What are these? Scam, Spam, Game & Phishing?

Website Help

Scam

Nigerian 419 Scam

Scam emails and letters can be dangerous, if you believe the individual talking to you. How many people do you know of who would be crazy enough to send you US $10 million, just like that?! Never happened to me, and I know people who have that much money...

If you have doubts, talk about it to other people: friends and family, but also Internet web sites talking about scam (like mine right here, see the Contact page if you want to talk to me...) Ask these people to read the email or letter and they will let you know what they think. Again, nobody receives spontaneous job offers to good to be true or checks with large sums of money.

Because the biggest problems started with Nigerians, it was named after them: Nigerian 419 Scam. However, today these scam happen from all over the world including Europe and Canada and many other countries. Note that these scams started before the Internet. They used Telex and Faxes to start with. They could still do so (thought it's more expensive for them, richer scammers could do that too. And in the US you have Local Fax Services accessible via the Internet... so watch out!)

One important thing to keep in mind: there is nearly no way to get your money back if you sent it to another country. That's because trying to rescue US $20,000 from an African country will cost you over US $100,000 in fees. Not worth it and thus, just keep your $20,000. People in Nigeria are generally poor and when they are not they don't need your money. And remember that $10 for an African can already go a long way. So if someone tells you that somehow the fee is $2,000... think about it twice!

Each country has its own policy in regard to scams like those. If you are American, the Federal Trade Commission accepts scam emails here: spam@uce.gov (though uce.gov does not exist anymore... it is still listed on many of the FTC pages!) I'm not too sure what they were doing with the stack of spam emails... statistics? I guess they turned it off because there was no point anymore. You should visit the FTC in regard to scams if you had any problems or intend to talk to scammers. The FTC also provides information about spam.

If you fell for a scam in the U.S. that involved money and you are yourself living in the U.S., you may want to check out John S Chapman. His services are not free, but he will not charge you unless you can recoup money from the scammers.

Well... unless you want to practice Scam baiting. This is a fun game and I amuse myself at it once in a while. But it takes some time so I don't do it every time! Anyway, Scam baiting is when you answer these people. Of course, you do not give them any information such as your bank account number, etc. In general, you ask them to prove who they are. That way they send you documents such as fake photo IDs, passes, pictures of them with a panel with words you dictate to them, pictures with them making a face of some sort, etc. and you can put them on your website. Ha! Salif is a good example. He sent me a picture ID created on a computer with some webcam... You can read the information on how I can tell that's a fake picture ID. Doesn't matter much, if he wants money for a living he can just go to work like me.

Money Laundering

Other scams are about people really sending you money. That's extremely dangerous! These people usually earn that money illegally (selling drugs, prostitutes, illegal games, etc.) Then later they need someone to transfer large sums of money between countries. If you are the sheep you will not only be in danger of being killed by these people but also you will be on the list of people the FBI, Scotland Yard, KGB, etc. are searching for Money Laundering. This often happens when people tell you they search for resellers who manage their own account in your country.

Money Laundering is a crime which is pretty badly punished. Do it only if you want to become a criminal.

Just like with other scams, criminals will tell you that everything is fine. You know... you'll just be helping them in their business, perfectly legitimate (and the company papers they present to you will certainly be legitimate, but how is the company really making money?!) To give you an idea, the money laundry market in the U.S. and Canada are both in billions of dollars.

Spam

Unwanted commercial emails with 0.1% legitimate advertising/business and the rest...

For the largest part, spam emails are annoying. They sell products which most of the time are legal. However, they often use websites which are not just questionable most are simply fraudulent.

In general, if you receive an email you didn't ask for: delete it! Okay, follow the link to see what they are talking about. Then delete it and don't purchase anything. Quite frankly, I have looked at many of the Cialis, Viagra, Xamax, etc. websites, 99% of them are not properly represented legally. Some will even pretend that they are registered with the BBB Online or some other similar organization.

For sure, look at how secure their secure web pages are. Is it on an HTTPS server (i.e. the location starts with https://...)? Do they have a 3rd party certificate? Verify the certificate by (1) clicking on it, it must open another window in which you will see the actual business references; and even more important: (2) make sure that you are at the right page by using the right mouse click and looking at the actual URL of the sub-window (some people do show you the location bar such as VeriSign, but still check with the right mouse button, if the right mouse does not seem to react normally, forget it!)

These days, there are quite many auto-spam emails... I have started a page which list what I receive the most and is clearly spam: Increasing Spam.

Since I created Turn Watcher and advertised it here and there, I get over 100 emails a day from totally unwanted sources. Really, I have not be wearing a watch since I was 18, I'm doing fine in bed (it sounds like it at least...), I have a company logo, I don't need to lose weight, I don't play at casinos, I don't want so called free computers if I have to enter 20 other risk free deals (imagine the work! you need to enter your credit card info 10 times, then you need to call all these jerks back to cancel, all of that for a $500 computer?! not worth it!!! and very risky too), and also I don't have debts so cheap mortgage I don't need either.

