Thursday, 28 October 2010

Consumer alerts

Consumers need to be alert. They need to shop not just while awake, but with all their higher-order mental faculties operating at full speed. That’s because there are threats out there every day, all over the place.

The problem is that in these days of internet based commerce the ways in which people are trying to steal our money are numerous and varied.

In the last week we’ve had several reports of scams, all internet-based. The first was an email that claimed to be from Standard Chartered Bank but clearly wasn’t really. In fact it was a very clever “phishing” attack. You can see from the picture of the email that it’s a fairly alarming thing to arrive in your Inbox.

However when you click on the red “Click to Resolve” link instead of going to the Standard Chartered web site, you go to a site that bears a striking resemblance to it but in fact is a replica.

The replica site isn’t exactly like the genuine SCB online banking site but it’s close enough to be persuasive if you were in a hurry and desperate to “resolve” your banking crisis. It would be very easy just to enter your SCB Login ID and password without taking the time to look closely at the page and, more importantly, at the details of the web site you were visiting. In fact the web site address you are visiting is:
   [link no longer works, I alerted the hosts to the "hijacking" of their web site.]

Obviously nothing to do with Standard Chartered. The Fleming Artists web site that has been hijacked appears to be perfectly legitimate but clearly someone has managed to hide their phishing page there. You have to ask yourself how often you really look at the “URL” or web address you are visiting. It was only because I was playing the detective that I noticed it. We can probably be forgiven for not noticing the difference.

I’m no web technology expert but I suspect that as soon as you enter your Login ID and password those details will be sent to the person behind the scam and before you know it they’ll have signed on to the real SCB site and emptied your account.

I said that we can probably be forgiven for not noticing that the web address we’re visiting isn’t what we expect but that doesn’t mean you can blame the bank. It’s certainly not their fault if you carelessly give away something as important as your Login ID and password. Any bank will politely say that it wasn’t their fault someone copied their web page and posted it somewhere else.

Another scam came through to us in the same week and this was a bit nastier. This was one of the “romantic” 419 scams. In this situation not only is a scammer after someone’s money but they gain the trust of the victim with romance, emailed affection and lurve. These are even scumbaggier than most scammers because not only do they leave their victims poor but betrayed emotionally. I don’t have a little sister but these guys bring out previously unknown rather violent, big brother impulses in me. Images of broken noses and missing teeth.

The basis of the scam is traditional, there’s a large (fictitious) payment promised of £280,000 (about P3 million) that our victim is asked to receive on behalf the scammer who has wooed them with love and offers of marriage. As always at the last minute there’s a hitch. This time the combined British Inland Revenue (the tax authority) and the London Metropolitan Police issue an “immediate stop order” to prevent the money being transferred because a “tax” needs to be paid by the recipient.

All she has to do is cough up £2,150 (about P23,000) and she can have her money, as well as the eternal love of the donor. Except there is no donor, there is no P3 million, there is no such combined authority and they can’t even spell their address correctly. It’s all a scam.

Just out of interest I phoned the scammer on the number he gave the victim (+44 703 174 8738) which curiously is a prepaid cellphone number and certainly not the office number of a bank. When I asked him why he thought Batswana were likely to fall for his scam he felt insulted. “Are you trying to insult me?” he asked. “Yes”, I said, “I am.” That’s when he started screaming at me.

Here’s my suggestion. It won’t cost you too much but if you feel like ruining a scammer’s day why don’t you send him a text message explaining, in less than polite terms, what you think of him? I think it’s P1 well spent.

So how can you as a consumer stay alert? By learning about scams and risks, by ALWAYS being skeptical and not believing anything you read on the internet or in your email Inbox that comes from a total stranger. You can also join the Consumer Watchdog Facebook group and you’ll automatically receive alerts of scams and deceptions as we come across them. All for free. What do you have to lose?

No comments: