Phishing
Cyber-criminals use fraudulent email and web sites (known as mirror sites) that resemble online or retail sites. They are designed to fool users into revealing personal information, particularly credit card numbers, account numbers and passwords.
Pharming
Pharming is an advanced form of phising that redirects the connection between an IP address and its target server. The link is altered, so that every time users try to connect with an organization's proper site, they are secretly redirected to a mirror site, without ever having typed in the incorrect (fraudulent) address.
Keyloggers and password stealers
These terms refer to malicious programs that find their way onto the computers of their victims. Each program gathers certain keystrokes and can collect the name of the user, passwords, and other personal and confidential information. The malware then sends the data to the attackers, who use it fraudulently.
The Trojan family known as Haxdoor, A311 Death, or Backdoor-BAC are one of the most common advanced malware. On an infected machine, each Trojan captures network information and logins and waits for the user to browse a web site (usually financial) that requires authentication. When this occurs, the keylogger collects transaction data, such as username and password, and then sends the stolen data to a dedicated host that enters the stolen data into incremental log files.
Advance-fee fraud
Popularly know as 419-fraud, advance-fee fraud is one of the oldest and popular scam. Originating in Nigeria in the 1980s, this fraud, circulating through postal mail and fax, quickly crossed the borders within Africa. The unsuspecting email users receive an email message allegedly from a family member of an African dignitary. The writer explains that following the death of the dignitary, a large sum of money will be blocked somewhere. With the user's help, and using his or her financial backing for the funds transfer, the contact says that it would be possible to release the money. A substantial reward supposedly awaits those who accept the contract.
Also in this category of swindling come the email messages that announce to recipients that they have won lottery after their email addresses came up in a draw. These scams qualify as identity crimes because they involve collecting personal and bank information from the unsuspecting internet users who are gullible enough to respond to these solicitations.
Redirectors
These are malicious programs that redirect users' network traffic to locations they did not intend to visit.
Internal Revenue Service form
This one involves the W-9095 form, sometimes named the W-8888 form. Attached to an email, the fictitious form is often accompanied by a fax number, to which it must be quickly returned. The message also indicates that users may lose certain tax exemptions if they fail to respond within seven days.
Hardware
In March 2005, the UK police found out that the London office of the Japanese bank Sumitomo has been under attack from a group of hackers for several months. The investigators initially believed that the criminals had used a Trojan to get into the bank's network. However, after several days of investigation, they found a tiny keystroke-recording device inserted at the back of the computer (where keyboard cable connects to the PC).
Some common characteristics of these products are: Can holds up to 2MB in memory; undetectable by software; transparent to the targeted machine's operating system; capable of recovering material on any PC; Price range varies from $20 to $200, depending on the memory; instructions and material available to build the device.
Cyber-criminals use fraudulent email and web sites (known as mirror sites) that resemble online or retail sites. They are designed to fool users into revealing personal information, particularly credit card numbers, account numbers and passwords.
Pharming
Pharming is an advanced form of phising that redirects the connection between an IP address and its target server. The link is altered, so that every time users try to connect with an organization's proper site, they are secretly redirected to a mirror site, without ever having typed in the incorrect (fraudulent) address.
Keyloggers and password stealers
These terms refer to malicious programs that find their way onto the computers of their victims. Each program gathers certain keystrokes and can collect the name of the user, passwords, and other personal and confidential information. The malware then sends the data to the attackers, who use it fraudulently.
The Trojan family known as Haxdoor, A311 Death, or Backdoor-BAC are one of the most common advanced malware. On an infected machine, each Trojan captures network information and logins and waits for the user to browse a web site (usually financial) that requires authentication. When this occurs, the keylogger collects transaction data, such as username and password, and then sends the stolen data to a dedicated host that enters the stolen data into incremental log files.
Advance-fee fraud
Popularly know as 419-fraud, advance-fee fraud is one of the oldest and popular scam. Originating in Nigeria in the 1980s, this fraud, circulating through postal mail and fax, quickly crossed the borders within Africa. The unsuspecting email users receive an email message allegedly from a family member of an African dignitary. The writer explains that following the death of the dignitary, a large sum of money will be blocked somewhere. With the user's help, and using his or her financial backing for the funds transfer, the contact says that it would be possible to release the money. A substantial reward supposedly awaits those who accept the contract.
Also in this category of swindling come the email messages that announce to recipients that they have won lottery after their email addresses came up in a draw. These scams qualify as identity crimes because they involve collecting personal and bank information from the unsuspecting internet users who are gullible enough to respond to these solicitations.
Redirectors
These are malicious programs that redirect users' network traffic to locations they did not intend to visit.
Internal Revenue Service form
This one involves the W-9095 form, sometimes named the W-8888 form. Attached to an email, the fictitious form is often accompanied by a fax number, to which it must be quickly returned. The message also indicates that users may lose certain tax exemptions if they fail to respond within seven days.
Hardware
In March 2005, the UK police found out that the London office of the Japanese bank Sumitomo has been under attack from a group of hackers for several months. The investigators initially believed that the criminals had used a Trojan to get into the bank's network. However, after several days of investigation, they found a tiny keystroke-recording device inserted at the back of the computer (where keyboard cable connects to the PC).
Some common characteristics of these products are: Can holds up to 2MB in memory; undetectable by software; transparent to the targeted machine's operating system; capable of recovering material on any PC; Price range varies from $20 to $200, depending on the memory; instructions and material available to build the device.
