Criminals taking advantage of personal data found on social media and vulnerabilities of the digital currency system are two of the emerging Internet law-breaking trends identified by the FBI’s Internet Crime Complaint Center (IC3) in its annual look at online crime.
The IC3 said 12% of the complaints submitted in 2014 contained a social media trait. Complaints involving social media have quadrupled over the last five years. In most cases, victim’s personal information was exploited through compromised accounts or social engineering.
+More on Network World: FBI and IRS warn of pervasive, maddening business, consumer scams+
Some of the most complained about social media fraud methods identified by the IC3 include:
- Click-jacking: Concealing hyperlinks beneath legitimate clickable content which, when clicked, causes a user to unknowingly perform actions, such as downloading malware, or sending personal information to a website. Numerous click-jacking scams have employed “Like” and “Share” buttons on social networking websites. Research other ways to use your browser options to maximize security.
- Doxing: Publicly releasing a person’s identifying information online without authorization. Caution should be exercised by users when sharing or posting information about themselves, family, and friends.
- Pharming: Redirecting users from legitimate websites to fraudulent ones for the purpose of extracting confidential data. Type in an official website, instead of “linking” to it from an unsolicited source.
On the digital currency front, the IC3 reported that in 2014 virtual currency schemes more than doubled from the previous year. Bitcoin, Litecoin, and Peercoin, just to name a few, are popular types of virtual currencies, also known as crypto–currency, which can be used as an accepted form of payment at many online businesses. As this type of currency becomes more popular, criminals have comprised new ways of capitalizing on this market, bilking millions of dollars from victims around the globe, the IC3 stated.
Popular crypto-currency scams reported to the IC3 in 2014:
- Victims not receiving their crypto-currency mining equipment or mining contracts after they paid for them.
- Crypto-currency mining is the process of producing crypto or virtual currencies using computers. Computers are used to solve mathematical equations, generating crypto-coins.
- Victims sending high performance computers to crypto-mining datacenters to join others in a mining pool, only to be scammed by the operators. The losses included damages to computers during transit, receiving little or no crypto-coins from joining the datacenter pool, or having their computer stolen.
- Other victims have reported hacking of their virtual wallets, and then being blackmailed to get their money back.
The IC3 also pointed out the rise in scams involving businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments.
The so-called Business E-mail Compromise (BEC) scam has evolved over time (first reported in 2010) to where in 2014, victim businesses reported having personal e-mails compromised and multiple fraudulent requests for payment sent to vendors identified from their contact list. Business E-mail Compromise is linked to other types of criminal activity including romance, lottery, employment, and check scams. Victims of these scams may be used to unknowingly transfer fraudulent funds on behalf of the perpetrators.
The fraudulent wire transfer payments associated with BEC are sent to foreign banks and may be transferred several times but are quickly dispersed. Asian banks, located in China and Hong Kong, are the most commonly reported ending destination for these fraudulent transfers.
The IC3 has received BEC complaint data from victims in every U.S. state and 45 countries.
According to the FBI, it is still largely unknown how victims are selected; however, the subjects monitor and study their selected victims prior to initiating the BEC scam.
“The subjects are able to accurately identify the individuals and protocol necessary to perform wire transfers within a specific business environment. Victims may also first receive “phishing” e-mails requesting additional details of the business or individual being targeted (name, travel dates, etc). Some victims reported being a victim of various scareware or ransomware cyber intrusions, immediately preceding a BEC scam request,” the FBI says.
In 2014,the IC3 received 2,417 Business E-mail Compromise complaints with a total reported loss of $226 million dollars.
Other common scams reported to the IC3—which received an average of 22,000 complaints a month during 2014—included auto fraud, impersonation e-mails, intimidation/extortion scams, real estate fraud, confidence fraud/romance scams, and business e-mail compromise schemes.
Check out these other hot stories: