BC Business
Misled by "Microsoft"? Sideswiped by sextortion? In B.C.'s largest city and beyond, such deceptions have grown into a sizable business
ATTACK VECTOR Telephone (recorded message)
THE SCAM “Canada Revenue Agency” calls to inform you that you owe thousands of dollars in back taxes and/or fines; if you don’t pay them right away, you’ll be prosecuted or jailed
THE GOAL Money
THE TELL The real CRA doesn’t call you up to demand payment. Nor does it ask for payments to be made in iTunes gift cards or bitcoin
FEAR FACTOR $$$—the pop-ups can be alarming
ATTACK VECTOR Telephone, or pop-up warning from a suspicious website
THE SCAM “Microsoft Tech Support” has noticed some unusual activity and suspects your computer may have a virus. It offers to remedy the problem—sometimes by directing you to a website, asking your permission to remotely control your machine
THE GOAL Money, identity theft, malware insertion, botnet integration (claiming your computer as part of a matrix of remotely controlled computers, which in turn are used for illegal ends)
THE TELL The technician, whose name is “Jack,” has a strong Indian accent; you work on a Mac; you don’t actually own a computer
ATTACK VECTOR Email
THE SCAM You receive an email with a password you’ve used before in the subject title. (The password has been purchased from a list of breached ones.) The email says the fraudster has installed two-way/splitscreen videocam software on your computer and has recordings of the pornography you’ve been viewing, and you, since you’ve been watching it. If you don’t pay up, they’ll send the video to your entire contact list—yikes!
THE GOAL Money—$7,000, paid in bitcoin, to keep your “dirty little secret”
THE TELL You don’t watch porn
FEAR FACTOR $$$$
ATTACK VECTOR Initially online (often through a dating or social networking site), then via email and, occasionally, telephone
THE SCAM Using a fake social media or online dating profile, the scammer builds a personal relationship with the victim over time—sometimes several months—then divulges an urgent need for money
THE GOAL Money, or intimate photos that are used to extort
THE TELL The scammer will usually have an for why they can’t meet in person, but still will express powerful feelings in a very short time. Look for spelling and grammar mistakes that seem out of sync with the love interest’s profile (a “Cambridge University professor” whose syntax is consistently poor, for example)
FEAR FACTOR $$ (but man, this one hurts)
ATTACK VECTOR: Emails from delivery companies like DHL, Fed/Ex and UPS
THE SCAM: A company emails you to say it tried but failed to deliver a package—and asks you to click a link to have it redelivered. The link will then take you to a dodgy website or install a virus
THE GOAL: Identity theft, malware or keystroke logger insertion
THE TELL: When you click on the sender’s address, it’s from a different domain or ends in a foreign country suffix. Grammar and spelling errors
FEAR FACTOR: $$ or $$$$$—if you actually click on the link
ATTACK VECTOR: Email
THE SCAM: “Netflix” emails, saying that your account has been suspended because it couldn’t “validate your billing information.” You’re then asked to click on a “Restart Membership” link
THE TELL: Sender’s domain name different from what you’d expect (i.e., not @netflix.ca)
FEAR FACTOR: $$
ATTACK VECTOR Internet hacking
THE SCAM Hacker takes control of your computer, then quarantines all your files so you can’t access your own information
THE GOAL To get you to pay a “ransom” to release the files
THE TELL None. By the time it’s happened, you’re out of luck
FEAR FACTOR $$$$$—even if you pay, there’s no guarantee they’ll turn over your files
ATTACK VECTOR Any card reader that can be accessed by public
THE SCAM A physical device that reads your credit card info is placed into the card reader slot of legit machines. A tiny camera is also often installed; it records your PIN
THE GOAL Your credit card, basically
THE TELL Avoid machines where the card feels too tight in the slot or there’s an unusual external add-on to the slot
FEAR FACTOR $$$ (most credit and debit card fraud is reimbursable)
ATTACK VECTOR Craigslist “Home for Rent” ads
THE SCAM Fraudster places a fake Craigslist “Home for Rent” ad. Responders are asked to wire transfer a security deposit to the owner, who is conveniently out of town. Or someone (usually, a tenant who has rented a place for this purpose) posing as the landlord shows a home to several prospective tenants, collecting a cash security deposit from each
THE TELL In the first scenario, you’ll be asked to send moneyoften by wire transferto someone in another city before seeing the property. In the second, you may not know until you (and all the others the “landlord” has scammed) show up, expecting to move into the same place
FEAR FACTOR $$ (Anger factor: $$$$$)