10 Ways to Spot an E-Mail Scam

The increasing flood of e-mail hitting your inbox can lower the guard of even the most cautious person. In the rush to keep up with important notes, it's easier than ever to fall prey to the scam artists and identity thieves who lurk online.

E-mail scams and phishing attempts evolve constantly, hoping to take advantage of the latest trends and current events. Although the e-mails change, the people behind them inadvertently send up the same warning signs again and again. We dug through mountains of spam to find the most prevailing trends. We've collected some actual scam e-mails and highlighted the warning signs to help you spot a hustle the next time one lands in your inbox.


1. Requests for personal information

No legitimate organization will ask for your social security, bank account or PIN number via e-mail – and none will include a link, sending you to a form to enter it. No matter how authentic these emails may look, ignore 'em.


2. Watch for typos or spelling mistakes

Scam artists are street smart, but many flunked basic grammar (or barely speak English). Look for mistakes like inappropriate hyphens or confusing "your" and "you're." If the note has multiple typos or grammatical errors, odds are it's not legitimate.


3. Clickable Web links in e-mails

Don't trust links to Web sites in e-mails. What might look like a legitimate address is often linked to a third-party site that looks official, but is actually run by thieves and scammers. These are the fast track to identity and financial theft.


4. 'Market research' or surveys that ask you for personal information.

Disguising scam e-mails as marketing is a classic ploy. You'll be asked to fill out a survey or enter a contest – requiring you to give personal information or "log on" to your account. Once you've done so, the scammers can use it themselves.


5. Stock tips from random people or companies

Got a "hot stock tip" via e-mail? It's probably a "pump and dump" scheme. The sender already owns shares – and when you and others act on the "tip," the stock price soars and he sells fast – leaving you with virtually worthless shares.


6. Attachments in e-mails from anyone you don't know

It should be common sense, but just in case, we'll remind you again: Don't open an attachment from someone you don't know – even if it appears to be your bank or credit card company. It's almost always a virus or spyware meant to steal your personal information.


7. Wordless e-mails

Some legitimate looking "e-mails" are actually just images. The danger with these is that clicking anywhere in the body takes you to a suspect Web site – where you may be fooled into entering personal information, or the scammer may slip spyware onto your machine.


8. Outdated information

Some scammers like to pose as technical- or customer support from a company you associate with – but fail to keep up with current events. For example, in the example above, the senders forgot that Earthlink bought Mindspring in 2000.


9. Red-flag phrases

If you see the phrases "verify your account," "you have won the lottery" or "if you don't respond within XX hours, your account will be closed," it's a scam – every time. Hit the delete button and don't look back.


10. Generic greetings

While you can't trust every e-mail that knows your name, you can definitely ignore the ones that start "Dear member" or "Hello friend." If your bank or credit card company is writing you, it knows who you are. So do your friends.

by Chris Morris

Nigeria actually arrests, shuts down online scammers

Nigerian officials have launched a new initiative called "Project Eagle Claw" that will target Internet scams coming out of the country. The Economic and Financial Crimes Commission has already made a number of arrests and shut down 800 websites, with many more to come.

It turns out Nigeria is taking measures to fight Internet scams—law enforcement there has shut down close to a thousand websites and made 18 arrests as part of a new initiative to save the nation's reputation and crack down on Internet scammers. The program, called "Project Eagle Claw," has only just begun, but Nigerian officials expect it to be fully operational in 2010.

Nigeria's Economic and Financial Crimes Commission (EFCC) described the initiative as "a renewed bid to clap down" (*clap clap*?) on Internet fraudsters. So far, the agency claims to have shut down 800 scam sites in addition to making the arrests, with many more apparently to come.

EFCC Chairman Farida Waziri said Wednesday during a US address to the National Conference of Black Mayors that Nigeria was working with Microsoft to fully deploy Project Eagle Claw, and that it will soon be able to take down up to 5,000 fraudulent e-mails per month. She also expects the system to send up to 230,000 advisory e-mails to victims every month.

Waziri explained that the EFCC's previous strategy for fighting cybercrime involved "cyber raids" and petitions—slow and ineffective in today's fast-moving Internet world—and that Eagle Claw would be much more proactive. "We expect that Eagle Claw as conceived will be 100 percent operational within six months and at full capacity, it will take Nigeria out of the top 10 list of countries with the highest incidence of fraudulent e-mails," Waziri said.

Indeed, if you live outside of Africa, Nigeria is practically synonymous with various scams, some of which predate the Internet. Thanks to the explosion of online connectivity in the last several decades, however, so-called "Nigerian scams" have taken on a new life of their own—fraudsters have managed to grift millions of dollars out of unsuspecting victims in recent years, with even major banks coming dangerously close to wiring their own cash halfway around the world.

This has caused an entire culture of scam baiters to spring up in order to troll scammers and distract them from the real victims (something that we here at Ars briefly dabbled in ourselves), showing that scams out of Nigeria are indeed more than a minor law enforcement annoyance. At this point, it's just nice to see Nigerian officials trying a more realistic strategy towards curbing cybercrime than merely blaming the victim, even if it may take years worth of enforcement before we see any tangible results.

By Jacqui Cheng

Malware worldwide grows 15 percent in September

A rise in malware has caused the number of infected PCs worldwide to increase 15 percent just from August to September, says a report released Tuesday from antivirus vendor Panda Security.

Across the globe, the average number of PCs hit by malware now stands around 59 percent, an all-time high for the year. Among 29 countries tracked, the U.S. ranked ninth with slightly more than 58 percent of its PCs infected. Taiwan hit first place with an infection ratio of 69 percent, while Norway came in lowest with only 39 percent of its PCs attacked by malware.


(Credit: Panda Security)

The study found that in the U.S., Trojans and Adware were the two most pernicious types of malware, followed by worms and viruses.

(Credit: Panda Security)

"This is a clear sign that hackers are becoming more and more sophisticated," said PandaLabs Technical Director Luis Corrons. "Cybercriminals have found news ways to spread their creations, frequently exploiting the latest news stories to launch attacks through social networks, videos, and e-mail. The huge amount of Trojans in circulation is due to the spectacular increase in the number of banker Trojans aimed at stealing user data."

The company based its results on data taken from users who scanned their PCs with the free Panda ActiveScan online tool. The results for September were gathered from August 28 to September 28 and compared with the results from July 28 to August 27.

by Lance Whitney
http://news.cnet.com/8301-1009_3-10363373-83.html

Red Hat asks US Supreme Court to bar software patents

Red Hat asks US Supreme Court to bar software patents.

Check Here