Fraud by fear
Most online frauds (and those in the real world for that matter) follow the same principles as those we have talked about: the offer of a great reward for seemingly little, but vital, information. A particularly nasty variation on this theme has recently arisen that appeals not to greed but fear.
It's old fashioned extortion in the worst possible taste. An email is sent declaring that the recipient has subscribed to or ordered material from a website offering paedophile content. Those not wishing to receive the items are instructed to forward their credit card details to cancel the transaction. Some, in revulsion, do just that, and we're sure you can guess the rest. Massive debt is run up on the credit card and no evidence of any order is found.
Fear of such abhorrent images is often the lever used to expose dial-up users to rogue diallers. A pop-up advertisement, usually featuring pornographic images, prompts the user to download a special program to view more images. The windows are often confusing, and some are downright misleading.
Once the 'No thanks' button is pressed, the application automatically installs itself and re-routes the connection to a premium-rate telephone number. A simple pop-up stopper (see below) will block most, but if you see one on your screen, don't panic: to be safe, do not click on any part of it. Simply close it by holding down the Alt key on your keyboard and then pressing F4.
Dial-up deceit
So far we've looked at frauds that manipulate your confidence, so let's examine another well-known scam where the emphasis is definitely on trickery. Rogue diallers are applications that affect people with dial-up internet connections (although broadband users should always make sure they disconnect or unplug their dial-up modem when they subscribe to faster services).
The first sign you will see is a pop-up window, and usually one that contains or offers access to pornography. The scammers work on the basis that most people will try to close the window in the fastest way possible, and so will place a large button saying 'press here to close this window' or something similar.
What you are not told, although it sometimes appears in very small print, is that pressing this button actually grants your permission to download the rogue software. This then re-routes your internet connection away from your usual internet service provider's telephone number to a premium-rate line, costing up to £1.50 per minute (recent tales of lines that cost £150 per minute are a myth).
The first sign you'll see that you've been duped is when your telephone bill arrives with an ominous thud on the doormat. Losses vary from a few pounds for light internet users to over £1,000 for the very unlucky.
There's good news on this front, though, as the premium-rate regulator, ICSTIS, has introduced new regulations for the companies that provide these dubious services. The services can't be banned outright because some companies provide diallers for people who wish to subscribe to pornographic websites but don't wish to use a credit card. It may be distasteful to many, but it is legal providing that the company clearly informs the user what is happening and how much is being charged.
Dialler software that doesn't conform to these rules, hence the 'rogue' label, can be blocked. Your first defence is a pop-up stopper. The SP2-enhanced version of the Internet Explorer web browser, as well as Mozilla Firefox and Opera, include this application, but you can download a free version here.
Many third-party firewalls now attempt to block diallers (the Windows XP Firewall does not have this capability) but the best advice is to stay calm and pay attention to pop-up windows if they appear. Don't panic, just close the window by holding down the Alt key and pressing F4.
Don't click anywhere in the window, especially if the advert is asking you to click on a specific button. If you are particularly concerned, you can ask your telephone line provider to block access to all premium-rate numbers, although there is often a small charge for this.
If you spot problems on your phone bill, call your telephone company immediately and then lodge a complaint with ICSTIS, but first check that other household members have not accessed these sites out of curiosity.
ICSTIS warns that some people, especially teenagers, may access such services believing that the monthly ISP subscription will cover the charges. It does not, and if this is the case you will have to pay. The new regulations do not provide that much protection for the average consumer, though.
Dialler providers rent lines through a company called a terminating operator, which in turn leases the phone number from one of the main UK operators, such as BT. Consumers are the last in the billing line, meaning that BT will have paid the terminating operator already.
If you query the bill, the terminating operator has to withhold the money from the service provider for 30 days (although this part of the regulation is still only a proposal at present). If you query the charge and ICSTIS finds in your favour, it is still your responsibility to get your money back from the service provider.
The good news is that these lines can be cut off if ICSTIS finds them behaving unethically, but there's nothing to stop them springing up again under a new name. That means prevention should remain uppermost in your mind.
