Beware of Dangerous online & ATM Phishing Scams!

Cybercriminals take advantage of the holiday season, aiming to steal consumers' money, identities and financial information. As cybercriminals begin to take advantage of the holiday season, McAfee has revealed the 12 most dangerous online scams that computer users should be cautious of this holiday season. According to Consumer Reports' 2009 State of the Net Survey, cybercriminals have bilked $8 billion from consumers in the past two years. "Cybercriminals use their best schemes during the holidays to steal people's money, credit card information, social security number and identity, " said Jeff Green, senior vice president of McAfee Labs. "These thieves follow seasonal trends and create holiday-related Web sites, scams and other convincing e-mails that can trick even the most cautious users."

Part-1. Tips to keep you safe from scareware

To be secure, you must know about threats that abound on the Internet. Here is a look at business of scareware, and tips to help you stay protected.

Recently antivirus software company McAfee has been warning of rise in scareware that has occurred over recent months. Such malicious software; spyware, malware, and viruses have become a great problem for many computer users, particularly those running Windows and Internet Explorer.

What is "scareware", exactly?

Scareware is a brand of malicious software (while not technically malware in and of itself) that claims to be antivirus software or such, and falsely reports that you have viruses on your computer, when in fact, you do not. The software then "scares" users into purchasing bogus software that does nothing, duping unknowing users into divulging their credit card information to bad guys. In addition, many scareware programs also install trojans and behave much like viruses or spyware in themselves, and can allow hackers access to infected computers.

Above are some examples of scareware software or ads designed to lure people into downloading such software.

The thing that makes scareware a particularly insidious form of software is that it costs users money, and is extremely profitable for companies that make it. ITPro.co.uk wrote about a company called "Innovative Marketing" that scammed over $160 Million USD from American citizens alone with its software known by names such as WinAntivirus, DriveCleaner and XP Antivirus, along with many other variations. This company was quite organized, and hired hundreds of programmers, support staff, and even set up a call center to attempt to disuade its "customers" from requesting refunds once they discovered that they had been duped.

• How does this nasty stuff get installed in the first place?
• There are a number of ways that scareware (and other types of malware) get installed. Here are some common scenarios:
• Banner ads, popup ads, or cleverly placed search results invite you to get a "FREE" scan of your computer (for viruses, registry corruption, or the like). In order to do this, you must download and install software that is, in fact, malicious software itself.
• Users download "free" screen savers, music, games, or other small programs that are actually a carrier for a scareware or virus payload, that quietly gets installed on your PC at the same time.
• Ads or popups "disguised" as real application windows pop up warning people that they have problems with their computer, and attempt to trick them into downloading software to fix this. Although this ruse is extremely obvious to experienced users, beginner computer users still fall for it.

• Hackers are usually paid for installing this software onto computers, and they will often craft trojans or other viruses that are distributed through spam, security flaws, or other means to get this software onto computers.
• How to avoid installing malware and stay safe
• Antivirus software may help, but not much. There is a list of good, free AV software at security-faqs.com. It's a good idea to run some antivirus software, but don't let it lull you into a false sense of security -- most of these scareware programs will effectively disable your AV software.
• Don't download and run programs that you don't need, or do not know what they are. Be very wary of what you are downloading, as many websites are designed to trick you into downloading a program when you think you are downloading something completely different.
• Do some research (even just a quick Google search) before downloading software, and be aware that what you are downloading is legitimate software. Note that fake software will often use well-known brands in the names -- "Microsoft AntiVirus 2009" is an example of a scareware program. (It has nothing to do with Microsoft).
• Never give your credit card information to software claiming to fix your computer -- for a price. This is a strong indication of the shady or deceptive business practices used by scareware.
• Never click on an advertisement or popup claiming that you have viruses or problems with your computer.

• Be very wary of software error messages that have spelling and grammar mistakes. Especially if they direct you to something that you must purchase!
• Read the address bar in the computer when you visit websites to ensure that it matches the site you are on. This alone can prevent you from falling for phishing scams where criminals try to trick you into giving them your login information for a particular Website or service.
• When installing normal software, it is a good idea to uncheck offers to install toolbars and extra bundled software that is not needed.
• Use Windows Update to ensure that your operating system is up to date with the latest security patches.
• Use a more secure browser, and keep it up to date. Opera, for instance, has a very good security track record. Makers of scareware and viruses usually target Internet Explorer, since it is so commonly used, and has many well-known security vulerabilities in older versions.
• The above steps should all be part of your regular use of the Internet. By being aware of the risks, and being cautious, you will greatly decrease your odds of being afflicted with nefarious software trying to con you out of your cash.
• These sorts of "Net Smarts" might not be obvious to someone who is less acquainted with computers and the ill-will of many "cyber criminals" out there, so it's a good idea to talk to friends and family and show them this article to keep them safe.

