Internet Frauds
What is Third Party Fraud?
This is a fraud committed against someone or some business by people other than their employees. They can be committed against individuals, businesses, companies, governments etc. Third party frauds are not as common as occupational frauds, but on average each fraud is for a larger amount.
Some third party frauds are not meant to remain hidden forever. Some only remain hidden long enough for the fraudster to get away. The fraudster may not care if the fraud is eventually discovered as there is no continuing relationship with the victim and they have made their getaway.
What is Internet fraud?
Internet fraud is fraud committed against people over the Internet, either started through email communications, or using real or false Internet pages. Four common frauds are discussed in this paper:
1. 419 Frauds
2. False Site Frauds
3. Phisher Emails and Sites
4. Diallers
419 Frauds
Nigerian email frauds have been occurring for a long time, starting many years ago through surface mail, but they too have entered the Internet age. They originated in Nigeria but have spread from that country. Section 419 of the Nigerian criminal code deals with these types of frauds, hence they are known as 419 frauds.
The fraud is based on an email sent to thousands of people saying "we have millions of dollars to get out the country and will give you some of it to get access to your bank account." The email addresses are farmed from Internet sites so finding people to send them to is easy. Sounds safe enough, but if you get involved the requests for money start. They need some cash for stamp duties, bribes, customs duty etc. Some people, overtaken by the thought of easy millions, actually get involved and send money.
Meetings are sometimes arranged in a foreign country and some victims actually go to meet these people to "sign the papers" and hand over the money. Some are kidnapped and ransomed, some have been murdered, all have lost their money.
These frauds are easy to spot. An unsolicited email in badly written English will arrive explaining (in great confidence and secrecy) the problem of the fraudsters having too much money and no-one to give it to - you being an honest person would be perfect to help them with this problem - and you will make millions. The fraud started with emails coming from the alleged illegitimate son of the former president or business executive, but now are coming from people holding themselves out to be executives in banking or oil companies from a range of countries.
Regardless of the amount of publicity these frauds have had over the years, they continue. The sad fact is that they only continue because people still get caught by them. What should you do? Exercise your right to delete emails.
False Site Frauds
Using false sites is also called spoofing. It is copying other websites to fool people into believing that they are dealing with someone else. Not many people check that the web address of site that they are on is actually the site that they want. The fraudster's trick is to get people to believe that they are dealing with the real site and provide to personal information useful to getting access to their money. More sophisticated fraudsters will redirect an enquiry from the real site to their own fake site.
For example, if you use a link on an email allegedly from your bank, you would be directed to a fake site that looks exactly like your bank's site. Unless you look at the web address, you may not realize that you are not on the right site. Fraudsters will use an address very close to the site's real address.
The false sites usually mimic financial institutions or commercial sites. The aim is to get people to try to log on and to capture their log on details, passwords or credit card details. The fraudsters then go to the real site and log on as the victim, or they have your credit card details to make purchases.
If in doubt, do not enter personal details until you are sure you are dealing with the right site, and be careful of accessing any sensitive site from an unsolicited email.
Phisher Emails and Sites
Phisher (Fisher) emails try to get you to enter personal information. You may receive an email from a business that you have dealt with asking you to urgently confirm you account or credit card details by return email. They usually provide either a link to a website (see above) or an area on the email to do so. These details are then emailed directly to the fraudsters, who will have then have access to your bank accounts, credit cards or information to commit identity theft.
These emails are sent out by the thousand to try to capture a small percentage of people that will send their details. Reputable companies do not send emails to their clients asking them to enter personal or sensitive details. They will have a secure system and provide reasons for doing so.
What should you do if you receive such an email?
1. Treat all unsolicited emails requesting information with suspicion.
2. Only enter personal details into a secured area on a site site that you have entered and only for a good purpose.
3. Forward any suspicious message to the real business (to an email address that you know is legitimate) and make them aware of the problem.
Diallers
If you have ever wondered why you telephone account connected to your computer is so large, you may have been caught by a dialler fraud. These are commonly called a Trojan Diallers, as with the Trojan horse, the danger is hidden inside something else.
Most people have seen banner advertising on websites (and we hasten to add that there are none on the Worrells site) or see Ads that pop up on the screen when you load a page. Most of these advertisements will take you to another site when clicked. Most of these advertisements are harmless and only do what you would expect, take you to a page of interest. Some do more.
Some banner Ads hold Trojan programs, or viruses, that are activated when the banner Ad link is clicked. These programs are designed to reroute your telephone call from your normal telephone provider and connect you to the new site through a more expensive connection, sometimes at many dollars a minute. The bill is added to your telephone account and the fraudsters make their money from the fees that they get paid from the provider of that line.
The first that you know that you have been caught is when you receive your telephone bill. Australian law says that you must advise people of the change in rate and get hem to agree to be connected. But, as most of these sites are not Australian, that law is unenforceable.
Trojans dialers are more common on porn sites than anywhere else. Not many victims will try to get money back by complaining that they were caught while surfing porn sites. As the amounts involved are generally small (in their hundreds of dollars), most people will pay the money and forget it.
Most legitimate telephone providers will provide a lock on your account, so that your connection cannot be rerouted. These are generally offered free of charge.
Disclaimer
The enclosed information is of necessity a brief
overview and it is not intended that readers should rely
wholly on the information contained herein. No warranty
express or implied is given in respect of the information
provided and accordingly no responsibility is taken by
Worrells or any member of the firm for any loss resulting
from any error or omission contained within this
fact sheet.
Acknowledgment
The material in this Fact Sheet was sourced from various
publications including those listed in the Reading List on
the Fraud Awareness page on this website.
Back to Fact Sheets
Last Updated: 27.3.2008