The internet connectivity splurge in growing global diaspora has been opening a lot of opportunities for the business connecting local needs with global offerings. Initially what started as a platform to share ideas metamorphosed into business and advertisement shifting gears from the primary to tertiary level. The concept of creating a service offering from a decoupling point in the business has spurred into rapid forming ventures. This service evolved in terms of free and chargeable content to increase usability and engagement. This viral inclusion of larger demography eventually unfurled to bright and grey practices. Here we introspect deeper into the grey areas of these bright opportunities.
As reported by Reuters in Mar 12th 2010, ”The total dollar loss rose to $559.7 million last year from $264.6 million in 2008, based on amounts reported to the Internet Crime Complaint Centre, a partnership between the FBI and the National White Collar Crime Centre. The number of complaints received increased 22 percent to 336,655 from 275,284.There were different types of fraud recorded with government authorities. As shared in the Internet Crime Report 2009 the ranking for the top 10 most common internet fraud complaints are as noted below:
1.FBI Scams 16.6%
2.Non-Delivery Merchandise/Payment 11.9%
3.Advanced Fee Fraud 9.8%
4.Identity Theft 8.2%
5.Overpayment Fraud 7.3%
6.Miscellaneous Frauds 6.3%
8.Credit Card Fraud 6.0%
9.Auction Fraud 5.7%
10.Computer Damage 4.5%
We further delve into how to detect and resolve these frauds. Few fail proof methods such as typing scam or fraud against any internet-based service to be availed should be made mandatory. Remaining sceptic about the offers if it sounds too good rewires to an extent. And finally as there is no free lunch in business, the hidden- costs needs to be prewired. We have classified the frauds into three categories to divide them in terms of the level of engagement they require and how they stand as a threat to the users
Individual – This initiates with little or no effort by the individual. Most of the time, they may not realise how their security is at threat. These often make an individual say”I never knew it would happen to me”
- Identity Theft: Personal information drained out of one’s security to be used to siphon money out of the bank or any other malicious venture. This may happen if the data is left in an area with high level trust such as a Home PC or a personal Laptop. Certain times net banking availed from a cyber cafe with low security triggers this. Anyone posing as a known entity asking for personal information may also trigger this. It can happen through common network, social network abuse leading to loss of private financial and medical data. As reported by US Attorney legal services, “Nearly 30 million Americans have been victims of identity theft in the past 5 years. Over 9 million people per year are now becoming victims.” The solution to such a situation is to avoid sharing any personal data on a public platform. Financial and medical data to be stored with top security away from any common access.
- Botnet: Machines get affected by spamware forming a network to malicious motives of hackers and pose as a security threat. As reported in One India News, Oct 15th 2010, “Microsoft Security Intelligence Report version 9, which covered more than 200 countries and territories, ranked India 25th in terms of bot infections detected and removed in the quarter ending Jun 2010. India had 38,954 computers with bots cleaned in the second quarter of 2010 compared to 37,895 computers in the first quarter”. The best option to avoid downloading any software that allow seeders and leeches. Additionally, run the anti-virus software at a fixed interval.
Web-based business – These are business opportunities which may not be judged as a scam. It needs to be dealt very cautiously as there are lot of investments involved. These ventures are posed as profitable attracting the individuals who are looking for get-rich-fast schemes. They target neo-businessman, elderly, housewives and students. The reason to target this demography is that they would hold little or no information and are looking forward to make money through convenient means.
- SEO: The offers of escalating Google page ranking can weed into different trap if not followed closely. Traps such as, the Google search in your computer is likely to follow an algorithm of what is most searched and visited by the user. Consequently, when this is surfed it would show on the top few searches by default, not necessarily because the SEO rank have been appreciated. To keep a check on such frauds, search for your website from computers from where your website is rarely visited. Avoid buying onto any SEO ads with advance payment. Rather follow the Google prescribed ways.
- Webhosting: The domain offered needs to be in the name of the user. The details as shared in Domain User. is not a completely user owned domain. It rather remains with the seller. The offers including low cost web hosting, freebies such as ad posting and the internet training need to be verified before availing them. The aim of these schemes is to start with a negligible investment and then add cost with every added feature and support. Hence the cost of holding them runs high in some time.
- Work from Home: These are ideally advertised as cut and paste based job which gets forged into click scams. Here the consumer may require depositing an initial amount to start this job. They are given a training which is charged to them. At times support is offered to get work after training, though it is not followed all the time. They would be given a definite amount of work which needs to be finished during the allocated time. Once work is audited, the individual is likely to receive a payment. The scam is not just in sloppy support offered to the users, but the entire task which makes Google ban such sites with unreal number of clicks.
