I’ll be honest, I don’t like Internet fraudsters. I really don’t. They try to take advantage of the trusting nature of honest, decent people in order to make a quick buck. And I don’t respect that.
The best way to beat these scams is to be aware of them. With that in mind, here’s the five worst email scams of 2014. Take note.
BBC Lottery ScamThe BBC is one of the oldest, most respected, and best funded media institutions in the world, so it makes sense that people would try to piggyback off their reputation in order to make a quick buck. One e-mail scam doing the rounds at the moment informs the recipient that they have won the National Lottery.
Makes sense, right? I mean, the BBC is intimately linked to the National Lottery, and broadcast the weekly drawings. Only problem? The reader hasn’t won anything. It’s a hoax.
It also seems that this scam has also made its way to India, with one unfortunate man traveling 1700km in order to collect his winnings after having received an SMS congratulating him on having won 30 million rupees on the BBC National Lottery. It was, of course, a cruel hoax.
Student Finance England ScamStudent Finance England is the organization that distributes loans for tuition fees and living expenses for any English student enrolled in a course of tertiary education in the United Kingdom. Whilst tuition fees are usually sent direct to the university or college, maintenance loans and grants are delivered to the student.
To a fraudster, this represents an enticing target. Loans are often as much as £6000 per annum, dispersed in thirds each semester. So, unsurprisingly there’s a phishing e-mail taking advantage of this.
There are a couple of variants. Some send the victim to a site designed to mirror the Student Finance England site. Others ask for sufficient information to change the bank details of the victim.
On the whole, be careful of any emails purporting to be from Student Finance England and ensure that when you log into the site, you do from the official website.
NICE Cancer HoaxThis is one of the more odious scams I’ve came across whilst researching this piece. The way it works is pretty simple. You get an e-mail supposedly from the National Institute For Clinical Excellence (NICE) – the body which sets the standards in the UK’s hospitals.
The e-mail implies that you have been diagnosed with cancer, and encourages you to check out some test results attached. Those test results are actually a malicious executable file disguised as a PDF document. Once opened, it harvests passwords from your computer and relays it back to a central server.
Horrible, right? Let’s be clear. No serious medical institution will ever give a diagnosis of cancer via e-mail. It’s just… Not done. Moreover, NICE don’t give diagnoses. It’s just not what they do. They’re basically the UKs analog to the FDA.
If you get this e-mail, don’t give it the time of day. Just delete it.
Netflix Support ScamOkay, Netflix scammers. You’re obviously not very nice people, but I’ll give you points for creativity.
There are a couple of variants on this scam, but they generally follow this pattern. You get an e-mail saying your account has been disabled due to unauthorized access, and then get told to call a toll-free US number in order to unlock your account.
You are then informed that your account had been hacked due to not having ‘enhanced Netflix Security’ (no, I’m not making this up) installed on your computer. But, they can fix it! Well, a ‘Microsoft Certified Technician’ can fix it, but it’ll cost you, and you’ll have to let them remotely access your computer.
Steam Guard Phishing ScamThis isn’t a run of the mill phishing scam. No sir. This one differs in a couple of ways. Firstly, it takes advantage of the built-in messaging system in Valve and then pretends to be the Steam Guard system which, ironically is designed to protect against phishing.
You are asked to send a copy of your SSFN file. You’ve probably never heard of it before, but it’s a crucial component of Steam, containing all the configuration values to identify your computer as trusted. With it, someone could easily purge your Steam account of anything of value. Scary, right?
So, how do protect against this? Well, simple really. You treat your SSFN file as you would treat a password, or your social security number, and never disclose it to anyone. Ever.
Protect YourselfHorrible, right? Fortunately, you can protect yourself. Read up on Social Engineering, which is the type of attack used in these scams. In the past, we’ve also looked at how to report e-mail fraud to the authorities.
Fallen victim to any of these scams? Drop me a line and let me know about it. Comments box is below.