Carding
Professional
- Messages
- 2,871
- Reaction score
- 2,391
- Points
- 113
Online fraud - the actions of cybercriminals aimed at taking over information data or financial resources of an Internet user. Every day, many people make online purchases of tickets, pay for telephone or utilities, goods from online stores. The total annual turnover of the virtual world is hundreds of billions of dollars.
This money attracts not only businessmen, but also cybercriminals. Numerous online scammers have become an integral part of the virtual world, and their revenues are in the billions.
There are many ways and variations of deception, but most of them fit into one of several schemes, knowing which you can avoid most threats.
Classification and methods of online fraud
Online scams can be divided into two categories: phishing and identity theft. In turn, each of the methods has a huge variety of subtypes.
How does the fraudster convince the victim to part with the money?
Payment without goods
The crudest and most primitive way of deception. A person buys a product in an online store, pays, but the purchase never arrives. In another scenario, the victim orders a ticket and finds out at the train station that another passenger has already taken the seat. One-day shops do this; often they offer goods as part of a short promotion at a price significantly lower than usual, and those who want to save are in a hurry to pay. To avoid such a trap, it is worth purchasing goods (especially expensive ones) in trusted online stores with at least a year history.
Another, smaller variation of this method is scam on classified ads sites. The buyer pays for the desired item and does not receive it. This threat is harder to avoid because even among newly created accounts, the majority are bona fide users who really want to sell something. A personal meeting would be ideal here.
Nigerian letters
A person is offered to participate in the transfer of large amounts, promising an impressive percentage of them, but first they are asked to send a little money to pay taxes and other fees. Despite the obvious absurdity of the situation (who will transfer millions of dollars through the accounts of a stranger?), There is always a naive or inexperienced user who will send his money in the hope of a future jackpot.
Wrong translation
An unexpected payment comes to your phone, bank card or e-wallet. After a short time, the sender calls and tearfully begs to return the money that he sent by mistake. Having shown honesty, a person soon discovers that a double amount has disappeared from his account, because most banks and operators, under certain conditions, allow the return of erroneous payments. To avoid this, all return operations should be carried out only through the bank office. In other cases, the fraudster does not transfer any money at all, but simply forges SMS notifications about replenishment of the account. Here, the attacker expects the victim to fail to check the balance beforehand.
Letters of happiness
You won a million in the lottery, a trip abroad, a car, or even all at once. Millions of people receive such emails or SMS messages every day, but to take advantage of the sudden happiness, you need to pay a small duty, tax or fee. Take your time to pay it - in fact, you won nothing.
Easy money
You are offered to learn the secret method of making huge money for a modest sum (most often it is about ways to cheat online casinos or playing on Forex). Sometimes scammers offer a test period or a game at someone else's expense, and during this time the person really wins. But once you start playing for your own money, the balance dries up very quickly. Believe me: a person who knows how to make a million will not sell this method for a hundred dollars.
Overseas bride
In social networks or on thematic sites, a guy meets a charming girl, they communicate with interest, virtually fall in love, and want something more. However, the beauty lives in another city, or even abroad. She is ready to come, but asks for money for a ticket. Several thousand seem to be a small price to pay for future happiness, but after the transfer, the girl has various problems (“my mother is sick”), the trip is postponed, communication gradually fades away. And, of course, she does not return money.
When the user is not so trusting, another way to withdraw money from someone else's wallet is used - to get direct access to it. Here, scammers have come up with many options too.
Phishing sites
These are web pages that copy the website of a bank or other financial institution as fully as possible. Wishing to make a purchase or transfer, the user enters the account number and password, and then, knowing them, the attackers freely use his money. Most often, such pseudo-sites are accessed via links, but it is not uncommon for computers to become infected with programs that redirect the user to the correct address. To avoid this, you need to check the addresses of the relevant pages - an error of only one letter means that you are on a fraudulent site. Better yet, enter the desired addresses yourself, without relying on search engines.
Fake account blocking
You receive a letter, SMS or even a phone call, and the person who introduced himself as a bank employee informs that your card is blocked, and he needs a number and a verification code. A frightened person gives the right data, and after that he will really have problems. It should be remembered that bank employees never ask customers about their card details, they already know all the necessary information. Such requests can only come from scammers.
Another variation of this scheme is that the letter about blocking the card contains a link that must be followed to unblock it. However, it leads to a phishing site (see above).