- Pyramid Scam: Often the webhosting offers cut and paste job along with a multi-level programs which requires the members to invite more members to be able to earn incentives. These incentives are earned only when the down-line is active. As reported by Money Life on Oct 8th 2010, Speak Asia Online is a company which offers MLM program which requires a member to invest $120 as an initial membership fee. This company is reported to have a similar pyramid scam. As suggested by Money Life, before investing in similar ventures the domain needs to be cross checked with a valid address and telephone number. The legal documents shared needs to be valid. They reported that Speak easy online shows no legality of documents or any registration certificates issued by government authorities. Further to that, the information mentioned in the site is crucial. Mostly the information shared is the details about the dealers and bank account. It is important to check valid details about the owner of the company, board of directors and other information including the financial standards maintained by the company .
- Booking scam: Any data provided while booking a tour or a product gets scammed when the data including the CID number is stored by the software used during buying. Furthermore the service mentioned in the website may not finally be delivered to the consumer. Few banks have an automated system of checking such scams and block the credit card beyond a particular amount. But every bank may not allow that. Hence trustworthy way of paying them would be through PayPal, where it is secured.
- Auction of products and classified ads: Products and advertisements are auctioned and sold to the highest bidder. These ads are required to be clicked to ensure payment but the Google ad gets phished when many clicks are made by the users. Google have been banning websites which have reported unnatural number of clicks or clicks from the same computer. The internet auction can be scammed both by the buyer and the seller. Evaluation of Evidence in Internet Auction Fraud Investigations journal as written by Michael Kwan, Richard Overill, Kam-Pui Chow, Jantje Silomon, Hayson Tse, Frank Law and Pierre Lai shows the behaviours involved by both the parties which can be categorised as fraud.
Scams at large – These frauds are targeted to inflict greater mass of people. They go viral as they are not detected as threats initially.
- Phishing and Smishing: Emails from government and companies claiming awards to the recipient on the receipt of a signing amount. These have been identified as Yahoo awards, Windows live scams, unclaimed beneficiary email, and Governmental development scheme. These scams increase when these emails are opened. Hence report spam as soon as it is viewed in the inbox.
- Lottery and Nigerian 419 scam: India Forensic reported on August 8 2003, that a Nigerian agency had conned to extract money in exchange of a huge amount. The case is still being heard. Any claims of a lottery win followed by asking for signing amount is malicious and should be reported.
- Email Job offer scam: A sudden email claiming number of positions to be hired for well known companies such as Hotels, manufacturing firms etc. Sometimes even the offer letters are sent to phish the individual. Once the individual gets interested and starts communicating, the process of asking for money starts which goes endlessly till the individual realises the scam. The best way to detect them is by checking email id, which is often a personal id. On the top the contact of HR Manager or HR Head as shared in the mail, never takes to the original person. If this mail is reported to the company it’s offered from, it becomes crystal clear as the company rejects and denies offering any job to the individual.
- Holiday scams: Different groups offer tickets at very low prices. These are scams are targeted towards the consumers looking for last minute saving. The trick to asses them is to check the legal registration of the travel company be it IATA or any other legal bodies as applicable to the country.
- Malware: These are spread as hidden software through email, advertisement and other link. As reported by spam fighter on Nov 30th 2010, these “Drive-by-downloads initially occurred on malicious websites, where users reached by clicking on a link in a spam e-mail, or opening a malicious attachment or clicking on infected links on social networking website. However, legal websites are increasingly becoming part of the problem as cybercriminals frequently hack the website and download malware on netizens PCs.” Refraining from clicking on any suspicious website and installing anti-virus on the computer becomes quintessential.
- Public domain Facebook/social networking Scams: Change your password, treat it like an online banking passwords. Each time there is new mass mailers, before clicking on the link, check the validity of the site. Recently, TechCrunch Europe, on Nov 29th 2010, had reported the 60,000 click scam on Facebook app which claimed that the user can view who checked their profile. Scams like this are designed to collect information of the user and have an access to their mailing lists.
The aim remains to be alert and aware of the malpractices so that a personal investigation is done before investing money or sharing data. The process to report those remains aligned to the legal requirement of every country. Internet Crime Report 2009 shares a list of guiding principles to be used while negating the effect of these scams.