25 Security Scams To Watch In The Down Economy

Recession. Foreclosure. Layoffs. Debt. Yep, like it or not, that's the reality of today's economic environment. And in a tough economy, the cybercriminals get tougher. Security experts say to prepare for a windfall of malware, baited by offers for home refinancing and low-interest loans that exploit users' economic fears.





But, no matter how attractive the offer (like the supposed Free Foreclosure Search at left, tracked down by SonicWall researchers), the chances that you will gain access to truly valuable information, receive government money, or get that zero-down home mortgage, are pretty slim. Here are a few examples of how cybercriminals are taking advantage of users' fears and the weak economy.





Now run screaming in the other direction.

It's the tried-and-true 419 scam, named for a section of Nigerian criminal code dealing with fraud. You'd think people would stop falling for this one. But after all these years, it still seems to be as popular as ever.



Researchers at Fortinet found that this time, the attackers impersonate a Royal Financial Investment Company (yeah, convincing) in which they attempt to trick users into submitting all kinds of personal identifying information online, presumably so it can be used for identity fraud schemes.



First of all, what credible lending organization would make its home base in Nigeria?



And second, who would say, "we offer all kinds of Loans to serious minded persons within one weeks of reaching us?" With a little luck, the attackers' deplorable grammar will serve to further eradicate any traces of doubt in the minds of cash-strapped users looking for a 3 percent interest loan. But you never know.

Facebook never seems to let the spammers down. And no doubt, Facebook members are among the huddled masses looking for ways to make more money. So it stands to reason then that there will inevitably be solicitations for all kinds of online money-generating schemes.



The Facebook message, found by security experts at SophosLabs, begins with a reference to the bleak economic environment. Facebook users are then requested to click a link, which directs them to a Web site that purports to answer their prayers.

Blame it on the relative novelty of social networking sites, but many members still trust unsolicited links on their Facebook or MySpace pages simply because they appear to come from someone they know. However, spammers have become adept at exploiting that trust. But the same rule still applies with unsolicited links or attachments in e-mail: When in doubt, don't.

SophosLabs researchers found yet another version of the 419 scam. Only this time, the victim is contacted by someone from a Gmail account claiming to be from the United Nations. According to this message, the United Nations has been deliberating for the last seven months on a widespread compensation package, to the tune of $250,000 per person, for worldwide victims of cyberfraud.





Of course, the victim's name was at the top of the list of those in need of compensation. And a representative located in Nigeria (of course) is primed to send a check for $250K to the willing recipient. All the user has to do is send bank account information for the financial transaction.





In the days of a global economic crisis and credit crunch, the offer seems incredibly generous. The upside, if there is one, is that those users who actually have been scammed in the past will likely run very fast in the other direction, especially from a hokey pitch like this one.

Can you tell which one is the real bank Web site?





Most can't. As users become increasingly savvy to attacks, hackers will step up efforts to trick them into opening malicious links or redirect them to malicious sites. This means that attackers will often fool users into handing over personal info with Web pages that are practically identical to banking or PayPal sites, like the one in this example, discovered by researchers at VeriSign.





There generally, but not always, will be clues as to the authenticity of a Web site, whether it's an unfamiliar URL or grammatically incorrect English or the absence of contact information on the site. But when in doubt, it's always best to go to the bank site yourself.

In this time of economic crisis, who doesn't want to eradicate all of their debts, being freed from payments to creditors, or any other problems at all? All the user has to do is click on the link. It seems so easy.







This scam, found by researchers at SonicWall, exploits the growing number of users that are trying to shovel themselves out from under mountains of debt. But, no matter how appealing an offer like this may seem, clicking an unknown or unsolicited link will likely result in an unhealthy dose of malware executed on users' computers.

Experts at SonicWall say that more and more phishing attacks will contain just a few words and a link. And like moths to a flame, users will almost inevitably be compelled to click links, especially if it means that they will be the recipient of a debt-relief package. But don't do it. Instead of debt relief, users will likely end up with information-stealing malware on their computers.

Look at how happy this family is. And most people would be happy, too, if they only paid $10,000 for a house.





While foreclosures are occurring at record levels, and property values are on a steady decline, things like houses and loans still aren't being given away. Many of the scams, like this one found by SonicWall researchers, will not only take advantage of people's fears in the down economy, but take advantage of people trying to take advantage of opportunities in the economic crisis.

Never underestimate the power of malware authors. Trend Micro researchers detected this page that appears in every way to be from Bank of America. In reality, however, malware authors created a phony site designed to trick users into submitting personal or financial information and login credentials.





One dead giveaway, however, is the site's URL. And glancing at the bottom of the screen, where is that telltale padlock symbol, indicating a secure connection, hmmm?

It's no secret that the weak economy and serial corporate layoffs have boosted the number of unemployed to record levels. As a result, there are more job seekers than ever. The cybercriminals know that too.





Sites that provide job services are in abundance, but users need to be wary of job offers or services that look too good to be true, or those that require them to submit personal information unsolicited, like this one detected by Trend Micro.

At first glance, U.K taxpayers will likely be pleased that they are getting money back from the government instead of forking it over. Plus, the amount refunded is small enough -- about $120 -- that it actually seems believable.





This scam, detected by researchers at Websense, requests that users click on a link in order to access their tax refund form from HM Revenue and Customs. Needless to say, this is a bad idea. The application will no doubt request personal information, such as address and date of birth, that can be used for identity theft. Or the online application itself could contain malicious, information-stealing code used to pilfer data from unsuspecting victims.



Either way, it's best to forgo the "refund" no matter how hard up you are for cash.

