We all hear the warnings against internet scams. Don’t give out your credit card number. Don’t believe things that seem to good to be true. Make sure websites are secure (that the URL starts with “https,” not “http,” especially if you’re handing money over). Don’t use public Wi-Fi to make financial transactions. We read this stuff and we think, of course, this would never happen to me.
Except it almost happened to me yesterday.
I was on a popular teach-touch-typing site for my son. I accidentally clicked an ad rather than the “go forward” button: it was a pretty convincing ad that made it look as if it were a part of the program. It took me to a page that asked me to download some software onto Google Chrome. Well, I wanted to run the program for my kid, so I downloaded the software.
Then something suspicious popped up: a quick warning of “this program records all websites you visit.” Um: no. Panic set in. Every website? I was planning on visiting my email to print a contract later that day. It could have recorded my email password. If I had visited a bank account …
The strange application nestled itself in the applications bar of my Chrome browser. It turns out, it was shockingly easy to remove, but I had narrowly avoided a possible victim of internet fraud. Me. The one with the assignment to write about internet fraud the next day. You can’t let your guard down.
But don’t just take my word for it. Take Brooke Frizzell’s. CNBC reports that she got a phone call from her bank asking if her husband, Craig, had just called in from Miami claiming to have forgotten his banking password. Luckily for her, she knew that was impossible: Craig was currently in Milwaukee recovering from serious brain surgery and couldn’t make a phone call. But it wasn’t fast enough. The fraudsters got someone else on the phone and began draining her account. Luckily, the bank caught it quickly enough that they refunded her: all $3,500 of the cash the thieves took.
Still think this couldn’t happen to you? Martina did, too. FraudSmart details how she got a text message from her bank asking her to call regarding suspicious activity on her card. She did: and found out that her card had been used on a popular auction site to the tune of €686. She had never used the site before.
Then there’s a new twist on the “Nigerian Prince” scam. Rather than send you an email, they hack your friend’s Facebook account, stealing his or her password, and send you a desperate plea for funds. One Australian woman, Newser notes, almost fell for it, until she “noticed several odd choices of wording—and started wondering how her friend happened to be stranded in Lagos needing plane fare home, anyway.”
[A password manager can help users in thwarting some malicious actors. Check out our roundup of the best password managers here.]
Oh, and that Nigerian Prince? They caught him — several times, anyway. The New York Post reported on last New Year’s Eve that New Orleans police had nabbed 67-year-old Michael Neu, who was serving as a middleman to the Nigerian Prince scams. He had participated in “hundreds of scams” and was wiring money to Nigeria. He was facing 269 counts of wire fraud and one count of money laundering.
And in 2016, Nigerian criminal mastermind “Mike” was arrested and charged in Nigeria’s Port Harcourt. He was the head of a global network, reports Public Radio International, with over 40 people in Malaysia, Nigeria, and South Africa, heading up scams totaling 60 million. He used “malware to take over systems, fake email accounts to ask businesses for money, and romance scams,” in addition to the traditional advance-fee, Nigerian Prince fakeouts.
A Credible Threat
This stuff is real. It happens. I know multiple people who have been attempted victims of romance fraud on dating sites. And we’ve all gotten the Nigerian Prince email — and when I was a college student (back in the dark ages), before it was well known, I was all-in until he asked for bank account details. Then I bailed. And I actually felt guilt about it for days. The poor Nigerian prince!
Online fraud can happen to the best-intentioned. Stay aware, be alert, check your accounts, run legitimate software that hunts for viruses and malware, and change your outdated, weak passwords.