Saturday, May 26, 2012

Cyber Criminals


Last Christmas my brother called me and he was going nuts and asked me to quickly check my email. I went through his massage and I was surprised to find that someone posted an advertisement of a car that worth 30,000$ for just 6,500$ including shipment from Oklahoma to anywhere for free!!!  The website was craigslist and there are a lot of fraud and scam on this website. The owners disclaimed any fraud due to untrusted ads. My brother emailed the guy who posted this ad and told him he is willing to buy the car. Soon, the guy responded stating that he posted the car on eBay and provided a link to the ads. He explained that he is broke and lost his job and would like to sell his car as soon as possible to the first buyer and he doesn’t have time to wait, even though he was quite aware of the value of his car. We followed the link in the email and it was eBay website and everything was like the guy mentioned. But before hitting the (buy it now) button, we had a bad feeling that something was wrong: why hasn’t anyone bought this car before? After consulting experienced friends, it turned out that the website was fabricated and it was a perfect clone of the original eBay website with all the JavaScript, links and auto check reports. The hacker was very professional in his job to make my brother almost sign in his username, password, credit card and address information. It was scary that he will have full access to all his card information.

I wonder how many people found that fake advertisement; it must have attracted a crowd! This incident made me very skeptical about the privacy and security of internet transactions even though that website and the advertisement is still there. 
These are some tips that I would like to share about verification of the security of a website.

·     If you are visiting the website with a secure connection, you will be able to identify the website through the site's certificate. A secure or encrypted website address will begin with HTTPS rather than HTTP, and you will see a lock icon in the Address bar.
·   Website is certified by An Internet trust organization which is a company that verifies that website has a privacy statement (a posted notification of how your personal information is used) and that the website gives you a choice of how they use your information. For example TRUSTe website, the BBB Online website, or the WebTrust website.

A website might not be trustworthy if:
  • The site is referred to you through an email message from someone you don't know.
  • The site offers objectionable content or illegal materials.
  • The site makes offers that seem too good to be true, indicating a possible scam or the sale of illegal or pirated products.
  • You are lured to the site by a bait and switch scheme, in which the product or service is not what you were expecting.
  • You are asked for a credit card as a verification of identity or for personal information that does not seem necessary.
  •  You are asked to provide a credit card number without proof that the transaction is secure. 
Finally, it is hard to keep personal information safe when we using internet on computer or smartphone but less information you provide on a website the more privacy for your information. I wish to you all safe surfing. ;)
Posted by at

4 comments:

  1. Hashim AljohaniMay 26, 2012 at 9:21 PM

    Every day our email inbox jammed by ads from commercial companies that mostly scams. Those ads seem very attractive to the consumers and it is targeted to you by your search habits and websites visited but the critical question is; should we follow these links?

    ReplyDelete
  2. UnknownMay 27, 2012 at 12:15 PM

    I would have to say..no, we should not follow those links!! If they are from a legitimate site where you bought something in the past, you can probably unsubscribe from their email list (unless you like getting their ads). If they are from an unexpected source, they are at best spam and at worst links to sites that try to fish for your credit card number or install viruses. Mark them as spam and delete, and your email provider will hopefully block them in the future.

    Some of these online criminals are really sophisticated. It's pretty terrible how they scam people to steal money and identities. I think you gave some great advice in this post on how to avoid it.

    Another thought about keeping your computer secure online: sometimes, even legitimates sites get compromised by hackers who manage to inject some bad code. This happened to youtube a few months back, for a couple hours watching certain videos would install a virus. (Youtube fixed the exploit pretty quick.) There are also examples of news sites, religious sites, etc. being compromised. Unfortunately there's no way to be completely safe online. But it helps to keep your antivirus up to date, as well as your operating system, your web browser, and your javascript!

    ReplyDelete
  3. Kun-Po LiJune 1, 2012 at 1:41 PM

    Hashim’s story is really scary! I bought lots of things on Craigslist last summer when I came to Cincinnati. Thankfully, I did not encounter those hackers. This story also reminds me the novel “The Girl with Dragon Tattoo,” which has been adapted to big screen. The main character in the novel used similar way to hack some important information from her opponent. Now I am realizing this situation does not only exist in novel or movie, but also in real life.

    ReplyDelete
  4. Mohammed AldawsariJune 2, 2012 at 8:04 AM

    Hashim , how did you come up with this idea to check on the original site of e-bay for the same ad that you got in Craigslist especially, when he gave you a link for one of the most popular sites , most people trust on anything that comes from well known commercial sites. I think you were lucky. Everyone has to be careful when he deals with individual sellers especially for those ads that are posted in Craigslist.

    ReplyDelete

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)