Internet Scams

Malicious Software Features Usama bin Laden Links to Ensnare Unsuspecting Computer Users 

The Internet Crime Complaint Center (IC3) urges computer users to not open unsolicited (spam) e-mails, including clicking links contained within those messages. Even if the sender is familiar, the public should exercise due diligence. Computer owners must ensure they have up-to-date firewall and anti-virus software running on their machines to detect and deflect malicious software.

The IC3 recommends the public do the following:

  • Adjust the privacy settings on social networking sites you frequent to make it more difficult for people you know and do not know to post content to your page. Even a “friend” can unknowingly pass on multimedia that’s actually malicious software.
  • Do not agree to download software to view videos. These applications can infect your computer.
  • Read e-mails you receive carefully. Fraudulent messages often feature misspellings, poor grammar, and nonstandard English.
  • Report e-mails you receive that purport to be from the FBI. Criminals often use the FBI’s name and seal to add legitimacy to their fraudulent schemes. In fact, the FBI does not send unsolicited e-mails to the public. Should you receive unsolicited messages that feature the FBI’s name, seal, or that reference a division or unit within the FBI or an individual employee, report it to the Internet Crime Complaint Center at the Federal Bureau of Investigation.

CLAIMS OF BEING STRANDED SWINDLE CONSUMERS OUT OF THOUSANDS OF DOLLARS 

07/01/10—The IC3 continues to receive reports of individuals' e-mail or social networking accounts being compromised and used in a social engineering scam to swindle consumers out of thousands of dollars. Portraying to be the victim, the hacker uses the victim's account to send a notice to their contacts. The notice claims the victim is in immediate need of money due to being robbed of their credit cards, passport, money, and cell phone; leaving them stranded in London or some other location. Some claim they only have a few days to pay their hotel bill and promise to reimburse upon their return home. A sense of urgency to help their friend/contact may cause the recipient to fail to validate the claim, increasing the likelihood of them falling for this scam.

If you receive a similar notice and are not sure it is a scam, you should always verify the information before sending any money.
 
If you have been a victim of Internet crime, please file a complaint with the Federal Bureau of Investigation. The IC3 complaint database links complaints for potential referral to the appropriate law enforcement agency for case consideration. Complaint information is also used to identity emerging trends and patterns.

RENTAL AND REAL ESTATE SCAMS 

03/12/10—Individuals need to be cautious when posting rental properties and real estate on-line. The IC3 continues to receive numerous complaints from individuals who have fallen victim to scams involving rentals of apartments and houses, as well as postings of real estate online.
 
Rental scams occur when the victim has rental property advertised and is contacted by an interested party. Once the rental price is agreed-upon, the scammer forwards a check for the deposit on the rental property to the victim. The check is to cover housing expenses and is, either written in excess of the amount required, with the scammer asking for the remainder to be remitted back, or the check is written for the correct amount, but the scammer backs out of the rental agreement and asks for a refund. Since the banks do not usually place a hold on the funds, the victim has immediate access to them and believes the check has cleared. In the end, the check is found to be counterfeit and the victim is held responsible by the bank for all losses. 
 
Another type of scam involves real estate that is posted via classified advertisement websites. The scammer duplicates postings from legitimate real estate websites and reposts these ads, after altering them. Often, the scammers use the broker’s real name to create a fake e-mail, which gives the fraud more legitimacy. When the victim sends an e-mail through the classified advertisement website inquiring about the home, they receive a response from someone claiming to be the owner. The “owner” claims he and his wife are currently on missionary work in a foreign country. Therefore, he needs someone to rent their home while they are away. If the victim is interested in renting the home, they are asked to send money to the owner in the foreign country. 
 
If you have been a victim of Internet crime, please file a complaint with the Federal Bureau of Investigation.

MYSTERY/SECRET SHOPPER SCHEMES

01/20/10—The IC3 has been alerted to an increase in employment schemes pertaining to mystery/secret shopper positions. Many retail and service corporations hire evaluators to perform secret or random checks on themselves or their competitors, and fraudsters are capitalizing on this employment opportunity.

