If you have email, odds are that you're receiving not just spam, but a host of other more malicious messages in your mailbox; and probably on a daily basis, too.

The term "Buyer Beware" may never have been truer that it is in today's Internet connected world. There are several distinct types of fraudulent emails constantly circulating, though with minor changes within each campaign.

Most commonly recognized are the many person-to-person appeals for assistance from far-away places. Just as in real life, if someone emails you with the intentions of sharing a small fortune, odds are just about 100% that it's a scam.

Sometimes the author is looking to share an inheritance, other times it is money that has supposedly been embezzled (or misplaced) from a corporation, foreign government or an important client.

Whether the pitch comes from Africa, South America or Europe one thing remains the same: the perpetrator will eventually ask for "good-faith" money or your bank account numbers, so they can help themselves to yours.

We all want to get rich, but if you're approached with one of these "confidence schemes" you can bet your last dollar (and some do) that it won't be you.

Have you recently become privy to what appears to be a confidential stock tip between friends? Perhaps you've found yourself the recipient of an important-looking stock advisory newsletter, but didn't pay for the subscription.

If so, you can either believe that fate has directed such messages "accidentally" into your mailbox, or you can realize that these are just "pump and dump" investment scams.

The tactics behind such frauds are simple. The perpetrator either created the company and the stocks for the express purpose of this fraud, or bought legitimate shares in another company (almost always a penny-stock) with the hopes of making great profits.

Because stock prices are driven by demand, the only thing on the offender's mind is to drive up buying pressure so he can sell his shares for a profit.

Un-requested investment advice or "insider tips" received through email are not signs that you're about to have a lucky day. Acting on such solicitations will simply bring profits to the perpetrator.

A growing trend in Internet fraud is identity theft and a very sophisticated method, known as Phishing, has recently picked up steam.

The methodology is to send out legitimate looking emails that claim to be from large, reputable companies. Invariably, these frauds will claim that your account is subject to termination, your credit card has expired, or that a security breach has taken place.

Regardless of the specifics, you are urgently directed to log-in and reconfirm your personal and account information.

Such identity theft attempts will always appear to come from very well-known companies, (Ebay, Pay-Pal, AOL, CitiBank, etc.) for the simple reason that this increases the odds that the recipient of the email will be a customer of such a company.

The success of these email campaigns relies on two factors:

  1. The ease in which the perpetrator can fake the legitimate company's email address, and
  2. The fact that they can accurately copy the legitimate company's web site, graphic for graphic, line for line.

Unfortunately, perpetrators are so successful at doing both, that many victims obey the e-mail's directive and visit the fraudulent web site, where they will then "log-in" - thereby providing their name, password and other personal information to the perpetrator.

Many such scams will request a credit card, and even your social security number, just to "verify your identity" or, at least make your identity easier to steal.

Without a fairly technical understanding of HTTP and email protocols, there are only two safe ways to respond to such urgent solicitations:

  1. Log into your account with the merchant or service, but NOT through the links provided in the email. Instead, visit the site in question as you always do, via the saved links in your browser. If the request was legitimate, you'll no doubt be made aware of this when you're on the actual vendor's site.
  2. Simply wait a day or two. Because the Phishing sites are "hit and run" operations, they are typically taken down (or shut down) rather quickly, often within hours. If the links in the email still function after a day or two, the odds of the email notice being legitimate increase substantially.

However, be aware that almost no legitimate company will send requests that require you to submit personal information though a form contained within the email itself. If the email message has blanks where you are supposed to provide personal information, and some type of a submit button, it's almost assuredly a scam.

While the names, companies, fortunes and details of all three common Internet frauds will continue to change, just remember: no stranger is sending you a windfall or the stock tip that will make you one, and that both the emails and links to legitimate web sites can very easily be forged.


Copyrighted with all rights reserved by Stephen M. Canale