Since the beginning of the economic meltdown last year, there is no shortage of bank scams. This time, the fraud appears to be from scammers impersonating Halifax Bank, which was discovered by researchers at Trend Micro. First rule of thumb: Banks never need to "reconfirm logins or passwords," especially online. Chances are that the link in the page will lead to a malware site.





As always, don't offer personal information from unknown sources. And if there's any question of authenticity, go directly to the organization yourself.

What do you get when you have a financial crisis during tax season? Among other things, you'll get more cyberattacks exploiting both.





Tax scams are nothing new. But in an economic environment in which more users are pinching pennies, attackers capitalize on the fact that people are more eager to believe that they're the lucky winners. This scam, detected by Trend Micro researchers, alerts users to the fact that they might receive an extra $203.59 from Uncle Sam. All they have to do is send along their name, debit-card number, and last four digits of their Social Security number.





Don't let that IRS logo fool you. The U.S. government has this information already, and will not hit up citizens to provide this kind of information over the Internet.

More tax scams. For cash-strapped individuals, every little bit helps, right? But don't let the desire to get a few bucks ahead, in this case $192 ahead, impair judgment when it comes to clicking on unknown links, like this one, detected by researchers at Barracuda.





As tax season rapidly approaches, expect to see a lot of these types of scams rolling around in the next few months.

Don't open that attachment. Chances are it will be an infected file that will install malware on your system.





In a failing economy, hackers can bank on the fact that a significant portion of their attack base will be on job search sites such as Monster.com.





These sites, receiving tens of thousands of resumes every day, will almost never have the time to send anything back. However, in this attack, discovered by Trend Micro, users are clued in to the fake jobs site with the ad's grammatically incorrect English.

Got to hand it to attackers for their creativity. However, there must be some individuals out there who believe that their Western Union transactions have been halted because they're being investigated by InterPol.



Needless to say, the bad grammar and a less-than-credible story give this one away as a scam, discovered by Trend Micro security experts. Not to mention it's pretty presumptuous to assume that all Western Union users will have a printer readily available.



In any case, never open attachments from an unfamiliar source.

It was only a matter of time before hackers started exploiting Obama's newly approved economic stimulus package. In light of the bleak economic outlook, spammers have their own special kind of stimulus package.



Many are wondering how the almost $800 billion stimulus package will be allocated. In this scheme, detected by Symantec researchers, attackers exploit users' suspicions of government spending, which in this day and age, is not hard.





Instead of waiting to be spammed, go to a real federal government Web site, and find out for yourself.

It's a sign of the times. The tidal wave of foreclosures, financial ruin and the threat of homelessness are great fodder for cyberattackers.





Of course, losing personal information, or even more money, to cyberthieves doesn't help. No matter how fearful, users should steer clear of scams like this one, discovered by researchers at Symantec, and avoid clicking on unsolicited links.

Wow. In this attack, discovered by Symantec researchers, the recipient is told he or she could be a millionaire AND put those greedy CEOs in their place. What a deal.





In hard economic times, people's emotions run deep. But stay in control and avoid falling for scams like this one. There's no such thing as a free lunch, and that goes double in an economic crisis.

As people's incomes shrink, or are eliminated altogether, they rely more and more on credit to stay afloat, thus racking up mounds of debt.





Offers to help consumers get out of credit-card debt and reduce medical bills, like this one discovered by Symantec, will be more prevalent as the economic crisis worsens. But take them with a grain of salt. There are other ways to overcome debt. Falling for a malware attack isn't one of them.

Fear-mongering is a tried-and-true tactic of cyberattackers, and that holds especially true in a climate in which so many individuals are fearful of economic collapse.





In this scam, found by researchers at Fortinet, attackers target Bank of Scotland customers by indicating that the economy is on the verge of collapse. The only chance of salvation, of course, is to click on the provided link, sent in a grammatically incorrect e-mail with capitalizations in odd places.





In reality, opening an unknown link, like the one in this attack, will likely just lead to an unhealthy dose of malware.

Someone is offering to pay off all your debts? Really?





Well, actually no. In this scam, found by researchers at Cisco IronPort, there's a very good chance users will get malware on their computers. And if the malware includes an information-stealing Trojan, clicking the link could arguably put users even more in debt. In truth, the only one who is going to pay off your debts is you. Best to stay away.

Just about everyone. But this isn't the way to go about it.



In this scam, discovered by Cisco IronPort, the Ed McMahon-looking guy with the big check appears to be very believable. But chances are, those links on the Web page lead to malware sites.





Meanwhile, Publisher's Clearing House isn't going to be delivering their oversized checks via e-mail. Hold out for the man himself showing up at your door with flowers and TV cameras.

You know a guy who obviously beat the system by finding a way to make hundreds of thousands of dollars a month working one hour a day. Upon visiting this spamvertisement, found by SophosLabs, users are treated to a touching personal account from an honest-looking chap who, like millions of Americans, claims to have worked hard, lived paycheck to paycheck and accrued oodles of credit-card debt. Then one day, of course, he applies a mysterious "system" that allows him to make $170,000 in one month.







For those who are really living paycheck to paycheck in this down economy, the thought of making almost $200K a month is wonderfully appealing. But the vulnerable user will be duped out of money at best, or be forced to download malware at worst. Meanwhile, the old adage still applies, if it looks too good to be true, it probably is.

Apparently not Google, or so say the scammers. Scammers assert that you, too, could be rolling in money just by filling out forms and doing searches on Google and Yahoo.





In an age of mass layoffs, security experts say that work-from-home scams, like this one found by Cisco IronPort, will flourish simply because more people are at home looking for work. But wait just a minute. Notice that contact information or even the company's name is curiously absent from this piece of spam. Meanwhile, the information victims provide can be used by attackers for spamming or identity theft down the road.





Unfortunately, there is no magic bullet for those suffering from job loss or massive debt. So don't give one to the spammers.