud.
This online fraud is still unfolding and the all ramifications have not been unveiled as yet. In anycase, do not wait until the entire racket is known. Stay careful now and save yourself from this online threat.
An email is being sent out by a group of fraudsters. The email claims that a certain person (named in the email) and family members (also named in the email) wish to travel for a vacation to ‘your’ country. The country is not named in the email and is referred to as ‘your’ country. The sender of the email requests you to do some bookings for travel and hotels on his behalf.
You are also informed in the email that, the sender will be paying for all the bookings through his credit card. This will be done around 2 weeks before the vacation start date.
This is surely an online scam and it remains to be seen how many people fall for it. You are probably expected to pay for the advance bookings with your credit card. And what happens after that? Let us presume that the email sender does not send you the payment as promised, you could probably cancel the reservations that you made and get away lightly.
The more likely and dangerous thing would be if the email sender actually arrives in your country and does something which is illegal or criminal. The law enforcing authorities will trace back the reservations and find that, they were originally made by you on behalf of the email sender. It could be tough to prove that you are not an accomplice to the crimes commited by the email sender.
Like we mentioned earlier, don’t get curious about the modus operandi of this online fraud. Just ignore such emails and delete them off your system. There is no reason why a genuine traveller to your country, should randomly contact people for making travel and hotel arrangements.
July 2nd, 2010
Online Security Could Be Threatened By Downloads
This online security threat has sprung up in almost every country. The content of the email could be a bit different but, the damage it can cause is severe and consistent. You get an email with a message like ‘the latest mp3 of Maddona’ or ‘download the save energy screen saver’. You could be asked to download the content or accept the content that is attached to the email.
The download is basically a malware that can compromise your online security. Our network team recently came across an email attachment, it was named QueenMp3.mp3.exe. The message claimed that it was the unreleased music of Queen! While our security team quickly recognized the online threat, a casual computer user might not be so cautious. An average computer user might download the attachment after, checing the file name and finding it to be related to the subject line of the email!.
Beware of this online security threat, the progam that came as an attachment is capable of doing serious damage. If you do financial transactions using credit cards or bank accounts, the damage can be financially harmful. Do share this information with your friends and collegues. Large scale sharing of such important information can help make the internet safer.
May 18th, 2010
Your UPS, FEDEX Or Other Parcel Cannot Be Delivered
Our network team has drawn our attention to an online fraud that has been doing the rounds for some time. You get an email saying that there is a UPS, FEDEX, DHL or other parcel for you, the courier cannot have it delivered since the address seems to be wrong. You are requested to fill up some private and confidential details and reply to the email. In some cases, we have found that a contact phone number is attached to the email too.
Once you send the contact details which include your phone number, address and probably some ID details, you will receive an email or phone call. The content of the email or call would mention that there is a parcel for you which is being held by the couriers office. You will be requested to pay an amount, like 150 U.S$ or 220 U.S$ (the amount can differ) before the parcel is delivered to you. Details for your payment to be made could be through a bank or through Western Union. You will be informed that the parcel will be delivered the moment your money is received. To make the whole thing more convincing and more tempting, the ‘courier’ might tell you that the value of the parcel is quite high and therefore needs a certain custom duty to be paid.
Once your money reaches the online fraudster, you can bid goodbye to it as nothing will ever come to you. Some of these online frauds are commited using VOIP call services that cannot be traced to a particular phone number or location. In some ASIAN countries, cell phone or mobile phone accounts can be opened by purchasing a SIM card across the counter. You are not even required to produce any identification or proof to get the SIM card. The card can cost as little as 3 to 5 U.S$ dollars. The online fraudster can therefore afford to buy and throw away a SIM card for every fruad that is commited. Remember that the cell phone device itself can be reused with a new SIM card.
If you ever get such an email, do not take any action. If you feel that it could be a genuine courier parcel coming to you, check the name of the courier. Call up the head office of the courier in your locality, country or state and request for information. Remember to get the number from a telephone directory or the official courier website. Do not expect to find a genuine phone number in the email that was sent to you!. Keep your friends and collegues informed of this fraud.
January 3rd, 2010
Cheap Loans Fraud. Do Not Disclose Bank Information.
This is a major online fraud threat that has been around for a few months. The email is supposed to come from a ‘reputed’ financial institution. See how the email is a free gmail or hotmail addres, the username is the name of the financial institution. In these slow economic conditions, there are millions of people shopping around for cheap loans. This email is ready to give you a loan at a shockingly low rate of interest, sometimes as low as 3% !!!!
