You are here: Rediff Home » India » Get Ahead » Money » Manage
Search: The Web
  Discuss this Article   |      Email this Article   |      Print this Article

Online frauds: How 'phishers' dupe you
Sachin Lele
Get news updates:What's this?
July 13, 2007

Congratulations! You have won a jackpot.'

The mail in your Inbox screams at you in bold letters.

Before you start dreaming of the latest gizmo you can buy with this money, take a deep breath. This is not the time to jump with joy. Somebody out there in the dark and anonymous world of the Internet is trying to 'phish' out your confidential data.

What is 'phishing'?

It's not much of a stretch from its homonym 'fishing' (a 'homonym' is a word that shares the same spelling or pronunciation (or both); each word, however, has a different meaning). In this case, however, it's not fishing in a lake or pond... it's 'phishing' out of your wallet.

In social computing parlance, 'phishing' is a criminal activity where the offenders manipulate people through computer systems and the Internet into divulging confidential information or performing certain actions such as credit card transactions. Throughout this fraudulent interaction, the attacker never approaches the victim face-to-face. At the same time, he gets confidential information about the victim that he can then use for his own benefit. 

Recall those email messages proudly telling you that you are among a privileged few to have won $ 10,000 in a lucky draw? Or that you have to call this special (costs a fortune a minute) number and stay on the line for a good 10 minutes to realise you have a 50 per cent discount on a ridiculously high priced vacation that no one in his or her senses would pay for.

A few other such scams to watch out for are:

1. You have won a famous Italian lottery...

Of course you have not! If you haven't participated in one, how on earth could you have won it? The next step is for them to ask you for a 'nominal' administration fee. In case you pay it, it's probably the last you will be hearing from them. Goodbye, thank you.

Not only would have they scooted off with your money, they would then even have your credit card number to cause further damage, if you have furnished such details, that is.

2. They can look into your future...

In this case, you receive correspondence as a letter or an email telling you that you are either about to experience an incredible stroke of luck, or that something horrid is about to happen to you or someone in your family.

Now what makes this believable is that the phishers add a few details from your personal life (that aren't too difficult to find online) to the text of the email. As gullible as we are, we tend to pick out an important event that is currently engaging us, like someone dear taking a flight, or a loved one in the hospital.

This is all it takes for us to part with some money, hoping the phishers will send more advice across. In most cases, they send more vague feelers across hoping to get more money; in other cases, they stop communicating altogether.

After all, a bird in the hand is worth two in the bush.

3. We have a magic cure...

This hits most people below the belt, literally as well as figuratively. These scams are run through advertisements, emails and pop-ups.

They claim to have a 'magic cure' (mostly from some rainforest in the Amazon) for baldness, cancer, AIDS and most other incurable ailments. The criminals target every person's weak spot through some preliminary search for personal information freely available online.

No matter how desperate you are, do not give into such incredulous offers. If such magic cures were indeed available, they would be stocked at the local doctor, and not on some obscure URL online!

4. Imagine yourself in your own beach house at Ibiza...


Many people are approached through phone calls or emails about free holidays for life.


To avail of this offer, they are asked to come to a lavish 5-star hotel where a presentation is made about the scheme.


Obviously, the scheme will seem very credible; you will be asked to sign up for a holiday package scheme for the next few years. They will even have fake satisfied customers present at the venue to make it more convincing.


However, nothing can be further than the truth. Here's the catch: You have to pay an annual fee and the company promises to return the money in a few years. You get a choice of dates on which you can can take your vacation. You can also sell the membership to anyone.


Seems too good to be true, doesn't it? More often than not, it is. You do get a choice of dates, but never the ones you want. You can sell the membership, but where on earth will you find a (sorry about this) bigger fool who will want to buy it?

These companies do not run long enough to return your money. As for the free vacation you were promised, you will have to pay quite a few taxes on it before taking off.


5. The famous 'Ponzi' scam


This is the mother of all such fraud/ phisher schemes for you will find them to be the most popular and present everywhere.


Keep a watch out for such 'Ponzi' or pyramid schemes. The basic logic here is that a binary tree of people who pay an amount grows and you are assured of great returns if you keep adding people below you who pay the same amount. That is, you have to make a chain of such people below you who will fork out the same amount of money you did.


Like most of these schemes, they fall out soon; only the people who get in early make a mint.


However, don't lose hope. There are precautions you can take to save yourself and your aunt your hard-earned fortune.

Here are a few precautions to avoid such scams:

~ If you happen to receive an email from a payment gateway (PayPal, Ebay, Amazon) or your bank, read the mail thoroughly. At first glance, the email will appear fairly legitimate. Continue to look for minor glitches. Dig deeper and you will find something amiss. That's the time you should look out for a dustbin in your vicinity.

~ Check out if the email has minor spelling mistakes or incorrect grammar. Has the company emailed you prior to this. If yes, were the messages similar to this one?

~ The smartest alternative is to call up the company that mailed you the message. Look up the number yourself. Do not refer to the one on the email, because there is a good chance you will be charged a bomb for it in case it's a scam.

~ An obvious piece of advice: do not click on suspicious links. In case you really do want to visit the website, manually type the address in your browser. Remember the emails from some of the private banks in India that tried to phish out your details in the recent past? Of course, the banks did well to alert their customers in double quick time!

~ Periodically check your credit card and bank statements to ensure no one is stealing cash or making purchases from your account.

~ Finally, keep a lookout for phishers; they are right under your nose, lurking around the web page you have visited, waiting to make a quick buck. Be alert and a little wary of unexpected or foreign mail.

Phishers have it easy as most of us are off-guard at work or home. Stay alert and you can heave a sigh of relief from these scamsters. Phish! Phew!

 Email this Article      Print this Article
© 2007 India Limited. All Rights Reserved. Disclaimer | Feedback