There’s a sucker born every minute. – P.T. Barnum
Actually, it’s more like ten per minute. – D. White
This is about scams. I love them. I wish I had that evil thing that some people have. Then, I'd have a LOT of money from running scams and taking advantage of people being gullible. Unfortunately, it just makes me feel bad, so I don’t.
Scams have been around since the first caveperson convinced another caveperson that this really great rock was for sale for only two rocks. Oh wait, that’s marketing…
Ok, so the first caveperson that convinced another caveperson there was a better rock in the next valley that he just had to get rid of and sold the “rock of ages” or some such thing to poor unsuspecting Ook Ook. That’s a scam.
So, the internet. Well, it enabled every scam/con artist on the face of the earth to have 24/7 access to everyone else on earth. This means that even the oldest scams in existence could now be used again in mass marketing, sorry, con schemes.
The word con is short for “confidence” and the art of conning someone is all in the attitude. So the professional has to be convincing and have some reasonable basis. But the real art is psychology. Con persons since the dawn of time understand greed, embarrassment, and shame better than anyone on the earth.
So, lets’ review some tips:
· Anyone who promises you something for nothing is scamming you.
· If it sounds too good to be true, well, it’s a scam.
· The minute someone tells you something is free and then asks for money, well, that’s a scam.
And some popular internet scams:
· The Nigerian Prince (also called a Nigerian 419) – This is an old scam where you're told that someone with a lot of money needs help getting that money. They used to do this one outside airports, but the internet makes it easier. If you will just help this poor person out, they can access (Insert random outrageous amount here.) dollars. They can’t get the money for some reason but you can (Usually it “must be a third party” or something.). So you say, wow, I can get a large amount of cash just for being slightly sleazy, I’m in. Basically, they will then ask you to send some cash to help out with bribes and such. This is the hook. Now, you have committed to the scam and are out a small amount of cash. They will keep asking for money until you are broke, show up in person (and likely get killed), or realize you have made a terrible mistake and give up.
· The Pigeon Drop – This is another old airport scam. In the internet version, you are told that a small amount of money (which you will get back immediately, plus a lot more) is needed to buy a share of stock, a lottery ticket in rigged lottery or some other promise. Guess what happens when you hand over the cash?
· The Spanish Lottery – “Bill Gates randomly selected your facebook account to receive one million dollars. Please contact us to arrange payment.” This is basically The Nigerian Prince with the words Spanish Lottery inserted. There are actually Spanish lottery scams where they tell you that you have won the Spanish Lottery (or some other country) and need to pay the taxes to receive the cash. Wait, you did enter the Spanish lottery right? No, oh your email was selected at random to win the lottery.
· The Help Desk – This is a new one I think. Basically, someone from “Microsoft”, “Intel”, “The IRS” (my favorite) calls you. They tell you your computer is being used to hack something (or in the IRS one, that your tax return has been audited and numerous violations have occurred). They offer to help and you allow them to login to your computer remotely. (Please don’t ever allow someone to login to your computer remotely.) They will try to bully you and threaten if you don’t cooperate, “If you don’t allow this, your computer will be banned from the internet forever.” When they login, they can do whatever they want. You will be watching, of course, but they will run a script while they browse around “fixing” the problem and they basically install malware that lets them login any time they want. The malware also likely scans your drive looking for financial info, cookies you have on your machine (Cookies may contain your login and password information for banks, etc.). They will then thank you and move on.
· Spear Phishing – This is simple. You are contacted and asked to provide your information to someone for some desperate reason like “Your email has been hacked, we need you to click this link and login”. These are fake links to possibly legitimate looking sites which will capture your login and password. Banks are a popular target. When you do this, it will say “thank you”. Meanwhile, someone will login to your bank account and take all your funds.
Ah, I could go on but Patty J won’t let me. Remember:
· The minute you give up control for greed, etc., they have you.
· Don’t let anyone bully you into giving up control (This is starting to sound like sex ed class.) or they will be able to manipulate you.
· If it sounds too good to be true, well…
· Don’t send money to strangers for invisible products, no matter how good the deal sounds.
· No company/government agency will ever call you and ask for personal information or access to your computer, unless you made the initial contact for support.
· Never, ever, ever, give out your personal information to anyone for any reason.
· Never login to a website that you haven’t verified, never, never, never…
o When you see a link in an email that says bankofperseus.com or whatever, move your mouse over the link and look down in the corner. This will show you what the link actually contains. Try the one above. See how easy that is. If the link doesn’t match, then this is possibly a scam. If you suspect a scam, go directly to the site and investigate it.
· Be suspicious and paranoid, it’s fun.
· Always ask someone else what they think about these things before you act.
Now, if you will just mail me a check or money order for $100, I can arrange for your free pair of Manolo Blahnik’s to be delivered. You will get two more pairs free for only another $100...
More About Doug
Doug White is the Chair of Cybersecurity and Networking programs at Roger Williams University. He has worked in the technology industry for many years and specializes in networking, disaster, forensics, and security. He has been paid to break into buildings, talk tech people out of their usernames and passwords, steal money, and figure out horrible scenarios like “What if a rabid shark swarm was caught up in a tornado while a core meltdown occurred? Could we still watch Netflix?” Doug has a PhD in Computer Information Systems and Quantitative Analysis from the University of Arkansas, is a Certified Computer Examiner, A Cisco Certified Network Administrator, A Certified Information Systems Security Professional, and a licensed private investigator.