Fake buyer
Wanting to get rid of an unnecessary thing, but to get some money for it, a person offers it on some website. Soon there is a buyer, he is ready to pay, and to transfer money he asks for the card number, expiration date and verification code on the back. The last two points should never be communicated. To transfer money, only a number is enough, but knowledge of the rest of the information will allow a fraudster to use the account in transactions without the presence of a card - in particular, to pay for his online purchases with it. Two-factor authentication of banks (one-time passwords) does not always save money, because a number of online commerce services write off money without confirmation.
Objects of online fraud
An attacker can target either a person or a computer. For the first, all sorts of psychological methods of deception are used, described in the previous section. For electronics, secret programs are being created to redirect to phishing sites, keyloggers that record passwords as they are entered, and other instances of malicious code. To minimize risk, you need to understand where the main threats come from.
Sources of online scams
One of the sources of threat are websites for buying tickets or goods belonging to cyber fraudsters. In the simplest case, the user is advised to purchase the product at a very favorable price, which may differ from the offers of other stores several times, and then they are offered to make an advance payment. Of course, after the transfer of money, the victim will not receive any goods.
Using phishing messages, cybercriminals plan to obtain personal data of users and their passwords. As a rule, outwardly, such mailings are similar to letters received from payment systems, banks, social networks. In the text, they ask, for example, to confirm their personal data by clicking on a button or following a link. The web page that opens as a result of this action will also look like the official website of the organization, and the domain name may differ by only a few letters. After entering the data, the user will send them to the cybercriminals and, at best, may lose their account on social networks, and at worst, they may be left without funds in their e-wallet accounts.
Sometimes people believe that compromising a social media account is not dangerous because there is no sensitive data there. In this regard, it should be noted that the list of friends and the ability to send messages on behalf of the user are valuable for an attacker. Even in the era of e-mail, it was known that a letter from a familiar person is much more trustworthy, so that even fraudulent schemes described in detail on the Internet in this case will still bring results.
Online fraud risk analysis
The large number of online fraud options can give the impression that the internet is flooded with cybercriminals who dream of stealing money from gullible people. This is not entirely true, and the percentage of virtual thieves and deceivers is hardly higher than that in the real world, and the likelihood of theft from an electronic wallet is no greater than the likelihood of losing a wallet in the market.
To protect yourself from online scammers, arm yourself with a few simple tips:
This money attracts not only businessmen, but also cybercriminals. Numerous online scammers have become an integral part of the virtual world, and their revenues are in the billions.
There are many ways and variations of deception, but most of them fit into one of several schemes, knowing which you can avoid most threats.
Classification and methods of online fraud
Online scams can be divided into two categories: phishing and identity theft. In turn, each of the methods has a huge variety of subtypes.
How does the fraudster convince the victim to part with the money?
Payment without goods
The crudest and most primitive way of deception. A person buys a product in an online store, pays, but the purchase never arrives. In another scenario, the victim orders a ticket and finds out at the train station that another passenger has already taken the seat. One-day shops do this; often they offer goods as part of a short promotion at a price significantly lower than usual, and those who want to save are in a hurry to pay. To avoid such a trap, it is worth purchasing goods (especially expensive ones) in trusted online stores with at least a year history.
Another, smaller variation of this method is scam on classified ads sites. The buyer pays for the desired item and does not receive it. This threat is harder to avoid because even among newly created accounts, the majority are bona fide users who really want to sell something. A personal meeting would be ideal here.
Nigerian letters
A person is offered to participate in the transfer of large amounts, promising an impressive percentage of them, but first they are asked to send a little money to pay taxes and other fees. Despite the obvious absurdity of the situation (who will transfer millions of dollars through the accounts of a stranger?), There is always a naive or inexperienced user who will send his money in the hope of a future jackpot.
Wrong translation
An unexpected payment comes to your phone, bank card or e-wallet. After a short time, the sender calls and tearfully begs to return the money that he sent by mistake. Having shown honesty, a person soon discovers that a double amount has disappeared from his account, because most banks and operators, under certain conditions, allow the return of erroneous payments. To avoid this, all return operations should be carried out only through the bank office. In other cases, the fraudster does not transfer any money at all, but simply forges SMS notifications about replenishment of the account. Here, the attacker expects the victim to fail to check the balance beforehand.
Letters of happiness
You won a million in the lottery, a trip abroad, a car, or even all at once. Millions of people receive such emails or SMS messages every day, but to take advantage of the sudden happiness, you need to pay a small duty, tax or fee. Take your time to pay it - in fact, you won nothing.
