Learning Center

Hi, I'm Mark, the host of SAFE Cents! Welcome to our Learning Center, a place where you can improve your financial health.

Common Computer and Internet Fraud Schemes

Video

Technology is a common factor in almost everyone's life and as technology advances, fraudsters figure out how to exploit it for their gain. Stay one step ahead by learning about the ways they commit their schemes. Watch this video from the Association of Certified Fraud Examiners about common computer and internet scams.

Common Computer Fraud and Schemes: a Video Summary

Technology is a constant factor in almost everyone’s life. And as technology advances, fraudsters figure out how to exploit it for their gain.

One way fraudsters get access to computers and systems is through social engineering.

Social engineering can take the form of phishing, SMShing or pharming.

In a phishing scheme, the fraudster sends an email claiming to be from a legitimate organization the victim does business with, or from a person within the victim’s organization.

Fraudsters manipulate the victim into providing sensitive information, which they then exploit.

SMShing is a similar scheme, but the fraudster contacts the victim through text messages.

In a pharming scheme, the victim enters sensitive data into a webpage that is designed to look like a legitimate website, such as a bank site. Unlike the phishing scheme, pharming doesn’t require the victim to click a link in an email but rather the fraudster manages to control a domain and redirect legitimate traffic to their fake site.

Once they’ve gained access to the computer system, fraudsters often install malware.

Popular types of malware include:

  • worms, which self-replicate and spread to other computers and systems  
  • spyware, which collects data about the computer user like their demographic information and search history without the user’s consent
  • keyloggers which track everything a computer user types. This can be used to gain passwords and other log-in information, and
  • ransomware, which locks users out of a computer system and demands payment to access it again.

Internet Safety in 2024

Everything these days is being done online. You do your banking online, access medical information online, work online - you're even reading this online. With so much of our time spent on the internet, it's crucial for each of us to understand common fraud schemes, how they prey on our human nature, and what we can do to avoid being a victim.

What is social engineering?

There are lots of technical ways that hackers can gain access to your data, but it's generally easier for them to rely on human error. Tricking people into making that error is called social engineering. After all, even the wariest person can be tricked by what they think is a text from their credit union, a call from the Social Security Administration with threats of jail time, an email from a coworker with a quick question, or a new friend request from someone they don't actually know.

Most commonly, people engaged in social engineering will get in contact with an urgent task that isn't necessarily out of the realm of possibility. Their goal is to get you to react first and then consider the ramifications later. These phishing scams could be an urgent email from "your boss," asking you to take care of something while he's in an important meeting, or a text message from "the USPS," informing you that there is a problem with a package they're trying to deliver. There have even been reports of people calling, claiming to be from your bank or credit union, telling you that your account information has been stolen.

The action the hackers want you to take in each of these scenarios may be different — they may ask you to buy a bunch of gift cards and send them the codes, click a link and enter your credit card information, or give them the code from the text they just sent you to confirm your identity before they get into account details — but in each case they're just trying to play on your sympathy and sense of urgency.

Remember! No SAFE employee will ever call you and ask for a code that you have been sent, nor will we ask for your password. If we do call you, we may have to ask for other personal information, but if you're not comfortable giving that over the phone, just get our employee's name, hang up, and call 800-763-8600. We can get you back to the right person if it's a legitimate call, and we'll never begrudge people taking a few extra precautions to make sure they're safe.

Types of Malware

Let's say you fall for the phishing scam as so many people do — then what do the hackers do? In part that depends on the scam that's being run. Sometimes it's a straightforward theft of data or money, but other times — particularly if you click a link or download a file — you may run into malware. Malware (malicious software) installs malicious files onto your device or network to aid the hackers in committing crimes.

Malware can come in many forms, but CISCO defines the most common seven types as:

  • Ransomware. Ransomware locks you out of your data until you pay a ransom to get it back. While this can impact anyone, it's more likely to be used on businesses as they tend to store a lot more critical data in a single spot than the average individual does.
  • Viruses. Viruses can lie dormant for some time, then become active and replicate across hosts once the relevant file is opened.
  • Worms. Where viruses need host programs to spread through a system, worms infect a device through a downloaded file or network connection and then spread rapidly throughout the system.
  • Trojans. Trojans seem like innocuous programs so you let them in the city gate, and then they turn out to be a virus that can and will gain access to sensitive data.
  • Spyware. Spyware collects data on everything you do on your computer, from your demographic information to the sites you visit, and reports it back to the bad actor. This includes keyloggers.
  • Adware. Like spyware, adware collects your data but it uses that data to examine your patterns and serve up specific ads. They can redirect you to unsafe sites and slow your system down.

While there's some variation, the common theme is that these files are accessed or downloaded onto your computer in an attempt to harm you. You should be cautious of clicking any links you're not expecting or downloading any files.

The Key to Avoiding Internet Fraud

As we access more and more of our world online, fraud is becoming more and more common, and we all must be more vigilant and aware of internet safety. Even seemingly innocent emails and text messages should be scrutinized to make sure you know who you're talking to, or if someone is urging you to take an action immediately. Don't hesitate or second-guess your gut feeling and think carefully before you click!