A little bit of history... SPAM is the name of some canned meat. This dates from before the Second World War. At the time, in England, they authorized and did let people eat as much SPAM as they wanted. Of course, that certainly helped the company selling SPAM meat at that time. But after the war, people were fed up so the sales decreased dramatically. The Monty Python, later, made fun of SPAM in different sketches. The first recorded email of SPAM was in 1978. Other mediums had been used before to send SPAM: fax, phone, and even the telegraph in 1904! So... it's already _SINCE_1904_ years that our new super devices of communications have been used to SPAM each others...

Game

I put under Game letters and email which say that I won something like $1 million or more (other than Lottery, most of the Lottery emails are under Scams because these people are trying to get your bank account information and not just US $20.)

What's that about these US $20?!? Well... you see, if you win they need to send you a check and that cost them some money so you need to pay a processing fee.

Ho no! Wait! I didn't read the fine print. I'm buying a newsletter. How many copies a year? About zero? Is it really worth US $20? Any samples anywhere? A website where I can do my purchase? Hmmm....

Okay! The truth is that this system has been abused so much that one day the governments decided to write a law forbidding people who offer you to wind something to charge you ANYTHING to receive your prize. In other words, if you are paying, you didn't win. Cool hey?!

If I'm correct, I receive about 10 such letters a year saying that I won and I need to send between $5 and $25 to receive the information on how to get my prize. So watch out! There aren't that many real companies offering prizes of US $1 million or more. Publishers Clearing House is one of them. Notice that they have a website...

Phishing

Phishing started pretty much at the time businesses started to accept credit cards as a mean of payment on the Internet (in the mid-90's of the 20th century). Hackers will duplicate a legal business pages and ask people to go there and buy something. When someone does fall for it, that someone actually is handing his/her credit card information to a thief.

Now, Phishers are also trying to get your login and password (what we call credentials.) This happens for larger compagnies these days, but it can very well change in the future. Especially targeted are Paypal, eBay and bank credentials.

If you ever get caught, report it right away. You may feel stupid, but at least you won't lose your money (you have 60 days with banks, with eBay and Paypal, you are likely to have lost some or all of your money already... still report the problem and try all you can to get reimbursed! And it is important to have your account closed or changed with a new password.)

Quick notes on how to avoid phishing:

  1. A good way is to click on your usual bookmark and not follow a link from an email. This is a surer way to reach your bank, Paypal, eBay & the other businesses that you are working with. Note that some web pages may go in and tweak your bookmarks. So please, follow the following points anyway.
  2. Once on the site, see if it looks current. If you see an old version, you're probably on a hacker site! However, this is now sufficient. The best hackers will sweep the business's webpage before hand and you will therefore arrive on a page which looks 100% like the original.
  3. Verify the address in your location bar. It has to start with https://www.mybank.com and not anything else. Your bank and other institutions may add more names on the left side as in: https://business.accounts.mybank.com This is fine. The name of your bank MUST appear between the first two // and the following /. In other words, this location (URL) could come from a hacker: http://12.64.23.11/www.mybank.com. So remember this: the only valid name is between the first two // and the next /.
  4. If you have to enter any credential (login, password, credit card number) make sure the URL starts with https <- with the letter "S" at the end of HTTP which stands for Secure. Your browser shall NOT tell you that it cannot verify the certificate. That is, if it does, then the key is not trustworthy for a transaction with a company which deals with credit card or bank accounts.
  5. If you are purchasing something at a new business, verify their certificate. If you cannot find a link on the page saying Certificate or something like that, go away. When you click on the certificate, it opens another window. Check the address (URL) in that window. If you cannot see it, look at the Page Information (right click with your mouse, use the Apple key + mouse click on Macs). That page will include the URL/Address/Location. Make sure that the location correspond to the certificate issuer. For instance, you have VeriSign and GoDaddy certificate. Visit their websites to see what their URL is.
  6. Use whois to know who owns the domain name. If it doesn't correspond to the business on the website, be super suspicious! There are many websites which you can use to get whois information. At a prompt on a Linux or Mac computer, type: whois example.com
  7. An additional check you can make (and if you spend more than US $100, I strongly advice you do!), search for the company name in the state or country where it prentends to be registered. If you cannot find it, forget it! 99% of the websites selling Cialis, Prozac, Viagra, Xanax & Co. are not real businesses. There are other such businesses like these really cheap OEM Software which are actually copies of originals. Plus, quite often they will be located in another country and thus you will have to way to get your money back!