Easy money
You are offered to learn the secret method of making huge money for a modest sum (most often it is about ways to cheat online casinos or playing on Forex). Sometimes scammers offer a test period or a game at someone else's expense, and during this time the person really wins. But once you start playing for your own money, the balance dries up very quickly. Believe me: a person who knows how to make a million will not sell this method for a hundred dollars.
Overseas bride
In social networks or on thematic sites, a guy meets a charming girl, they communicate with interest, virtually fall in love, and want something more. However, the beauty lives in another city, or even abroad. She is ready to come, but asks for money for a ticket. Several thousand seem to be a small price to pay for future happiness, but after the transfer, the girl has various problems (“my mother is sick”), the trip is postponed, communication gradually fades away. And, of course, she does not return money.
When the user is not so trusting, another way to withdraw money from someone else's wallet is used - to get direct access to it. Here, scammers have come up with many options too.
Phishing sites
These are web pages that copy the website of a bank or other financial institution as fully as possible. Wishing to make a purchase or transfer, the user enters the account number and password, and then, knowing them, the attackers freely use his money. Most often, such pseudo-sites are accessed via links, but it is not uncommon for computers to become infected with programs that redirect the user to the correct address. To avoid this, you need to check the addresses of the relevant pages - an error of only one letter means that you are on a fraudulent site. Better yet, enter the desired addresses yourself, without relying on search engines.
Fake account blocking
You receive a letter, SMS or even a phone call, and the person who introduced himself as a bank employee informs that your card is blocked, and he needs a number and a verification code. A frightened person gives the right data, and after that he will really have problems. It should be remembered that bank employees never ask customers about their card details, they already know all the necessary information. Such requests can only come from scammers.
Another variation of this scheme is that the letter about blocking the card contains a link that must be followed to unblock it. However, it leads to a phishing site (see above).
Fake buyer
Wanting to get rid of an unnecessary thing, but to get some money for it, a person offers it on some website. Soon there is a buyer, he is ready to pay, and to transfer money he asks for the card number, expiration date and verification code on the back. The last two points should never be communicated. To transfer money, only a number is enough, but knowledge of the rest of the information will allow a fraudster to use the account in transactions without the presence of a card - in particular, to pay for his online purchases with it. Two-factor authentication of banks (one-time passwords) does not always save money, because a number of online commerce services write off money without confirmation.
Objects of online fraud
An attacker can target either a person or a computer. For the first, all sorts of psychological methods of deception are used, described in the previous section. For electronics, secret programs are being created to redirect to phishing sites, keyloggers that record passwords as they are entered, and other instances of malicious code. To minimize risk, you need to understand where the main threats come from.
Sources of online scams
One of the sources of threat are websites for buying tickets or goods belonging to cyber fraudsters. In the simplest case, the user is advised to purchase the product at a very favorable price, which may differ from the offers of other stores several times, and then they are offered to make an advance payment. Of course, after the transfer of money, the victim will not receive any goods.
Using phishing messages, cybercriminals plan to obtain personal data of users and their passwords. As a rule, outwardly, such mailings are similar to letters received from payment systems, banks, social networks. In the text, they ask, for example, to confirm their personal data by clicking on a button or following a link. The web page that opens as a result of this action will also look like the official website of the organization, and the domain name may differ by only a few letters. After entering the data, the user will send them to the cybercriminals and, at best, may lose their account on social networks, and at worst, they may be left without funds in their e-wallet accounts.
Sometimes people believe that compromising a social media account is not dangerous because there is no sensitive data there. In this regard, it should be noted that the list of friends and the ability to send messages on behalf of the user are valuable for an attacker. Even in the era of e-mail, it was known that a letter from a familiar person is much more trustworthy, so that even fraudulent schemes described in detail on the Internet in this case will still bring results.
Online fraud risk analysis
The large number of online fraud options can give the impression that the internet is flooded with cybercriminals who dream of stealing money from gullible people. This is not entirely true, and the percentage of virtual thieves and deceivers is hardly higher than that in the real world, and the likelihood of theft from an electronic wallet is no greater than the likelihood of losing a wallet in the market.
To protect yourself from online scammers, arm yourself with a few simple tips:
- Never follow links in emails or messages from people you don't know.
- Never disclose your personal information, as well as passwords for accessing websites and online services.
- Be sure to use antivirus software.
- If you receive spam, you do not need to unsubscribe from it. Better to just ignore such emails.
- Never trust letters that offer you easy money, inheritance, cheap goods. Remember that making money on the Internet is not much different from making money in real life, but in reality, nothing is gained just like that.