Locking your doors
Keeping Windows updated through Windows Update will seal well-known loopholes, but it's time to talk about a few simple and free measures that will add an extra layer of security to your time online.
Firewalls monitor the traffic that comes and goes on your internet connection, and alert you when new applications such as keyloggers try to send messages from your PC. The free version of Zone Alarm will give you the option to block transmissions so, if you don't recognise the application, it's best to deny it permission.
Antivirus software detects viruses before they can be installed, but only those that are already known. The free version of AVG automatically updates itself once a day, although you can update it manually if you hear of a virus online.
Pop-Up Stopper blocks most unwanted windows from appearing, and anti-spyware tools detect and delete programs that duplicate data from the PC, such as those that record the keys pressed on a keyboard and send it back to fraudsters.
A large number of attacks against PCs are targeted at Microsoft's Internet Explorer web browser. A regularly patched version is reasonably safe but there are alternatives that don't attract quite as much attention from the criminal fraternity, and they're easy to install and use.
We recommend Mozilla Firefox and Opera, both of which offer tools to easily transfer your internet favourites to the new software so you won't lose your web bookmarks.
However, and it's worth saying this again, the best defence from online criminals is common sense. Remember that most fraudulent emails are sent at random, so you have not been personally targeted, and don't succumb to curiosity if you receive a mysterious email attachment.
The appeal of an online lottery win may be tempting, but it doesn't seem very likely, does it? And while we'd all like to think that one day our financial boat will come in, the chances of this happening because an African widow wants to entrust you, a complete stranger, with millions of pounds are zero. Any confidence trick plays on our best and worst characteristics: trust, naivety and greed.
A dose of perspective
We are often asked by readers what piece of software or equipment they can install to block criminals, or why the government doesn't simply imprison online crooks. We won't kid you that there are any easy answers to these questions. No single piece of software or hardware will slam the door on con men, and our police forces struggle to identify felons, let alone arrest them, because many operate from beyond our shores.
What we need is a healthy dose of perspective. It's true that crooks pose a threat to internet users, but their tricks are flimsy and don't stand up to even the most basic questioning. Remember that for every occurrence of fraud online, there are many hundreds of thousands of normal everyday transactions through online banks, shops and auction sites. A few simple tools and a good dose of common sense will help you put scam artists in their place.
Fraud and the police
If you receive a suspicious email, just delete it. Your local police won't thank you for bringing it to their attention, as thousands are sent at random every month. Those who have fallen for such scams have reported that many police forces seem disinterested in taking on the cases. The fact is that it can take a lot of effort simply to discover in which country the crooks are based. Finding the evidence to build a case for individual frauds is seen as an unrealistic task.
As the majority of scams are committed by organised crime lords, the battle in the UK is left principally to the National Hi-Tech Crime Unit, a division of the National Crime Squad. If you have fallen prey to an online crime, report it to your local police, but as with many house burglaries, don't hold your breath to see a conviction.
Who's liable anyway?
Anyone lured into sending money direct from a bank account, by money transfer for example, will have to bite the bullet and accept their losses. Those defrauded by phishing scams have been reimbursed by banks anxious not to see the credibility of their services dented. As losses rise, that may change.
The Association for Payment Clearing Services, which represents UK banking organisations, has indicated that banks may no longer do so where it is thought that users have not paid heed to warnings about phishing.
No actual guidelines are yet in place, but you should be extra careful when dealing with communications from a bank. Just remember that anyone who asks you to reveal sensitive information in an email is probably a crook.
Secure your PC for free
Security companies are always keen to sell you products that can keep your PC safe, but there is a way to do it without spending a penny, providing you use some common sense. The essential tools you need are a firewall, an antivirus program, a pop-up blocker and an anti-spyware tool.
The following four will give adequate protection for home users. Just remember to update Spybot before running it, and to run it about once a week. AVG will update itself once a day, and ZoneAlarm will tell you when it needs to be updated. Updating simply adds new information to the application to block newly found threats.
Zone Alarm
Spybot
AVG
Pop-Up Stopper
Do you agree?
Have your say on this article