Victims have reported to the IC3 they were contacted via e-mail and U.S. mail to apply to be a mystery shopper. Applicants are asked to send a resume and are purportedly subject to an extensive background check before being accepted as a mystery shopper. The employees are sent a check with instructions to shop at a specified retailer for a specific length of time and spend a specific amount on merchandise from the store. The employees receive instructions to take note of the store's environment, color, payment procedures, gift items, and shopping/carrier bags and report back to the employer. The second evaluation is the ease and accuracy of wiring money from the retail location. The money to be wired is also included in the check sent to the employee. The remaining balance is the employee's payment for the completion of the assignment. After merchandise is purchased and money is wired, the employees are advised by the bank the check cashed was counterfeit, and they are responsible for the money lost in addition to bank fees incurred.

In other versions of the scheme, applicants are requested to provide bank account information to have money directly deposited into their accounts. The fraudster then has acquired access to these victims' accounts and can withdraw money, which makes the applicant a victim of identity theft.

Tips

Here are some tips you can use to avoid becoming a victim of employment schemes associated with mystery/secret shopping:

  • Do not respond to unsolicited (spam) e-mail.
  • Do not click on links contained within an unsolicited e-mail.
  • Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders. Virus scan all attachments, if possible.
  • Avoid filling out forms contained in e-mail messages that ask for personal information.
  • Always compare the link in the e-mail to the link you are actually directed to and determine if they match and will lead you to a legitimate site.
  • There are legitimate mystery/secret shopper programs available. Research the legitimacy on companies hiring mystery shoppers. Legitimate companies will not charge an application fee and will accept applications online.
  • No legitimate mystery/secret shopper program will send payment in advance and ask the employee to send a portion of it back.

Individuals who believe they have information pertaining to mystery/secret shopper schemes are encouraged to file a complaint with the Federal Bureau of Investigation.

POP-UP ADVERTISEMENTS OFFERING ANTI-VIRUS SOFTWARE POSE THREAT TO INTERNET USERS

12/11/09—An ongoing threat exists for computer users who, while browsing the Internet, began receiving pop-up security warnings that state their computers are infected with numerous viruses.

These pop-ups known as scareware, fake, or rogue anti-virus software look authentic and may even display what appears to be real-time anti-virus scanning of the user’s hard drive. The scareware will show a list of reputable software icons; however, the user cannot click a link to go to the actual site to review or see recommendations.

The scareware is intimidating to most users and extremely aggressive in its attempt to lure the user into purchasing the rogue software that will allegedly remove the viruses from their computer. It is possible that these threats are received as a result of clicking on advertisements contained on a website. Cyber criminals use botnets to push the software and use advertisements on websites to deliver it. This is known as malicious advertising or malvertising.

Once the pop-up appears it cannot be easily closed by clicking “close” or the “X” button. If the user clicks on the pop-up to purchase the software, a form is provided that collects payment information and the user is charged for the bogus product. In some instances, whether the user clicks on the pop-up or not, the scareware can install malicious code onto the computer. By running your computer with an account that has rights to install software, this issue is more likely to occur.

Downloading the software could result in viruses, Trojans, and/or keyloggers being installed on the user’s computer. The repercussions of downloading the malicious software could prove further financial loss to the victim due to computer repair, as well as, cost to the user and/or financial institutions due to identity theft.

The assertive tactics of the scareware has caused significant losses to users. The FBI is aware of an estimated loss to victims in excess of $150 million.

Be cautious—Cyber criminals use easy to remember names and associate them with known applications. Beware of pop-ups that are offer a variation of recognized security software. It is recommended that the user research the exact name of the software being offered.

Take precautions to ensure operating systems are updated and security software is current.

If a user receives these anti-virus pop-ups, it is recommended to close the browser or shut the system down. It is suggested that the user run a full, anti-virus scan whenever the computer is turned back on.

If you have experienced the anti-virus pop-ups or a similar scam, please notify the IC3 by filing a complaint with the  Federal Bureau of Investigation.

Online Auction Fraud - Don't Let It Happen To You

6/30/09-Computers, sports memorabilia, rare coins, designer fashions, and even cars.

These are just a few of the items offered for sale every day on legitimate online auction sites. They’re also just a small sample of the items used to lure unsuspecting victims into online auction fraud schemes.

Most of the one million-plus transactions that take place each day on these websites are legitimate; just a fraction actually result in some type of fraud.

But even that fraction adds up. According to the latest report of the Internet Crime Complaint Center (IC3), more than 70,000 complaints made to IC3 last year—about one in every four—involved online auction scams.

