Download our in-depth report: The Ultimate Guide to IT Security VendorsInternet criminals are increasingly using unsolicited commercial email or spam to commit Internet fraud and identity theft, said McAfee.com.
Law enforcement officials and security experts at McAfee.com say that spam is often used to target unsuspecting consumers and lure them to "official looking" Webs sites - such as a billing center for an online service provider or the front page of a mortgage information form. When users enter their passwords, social security numbers or credit card information, the information may be taken and used or sold by identity thieves.
"Once someone has your credit card number ... you've opened the door for them to go into any type of online store or financial institution impersonating you," said Jimmy Doyle, recently retired detective sergeant of the New York City Police Department's (NYPD) Computer Crime Unit and an expert in online-based fraud and identity theft. "Thieves can assume your identity, run up charges against your credit cards, even get arrested - all under your name. And you may never know these things have occurred until it's too late."
Last year, consumers in the US lost US$17.8 million due to online fraud, said the Internet Fraud Complaint Center (IFCC), which tracks online-based consumer fraud statistics. An estimated 500,000 to 700,000 Americans fall victim to identity theft each year, making identity theft one of the fastest growing crimes in the nation. The IFCC added that 70 percent of Internet fraud complainants had email contact with the perpetrators.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=iAmong the individuals who reported a dollar loss, the highest median dollar losses were found among Nigerian Letter Scam (US$5,575), Identity Theft (US$3,000), and Investment fraud (US$1,000) complainants.
"The new trend in spam is its use to enhance fraudulent schemes and victimize unsuspecting users," said Doyle. "Once a person has fallen victim to identity theft, he or she begins a nightmare odyssey of cleaning credit history, filing police reports and dealing with creditors."
"The low cost and ubiquity of email usage has made spam the tool of choice among Internet fraudsters and identity thieves," said Srivats Sampath, CEO of McAfee.com. "Users must learn how to recognize and protect themselves from fraud and identity theft threats through a combination of education and technology."
Here are some tips from McAfee.com anti-spam experts on how users can protect themselves from malicious spammers:
* Never purchase Spam-advertised products!
Aside from encouraging the spammers, this also makes more of your personally identifiable information - name, address, phone number, credit card numbers, and the like - available to spammers. It also can guarantee that you'll get more spam at your email address.
* Always protect your personal information.
Only share your credit card, social security number or other personal information when making purchases from a company or financial institution that you know and trust.
* Never send personal information to email requests.
You should never be asked for a password, credit card number or social security number from a legitimate source via email. Beware official-sounding notices that require you to give up your personal information due to supposedly dire consequences.
* Verify any transaction.
If a Web site address looks different from the name of the organization that you're dealing with or if you have doubts about your transaction, look for a phone number on the Web site and call the organization to verify that the Web site is valid. Don't deal with any organization that doesn't clearly state its name, physical address and phone number on its Web site.
* Beware of get rich quick schemes.
If it sounds too good to be true, it probably is.
* Never pay 'up front' for loans or credit.
Legitimate lenders generally do not "guarantee" a loan or credit card before you apply.
* Refrain from clicking on Reply or Remove!
Some senders may remove your address, but others may flag your email address as 'live', and send you more spam or even sell the address to other spammers. Instead, you can forward spam to the Federal Trade Commission at email@example.com.
* Use a public email address when online.
Set up and use a public email address - either an additional address from your ISP or a free email address. Use this email address when participating in newsgroups, joining contests or anytime that your email is requested by a third party online. Potential spam will go to your public email address instead of your private email address.
* Don't post your email address online.
You'd be surprised how often you use your email address online for newsletter subscriptions, to join online groups or in chat rooms. Before you post your email address, know whether it will be displayed or used. Then use a public email address when necessary.
Email Filtering Tool
According to the Associated Press, Hotmail subscribers collectively receive more than one billion pieces of junk e-mail a day. Such spam accounts for 80 percent of messages received - not including mail blocked by Hotmail's first line of filters.
Email filter is a good tool to eliminate spam. McAfee.com, for instance, has an email filtering product, SpamKiller, which treats spam like a virus, recognizing unique spam content and removing them from consumers' email boxes before they read their email.
SpamKiller is connected directly to a user's POP3, MAPI-compatible or MSN Hotmail account and scans all incoming messages for addresses of known spammers. It then employs advanced filtering protocols that examine the subject line, body of text, message header and country code for trigger words or phrases commonly found in spam. Once detected, the spam is automatically removed from the user's inbox and quarantined for future reference if necessary. The product also help track the mail back to the source ISP and sends complaints to the spammer's service provider, while automatically returning a false 'bounced' email message to the spammer.