Fraud Tactics

There are all sorts of different fraud tactics out there, but their goals are all the same -- to get a hold of your personal, confidential, and financial information and use it fraudulently.

Some tactics are ones you might be very familiar with, and others may be brand new to you. Either way, you should familiarize yourself with these tactics so you can spot and prevent them.

Dumpster Diving: The act of rummaging through trash looking for bills or other paperwork with your personal information.

Malware: Malicious software that’s designed to harm, attack, or take unauthorized control over a computer system. Malware can include viruses, worms, Trojans, or a combination of all three.

Phishing: A scam in which replicas of existing Web pages are used to deceive you into entering personal data. Often used with scare tactics, such as a threat to close your account unless you take the prescribed action.

Vishing: A variation of the phishing attack that utilizes the telephone instead of the computer. You’ll receive an email with a phone number to call, and be assured that the phone is a safer way to provide information. You’re then sent to an automated phone system that captures your sensitive information.

Pharming: Pharming is an illegal redirect to a website that is not legitimate. These fake websites ask for personal information such as your credit card number, your bank account information, your Social Security number, and other personal information.

Trojan: A Trojan is malicious code that is hidden within another program that appears to be safe (as in the myth of the Trojan Horse). The Trojan allows attackers to gain unauthorized access to your computer to steal information. Trojans commonly spread through email attachments and Internet downloads. A common Trojan component is a "keystroke logger," which captures your keystrokes in an attempt to capture your credentials. It then sends those credentials to the attacker.

Spoofing: Spoofing is when an attacker pretends to be someone else by providing false data. Phishing has become the most common form of Web page spoofing. Another form of spoofing is URL spoofing. This happens when an attacker exploits bugs in your Web browser in order to display incorrect URLs in your browser location bar. Another form of spoofing is called "man-in-the-middle." This occurs when an attacker compromises the communication between you and another party on the Internet. Many firewalls can be updated or configured to significantly prevent this type of attack.

Spyware: Spyware is a type of program that is loaded onto your computer (unbeknownst to you), watches what you do, and then forwards that information to someone else. Spyware is most often installed when you download free software from the Internet.

Pop-Ups: A form of Web advertising, pop-ups are intended to increase Web traffic or capture email addresses. But sometimes pop-up ads have malicious intent; for example, when they appear as a request for personal information from a financial institution.

Virus: A computer virus is a malicious program that attaches itself to and infects other software applications and files, disrupting computer operations. Viruses can carry what is known as a "payload," which are executable scripts designed to damage, delete, or steal information from a computer.

A virus copies itself; typically, a virus only infects a computer and begins replicating when the user executes the program or opens an "infected" file.

Viruses spread from computer to computer only when users unknowingly share "infected" files. For example, viruses are commonly spread when users send emails with attached infected documents.

RetroVirus: This virus specifically looks for vulnerabilities within your computer operating system or any third-party security software. Most security vendors have some form of tamper-proof measure in place, so keep your patches up to date. RetroViruses are usually combined with another form of attack.

Worm: A worm is similar to a virus but with an added, dangerous element. Like a virus, a worm can make copies of itself; however, a worm doesn’t need to attach itself to other programs and doesn’t require a person to send it along to other computers. Worms are powerful malware programs because they not only copy themselves, they can also execute and spread themselves rapidly across a network without any help.