There are a variety of auction frauds, but here are some of the more common ones to watch out for:

  • Overpayment fraud targets the seller. A seller advertises a high-value item—like a car or a computer—on the Internet. A scammer contacts the seller to purchase the item, then sends the seller a counterfeit check or money order for an amount greater than the price of the item. The purchaser asks the seller to deposit the payment, deduct the actual sale price, and then return the difference to the purchaser.
  • Wire transfer schemes start with fraudulent and misleading ads for the sale of high-value items being posted on well-known online auction sites. When buyers take the bait, they are directed to wire money to the crooks using a money transfer company. Once the money changes hands, the buyer never hears from them again.
  • Second-chance schemes involve scammers who offer losing bidders of legitimate auctions the opportunity to buy the item(s) they wanted at reduced prices. They usually require that victims send payment through money transfer companies, but then don’t follow through on delivery.

And needless to say, in all of these schemes customers never get what they pay for.Who is behind the scams. Mostly individuals. However, there are exceptions: criminal enterprises from West Africa are especially fond of the overpayment scams, while Romanian crime groups favor the second-chance schemes.

We’re working to address the problem. We’ve had a number of successful auction fraud investigations, worked collaboratively with other agencies, including one in Virginia and one in Texas.

What to do if you’ve been victimized. Go to the  Internet Crime Complaint Center  or the Federal Trade Commission websites and submit a complaint. The more we know about the extent of the crime—including the specific methods being used to perpetrate it—the more effective we can be in preventing and investigating these scams. You can also report incidents to your local police and to auction companies.

So, how can you avoid being a victim of auction fraud? A few tips:

  • Ask the seller for a phone number and verify it.
  • Beware of buyers who insist on wire transfers as the only form of payment they’ll accept.
  • For big-ticket items, use a legitimate online escrow service that will hold the payment until you receive what you’ve ordered.
  • If you receive an overpayment as a seller, don't cash it but instead ask for the exact purchase price.
  • Don’t ever give out your social security or driver’s license number—a legitimate seller wouldn’t ask.
  • Be skeptical if the price sounds too low.

If you have been a victim of Internet crime, please file a complaint with the Federal Bureau of Investigation.  

FAKE MILITARY TWIST ON VEHICLE SALE SCAMS

03/05/09—The FBI continues to receive reports of individuals victimized while attempting to purchase vehicles via the Internet. Victims find attractively priced vehicles advertised at different Internet classified ad sites. Most of the scams include some type of third-party vehicle protection program to ensure a safe transaction. After receiving convincing e-mails from the phony vehicle protection program, the victims are directed to send either the full payment, or a percentage of the payment, to the third-party agent via a wire payment service. No vehicles are delivered to the victims.

In a new twist, scammers are posing as members of the United States military. The fictitious military personnel in the scam have either been sent to a foreign country to improve military relations, or they need to sell a vehicle quickly and cheaply because of their upcoming deployment to either Iraq or Afghanistan.

Consumers are advised to do as much due diligence as possible before engaging in transactions to purchase vehicles advertised online. Consumers are also cautioned to be aware of the rules of or warnings posted by the Internet sites they visit. If someone is asking you as a consumer to break or avoid the rules of the website, it is possible that person is trying to scam you.

If you have fallen victim to this type of scam, please notify the IC3 by filing a complaint with the Federal Bureau of Investigation.

WORK-AT-HOME SCAMS

02/04/09—Consumers need to be vigilant when seeking employment online. The IC3 continues to receive numerous complaints from individuals who have fallen victim to work-at-home scams.

Victims are often hired to “process payments,” “transfer funds,” or “reship products.” These job scams involve the victims receiving and cashing fraudulent checks, transferring illegally obtained funds for the criminals, or receiving stolen merchandise and shipping it to the criminals.

Other victims sign up to be a “mystery shopper,” receiving fraudulent checks with instructions to cash the checks and wire the funds to “test” a company’s services. Victims are told they will be compensated with a portion of the merchandise or funds.

Work-at-home schemes attract otherwise innocent individuals, causing them to become part of criminal schemes without realizing they are engaging in illegal behavior. Job scams often provide criminals the opportunity to commit identity theft when victims provide their personal information, sometimes even bank account information, to their potential “employer.” The criminal/employer can then use the victim’s information to open credit cards, post on-line auctions, register websites, etc., in the victim’s name to commit additional crimes.

If you have been a victim of Internet crime, please file a complaint with the Federal Bureau of Investigation.