Online scams

The internet offers many opportunities for scammers. If someone approaches you online with a deal that sounds too good to be true then it probably is.

These scams can result in massive phone bills run up in your organisation’s name, the theft of your credit card details, access to your bank accounts or simply convincing you to part with your money in exchange for non-existent goods or services.

Remember, however, that the internet is a great resource for researching some of these proposals that come your way.

Try these useful websites to do a quick scam check:

• Australian competition and Consumer Commission spam watch www.scamwatch.gov.au
• Australian High Tech Crime Site: www.ahtcc.gov.au
• Australian Securities Investment Commission: www.asic.gov.au
• Australian Competition and Consumer Commission: www.accc.gov.au
• Urban legends reference site: www.snopes.com

Read this Choice article on online scams:

In some cases you may be covered by consumer protection laws. Check with the consumer affairs department in your state or territory.

Some of the main online scams are discussed below. But remember that many traditional offline scams such as pyramid schemes and self employment schemes are now appearing online. Email only makes recruitment to the scams faster.

Phishing and credit card theft

Phishing is the practice of sending out fake emails, or spam that look like they come from reputable organisations such as banks. The aim of phishing (‘password harvesting fishing’) is get the recipient to provide sensitive information such as usernames, passwords, account IDs, ATM PINs or credit card details.

Phishing attacks typically direct the recipient to a web page designed to mimic a target organisation's own visual identity and to harvest the user's personal information, often leaving the victim unaware of the attack. The information then allows the attacker to impersonate their victims and make fraudulent financial transactions. Victims often suffer significant financial losses or have their entire identity stolen, usually for criminal purposes.

Examples of organisations being targeted by phishers include well-known banks, credit card companies or well known internet traders requiring regular payments (e.g.eBay and PayPal).

What to do

Never respond to an e-mail that looks like it came from your bank or any of your credit card issuers no matter how official it appears. Contact the organisation by looking up their phone number or email address from another source. Chances are they'll tell you it’s a scam.

Don’t give your credit card numbers, bank account information, passwords, personal identification numbers (PIN), or date of birth to anyone who asks you for that information by email. No legitimate company will expect you to reveal sensitive information via email.

Look for telltale signs including an incorrect website address (such as www.commonwealthbank.com instead of www.commbank.com.au) and bogus ‘reply to’ and ‘sender’ details in the email’s header.

Never provide your client number, login name, credit card details or password unless you’re sure that you’re on a bona fide website. The best approach is to bookmark your bank’s website, and always log in that way.

Never respond to any offer to buy anything by clicking on the link in the e-mail. Even if the e-mail looks like it comes from a trusted source it might be a scam.

If you receive evidence of identity theft, such as unauthorised charges on your credit card bills, or unexplained transactions in your bank account, contact your bank first. If they confirm that identity theft has occurred then contact the police.

Internet dumping

This is where you download free software from a suspect site and as part of the licence agreement (the part that asks you to click ‘I agree’) you inadvertently consent to a change in telephone service.

While the software downloads, your modem connecting you to your usual internet service provider (ISP) is disconnected in the background by internet dialler software and transferred to a new number. The new phone service is more, resulting in a large increase in your phone bill.

You are most at risk on:

• adult sites
• some music and games sites.

The perpetrators of this scam operate within the law as you are ultimately responsible for anything you click ‘I agree’ to.

What to do

Internet dumping only affects dial-up connections rather than broadband. Check your dial-up settings regularly.

Remember that clicking the ‘I agree’ button is the same as signing a contract. Always read what you’re agreeing to.

Online auction scams

While the great bulk of online auctions are perfectly legitimate, you should still be careful. The most common scam is where you are lured into paying a deposit or even the full amount for goods that you don’t receive.

Other online scams

The so-called ‘Nigerian’ scams that appear to come from overseas, asking you to send money in return for a large lump sum being transferred to your bank account. Millions of dollars have been sent by gullible people – including people working in nonprofits.

Emails where the sender pretends to be a satisfied investor who has made big money investing in a particular stock, and needs to offload some of it.

Work-at-home schemes, lottery wins and prizes that require you to send money before claiming them.

Money transfers: These scams work on convincing people to accept a deposit into their bank account for forwarding onto a third party. In most cases this is likely to be illegal money laundering.

‘Amazing’ products that claim to boost your health, sex appeal or virility.