Of course they wanted more information from me and I was supposed to believe that some dude with a Hotmail email addy was in charge of something like this? The mind reels.

Anyhow, below is the email in full - dern shame it weren't fer real____________________________________________________________________________________

We are pleased to inform you that your e-mail address has won the UK
Sweepstakes International Programme.Therefore you have been approved for a
lump sum payout (1, 000, 000.00 GBP) One Million Pounds in the Uk
Sweepstakes International Program held on the 1st Of October 2008, and
released 4th October, 2008. Your e-mail ID emerged as one of the
winners in the 1st category.

Please fill the form below and send it to our claims department for the
immediate release of your funds.

Name: Mr James McMillian
Email: jamesmcmillian1@hotmail.com

PAYMENT PROCESSING FORM

1.Full Name:
2.Full Address:
3.Status:
4.Occupation:
5.Phone Number
6.Country:

Yours faithfully,
Caroline Bryan

_____________________________________________________________________________________

Scam II -- Fake invoices from delivery services to steal your money: During the holidays, cybercriminals often send fake invoices and delivery notifications appearing to be from Federal Express, UPS or the US Customs Service.

They e-mail consumers asking for credit card details to credit back the account, or require users to open an online invoice or customs form to receive the package. Once completed, the person's information is stolen or malware is automatically installed on their computer.

Scam III -- Social networking -- a cybercriminal 'wants to be your friend': Cybercriminals take advantage of this social time of the year by sending authentic-looking 'new friend request' e-mails from social networking sites.

Cyber thieves cash in on consumers who send holiday e-cards in an effort to be environmentally-conscious.

Last holiday season, McAfee Labs discovered a worm masked as Hallmark e-cards and McDonald's and Coca-Cola holiday promotions. Holiday-themed PowerPoint e-mail attachments are also popular among cybercriminals. Be careful what you click on.

Scam V -- 'Luxury' holiday jewellery comes at a high price: McAfee Labs recently uncovered a new holiday campaign that leads shoppers to malware-ridden sites offering 'discounted' luxury gifts from Cartier, Gucci, and Tag Heuer.

Cybercriminals even use fraudulent logos of the Better Business Bureau to trick shoppers into buying products they never receive.

Scam VI -- Practise safe holiday shopping; online identity theft on the rise: Forrester Research Inc. predicts online holiday sales will increase this year as more bargain-hunters turn to the web for deals.

While users shop and surf on open hotspots, hackers can spy on their activity in an attempt to steal their personal information. McAfee tells users never to shop online from a public computer or on an open Wi-Fi network.

During the holidays, hackers create fraudulent holiday-related web sites for people searching for a holiday ringtone or wallpaper, Christmas carol lyrics or a festive screensaver.

Downloading holiday-themed files may infect one's computer with spyware, adware or other malware. McAfee found one Christmas carol download site that led searchers to adware, spyware and other potentially unwanted programmes.

Once interested persons submit their information and pay their 'set-up' fee, hackers steal their money instead of following through on the promised employment opportunity.

Password theft is rampant during the holidays as thieves use low-cost tools to uncover a person's password and send out malware to record keystrokes, called keylogging.

Once criminals have access to one or more passwords, they hack consumers' bank and credit card details and clean out accounts within minutes.

They also commonly send out spam from a user's account to their contacts.

Scam XI: E-Mail banking scams: Cybercriminals trick consumers into divulging their bank details by sending official-looking e-mails from financial institutions.

They ask users to confirm their account information, including a username and password, with a warning that their account will be come invalid if they do not comply. Then they often sell this information through an underground online black market.

McAfee Labs believes cybercriminals are more actively scamming consumers with this tactic during the holidays since people are monitoring their purchases closely.

They then act as virtual kidnappers to hijack computer files and encrypt them, making them unreadable and inaccessible. The scammer holds the user's files ransom by demanding payment in exchange for getting them back.

Advises Internet users to follow these five tips to protect their computers and personal information:

1. Never click on links in e-mails: Go directly to a company or charity's website by typing in the address or using a search engine. Never click on a link in an e-mail.

2. Use updated security software: Protect your computer from malware, spyware, viruses and other threats with updated security suites.

3. Shop and bank on secure networks: Only check bank accounts or shop online on secure networks at home or work, wired or wireless. Wi-Fi networks should always be password-protected so hackers cannot gain access to them and spy on online activity.

Also, remember to only shop on websites that begin with https://, instead of http://, and seek out web sites with security trustmarks.

4. Use different passwords: Never use the same passwords for several online accounts. Diversify passwords and use a complex combination of letters, numbers and symbols.

5. Use common sense: If you are ever in doubt that an offer or product is not legitimate, do not click on it. Cybercriminals are behind many of the seemingly 'good' deals on the Web, so exercise caution when searching and buying.