In the 21st century, the use of internet is now commonplace, but as with anything else, every good comes with its evil. Internet fraud has been the fodder of western techies. Stories of computer hacking have been rife elsewhere but never before has the thread of internet fraud been so close to ordinary African internet users.
In the 21st century, the use of internet is now commonplace, but as with anything else, every good comes with its evil. Internet fraud has been the fodder of western techies. Stories of computer hacking have been rife elsewhere but never before has the thread of internet fraud been so close to ordinary African internet users.
It began as those dubious emails from people usually with difficult West African names posing as bank officials who wanted to pass this large sum of money from a dead but filthy rich client through one’s account and then later share the spoils.
Such stories never flew for long because no one was stupid enough to send their account numbers to some generous oga or to some lottery competition that you did not participate in but still won.
However the latest type of internet scams is here and will rope you in so easily that you would never believe. It has happened to four people I know in the last one week, myself included.
It began with an official looking email from yahoo customer care requesting me to submit my email ID, password, date of birth and country of residence as part of a system upgrade which will delete unused emails those being the ones who did not submit their details.
After receiving such two consecutive emails , I decided to respond to the third one to avoid my address being deleted, but as soon as I sent my details, I wondered how yahoo could fail to know that I sue my mail everyday, let alone fail to know my password.
Two days later, I got the shock of my life when I received calls form my friends asking me if I had got robbed in a London hotel, and why I was asking for a loan of US$ 1,200 from everyone in my email address book.
When I tried to access my email I was shocked to learn that my password was wrong.
The name on for this now rampant practice is Phishing. It is the process of tricking or socially engineering an organization’s customers into imparting their confidential information for illegal use.
Riding on the back of mass-mailings such as Spam, or using ‘bots to automatically target victims, any online business may find Phishers masquerading as them and targeting their customer base.
The quality of the personal information reaped from the attack has a value all in itself to the criminals.
In the case of email addresses, the phishers trick your contacts to send them money by western union to their address of choice so that by the time they discover, they have made some fraudster rich.
According to online encyclopedia Wikipedia, Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Not only email companies are victims of phishing.
Today, online payment systems and banks are the target of these scams. In these cases people are tricked into submitting their account pin codes to fraudsters who then go ahead to withdraw money from their accounts before they know it.
Social networking sites like Facebook and My Space are also targets of phishing.
It is not only emails. Recently a Kenyan bank was a victim of a phishing attack.
A Business Daily report stated that unidentified individuals, supposedly based in the United States, created a look-a-like website for Equity Bank that was designed with the aim of getting the log in details of unsuspecting customers.
Customers who logged onto the false Equity Bank website (http://www.equitybanknig-plc.com), tried to log into their online accounts, and unwittingly given up their user name and password to the waiting criminals.
The false website looked almost identical to Equity’s real website (found at www.equitybank.co.ke), and on close examination one can tell that the sites have small but clear differences.
In my own case, I was able to access my account by requesting Yahoo to send me a link into my registered second account (something you should do).
That way, I managed to put a new password and stop them from accessing my email. For anyone who receives such officious looking emails requesting for personal information, always treat them with suspicion and try to reply to the messages first inquiring about their legibility.
Bear in mind that an employee of your bank, your internet account or your email has other easier ways of accessing your personal details than by asking you, so anyone who requests information from you is obviously not from that organization.