It’s National Consumer Fraud Week, here’s how not to be caught out

Security is one of those things we all have to be conscious of, and this week, doubly so, as Norton sends word of it being National Consumer Fraud Week. Are you aware of the cons being played online with you?

If the answer to that question is a shaky “yes” or a flat out “no”, this week is about fixing it, with National Consumer Fraud Week being launched by the Australians Consumer Fraud Taskforce to help you know more about your online actions and the privacy necessary for things you do.

“Everything we do on the Internet [from] researching holidays, emailing family or catching up with friends on Facebook leaves a trail of breadcrumbs about our location, finances and relationships,” said Mark Gorrie, Head of Norton in the Pacific region.

“With cybercrime on the rise and nearly one million new security threats released every single day, all of this information is at risk of being exposed.”

We all know about malware and viruses, but online scams are just as prevalent, with social media being used by criminals to penetrate your world and find vulnerabilities, luring you into a false state of security and sharing details without realising it.

“Last year the team at Norton observed that 70 percent of social media scams were manually shared,” said Gorrie, adding that “these scams spread rapidly and are lucrative for cybercriminals because people are more likely to click something posted by a friend.”

These sort of scams happen quite freely on websites we’re all using, including Facebook, and usually with a lure of a video we’re curious about or the suggestion of something being given for free, such as a free $25 voucher to a store. You probably already know there’s no such thing as a free lunch, but people are still caught out by these, and the moment a scam connects with a user, it will likely perpetrate to other like-minded folk.

Social scams try to bribe you with a freebie, but since when has any company offered something expensive for free, just like that?

According to Norton, some of the big ones found at the moment aren’t just trying to bribe you with the promise of a $25 or $50 voucher, but are rather posing as law enforcement tracking what may or may not be alleged legal infractions on the web.

Perhaps you were downloading something you shouldn’t have been, and you were concerned about getting caught: it is these sorts of activities that scammers are preying on at the moment, with an infected file delivering a pop-up message to your machine and locking several files via the crypto-ransomware, a new form of scam that asks you to pay for the privilege of having your files unlocked.

“Victims of ransomware are typically asked to pay USD$300-$500 to have their files freed,” said Gorrie, adding that “with nearly eight million ransomware attacks in 2014, it’s possible this could become a multi-billion dollar industry for cybercriminals.”

Trend Micro’s Tim Falinski says that it’s not just the ransomware you have to worry about, with bank phishing still a big deal.

These scams are old but still seem to get the result scammers are looking for, tricking people into the idea that they have received an official email from their bank, and to either click on a link that takes them to an official looking website and entering in their bank details, only to have these stolen later on, as well as the money contained within.

“We have also recently seen an email scan hoax involving the ACCC (Australian Competition and Consumer Commission) advising people that they are entitled to $400,” said Falinski. “As we get closer to the end of financial year we are predicting the number scams to increase, particularly involving the Australian Tax Office.”

Fake tax office scam emails aren’t going anywhere. They’ll be back in the next few months.

Falinski is right about that, and while we’ve yet to see any fake ATO tax refund scam emails in 2015, there has already been a pretty obvious fake speeding ticket scam sent out to Australian email addresses this year, proving this sort of thing does still work.

So what do you do to stop this, and how can you stay aware of what is and isn’t a scam?

“There are steps we can all take, as internet users, to defend against these attacks,” said Norton’s Gorrie, who said that the use of an up-to-date internet security solution is a big one, as well as making sure you use complex passwords.

“We also need to be wary of scareware tactics,” said Gorrie, which includes “versions of software that claim to be free, cracked or pirated can expose you to malware, or social engineering attacks that attempt to trick you into thinking your computer is infected and getting you to pay money to have it removed.”

Falinski’s advice is a little different, encouraging uses to be cautious when they click on anything online. “Think twice before you click on a link, download a file or share information online,” he said.

“Fundamentally we need to understand that cybercriminals watch the way in which we interact with our devices, seek out information, and then find ways to exploit that,” said Falinski, Trend Micro’s Consumer Director for the company in Australia and New Zealand.

“The best thing people can do is mimic the way they act in the real world in the online world,” he said, telling GadgetGuy that you’d likely be sceptical if something were free in the real world and that should bring similar practices online.

That’s not to say there’s no such thing as a free app that isn’t trying to con you, because there are certainly plenty of these. But if you’re concerned, Google is your friend, you can certainly search up information on if something is a scam or a virus, and if it isn’t.