You are asked to give your name and address and bank account details for them to process your cheap loan. A typical online threat but some people might be tempted to ‘give it a try’. After all nothing much would happen as long as you do not part with any money. This is a DANGEROUS attitude, since your identification details including Social Security number, full name and complete bank details will be in the hands of the fraudster.
Once this fraudster sees that you are interested in this deal, he will send you various details and documents that will make you believe that this is a genuine cheap loan offering. After winning your confidence he will get you the ‘good news’. Your loan is passed and you need to pay a processing fee which could be in the 500 U.S$ to 2,000 U.S$ range. Depending on how smart he is and how foolish you our, he might just get that sum from you. And you will end up with nothing except the lost dollars and a string of sleepless nights.
Once again remember that such online threats work on the psychologicy of a person. They are also planned according to the present situation as it is these situations that give us a mindset to try such offers. Pass this information to your friends, business associates and everyone you know. It is only a collective action that will make the online world safer.
October 10th, 2009
You Have Undisclosed Income – Online Fraud.
This is similar to an online fraud that has been happening for the last few years, however this year’s fraud has an interesting twist. In the earlier fraud, you received an email saying that you were due to receive a tax refund. Private and confidential information was collected from you, this information was ofcourse put to several bad uses. In this new fraud, the email says that you have failed to disclose some income in your tax returns!
This does seem like a serious issue and many receivers would just click on the provided link and disclose all related information. This could be very dangerous and the fraudsters have managed to think up a very convincing and dangerous operation. Kaisilver has monitored a few dozen emails of this type and there seems to be a pattern through all of them. It is a wonder why the FBI and other agencies do not go to the bottom of such frauds. Tracking emails is not tough, a little technological help and some good ideas can lead to the brain on the top of all such frauds. In the meantime, spread the word to your friends, collegues and relatives. That is the only way to increase the online safety factor.
October 10th, 2009
Western Union Receipt Of Money, Fraud
We would first of all like to mention that this online fraud is NOT committed by Western Union. Online fraudsters use the name of Western Union to defraud innocent online users of their hard earned money. You will receive an email saying that a few million dollars have been released in your name, the reason for this windfall could be many. All such emails are frauds so do not worry about who sent it, how they knew your email address etc.
The email says that a large sum of money has been released in your name. Western Union will now pay you a few thousand dollars a day (could be 10,000 dollars) until the amount is fully received by you. You are asked to contact a person with the details provided. If you follow up on this email fraud, you will be asked to pay a few hundred or thousand dollars as processing fee. You might get a few fake Western Union Money Transfer details, not a single dollar will come your way so do not fall for this fraud.
Western Union as a mode of payment has existed for many decades and has often been a great help to persons doing urgent money transfers. There was a time when many Asian students studying abroad needed urgent funds from their family in Asia. It was also likely that these students wanted to provide financial help to their families in Asia on an urgent basis. This was long before the internet and mouse and keyboard commerce took birth. It was Western Union who helped these people make the transfer almost instantly. Online security threats are being perpetuated to attack almost every online mode of payment, credit cards, paypal, bank accounts and ofcourse Western Union are not being spared.
There is only one way that we can make the internet a safer place to trade, surf and play. This is by generously sharing any online security information that we might have. We have always been at the forefront in the process of educating buyers regarding gemstones and jewelry. The Kaisilver extrajewel security resource aims to carry that policy of educating buyers, to online safety too.
October 10th, 2009
The ATM Card Money Fraud.
It is the time of the year when many innocent online users are looking for bargains and also making online transaction. While this is a good thing for both buyer and seller, you need to stay updated with the online security threats that are currently going around. Kaisilver continues to monitor various online security issues and warns both buyers and sellers through this exclusive security blog.
The ATM card fraud basically perpetuates through emails. You receive an email saying that an ATM card with thousands or even millions of dollars filled in waiting for you. You could be asked to contact the shipping or courier agent, or just send full details of your name, bank account etc. There is a phone number and contact person mentioned in the email. All this is done to increase your confidence in moving ahead with the transaction. Do not fall for this fraud, you will get nothing and only end up losing money. At times, you receive a similar email from a (supposedly) big courier company. This is a cloak email and does not really originate from FEDEX, DHL, UPS or any other courier. The email says that your card is lying with them and you need to pay a small fee like a few hundred dollars to receive it. You might feel that it is a small amount to pay inorder to receive the millions of dollars that are stuffed in the ATM card! But just forget such ideas and delete the email, you will not get a single cent.
Please pass the above information to your friends and relatives. It is only such open sharing of information that can make the online world safer and more useful. We need to harness the benefits of online commerce while remaining alert about online dangers. This is the best way to proceed.