Internet security experts have warned that even the most “streetwise” of people are being conned out of cash by sophisticated online scams.
ESET Ireland said it recently spoke to a Waterford man who, despite being very aware of online scams, was fooled twice and lost nearly €400 as a result. Christy told the online security experts he felt stupid for being scammed twice but “it looked so routine”.
“I use my tablet and phone every day to send and receive emails and use PayPal quite regularly to shop online. I would consider myself fairly streetwise when it comes to the internet and would be very suspicious of scams. I depend heavily on my online activities such as paying for holidays, making purchases on eBay, buying certain stock for the business etc,” he said.
This time, Christy got an email from what he thought was PayPal. It looked legitimate, so he followed the instructions and walked into the trap.
“When I opened the emails and read the contents I followed the instructions to the log-in section. It didn’t raise a red flag as it appeared identical to the PayPal site I am used to using.
“I again followed the instructions and entered my user name and password and this navigated me to the main PayPal home screen, again identical to PayPal’s own site. I then entered my card details and confirmed my status,” he said.
ESET Ireland has warned of very realistic-looking Bank of Ireland, Revenue, and DHL phishing scams as well as iTunes, Vodafone, LinkedIn, and other major brand names being abused by cybercriminals.
According to ESET Ireland, scammers are perfecting their methods of operation by building very convincing imitations of original websites.
In the case of the PayPal scam, the site looks nearly exactly like the real thing, except for the address line which is not ‘https’ .
The procedure for “confirming status” of a scam victim’s account then takes the person through a series of questions where they have to enter all their personal and card details, starting with giving away their username and password. A simple test of the validity of a suspected fraud site would be entering a bogus username and password. If it still lets you in, it’s got to be fake.
ESET Ireland recommends Irish computer users be vigilant when receiving phishing emails — tagging them as spam and deleting them immediately, without replying or clicking any links they contain. If you are unsure of any content or if in doubt whether the content is legitimate, contact the company in question directly and ask. Also make sure your operating system and antivirus software are updated to the latest versions, to make possible infections less likely to occur.
© Irish Examiner Ltd. All rights reserved