Top of Page

Fraud Prevention Center

Serving Those Who Serve


Advanced Fee Fraud/4-1-9 Scheme: In this scheme, a company or individual will typically receive an unsolicited letter from an individual residing in a foreign country (usually Nigeria) and claiming to be a senior civil servant. The recipient is informed that his/her help is needed to transfer very large amounts of money to his/her bank. The recipient of the letter, in exchange for the assistance provided, is promised a percentage of the funds transferred, but a fee is required to begin the transaction. Additionally, the victim may be tricked into providing access to his/her bank account and may even send legal documents to the scammer. This type of fraud is also known as 4-1-9 Scheme, from the section of the Nigerian penal code which addresses fraud schemes.

Email Scams: Email scams are perpetrated through messages that appear to have been written by someone other than the actual source.

Phishing: The act of sending an email to you falsely claiming to be an established legitimate enterprise in an attempt to scam you into surrendering private information that will be used for identity theft. The email directs you to visit a website where you are asked to update personal information, such as passwords and credit card, Social Security and bank account information that the legitimate organization already has. The website, however, is bogus and set up only to steal your information. Phishing, also referred to as brand spoofing or carding, is a variation on "fishing", the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.

Other forms of Phishing:

Spear Phishing: Whereas normal phishing goes after a large group of people, spear phishing is specifically targeted toward a single individual.

Vishing: A form of phishing used over the phone, most commonly used to get credit card information from trusting individuals.

Smishing: Similar to the other varieties of phishing, smishing uses SMS text messages to lure its victims. They often include a phone number or a website to get an individual to go there of their own volition, thereby making the process seem more legit.

Pharming: Similar in nature to email phishing, pharming seeks to obtain personal or private (usually financial related) information through domain spoofing. Rather than being spammed with malicious and mischievous email requests for you to visit spoof websites which appear legitimate, pharming "poisons" a server by infusing false information into the server, resulting in your request being redirected elsewhere. Your browser, however, will show you are at the correct website, which makes pharming a bit more serious and more difficult to detect. Phishing attempts to scam people one at a time with an email while pharming allows the scammers to target large groups of people at one time through domain spoofing.

Spoofing: A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so it appears the packets are coming from that host. Newer routers and firewall arrangements can offer protection against IP spoofing.

Spyware: Spyware is any software that gathers your information through your Internet connection without your knowledge, usually for advertising purposes. Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet. Once installed, the spyware monitors your activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about email addresses and even passwords and credit card numbers. Spyware is similar to a Trojan horse in that you unwittingly install the product when you install something else. A common way to become a victim of spyware is to download certain peer-to-peer file swapping products that are available today. Aside from the questions of ethics and privacy, spyware steals from you by using the computer's memory resources and also by eating bandwidth as it sends information back to the spyware's home base through your Internet connection. Because spyware is using memory and system resources, the applications running in the background can lead to system crashes or general system instability.

Because spyware exists as independent executable programs, they have the ability to monitor keystrokes, scan files on the hard drive, snoop other applications, such as chat programs or word processors, install other spyware programs, read cookies, change the default home page on the browser, consistently relaying this information back to the spyware author who will either use it for advertising/marketing purposes or sell the information to another party.

Licensing agreements that accompany software downloads sometimes warn you that a spyware program will be installed along with the requested software, but the licensing agreements may not always be read completely because the notice of a spyware installation is often couched in obtuse, hard-to-read legal disclaimers.

Trojan Horse: These are programs designed to appear as one thing, such as legitimate software, but actually will do something else. They are not necessarily malicious programs. A Trojan horse can be used to set up a back door in a computer system so that the intruder can return later and gain access. Viruses that fool you into downloading and executing them by pretending to be useful applications are also sometimes called Trojan horses.

Worm: Like a virus, a worm is also a self-replicating program. The difference between a virus and a worm is that a worm does not create multiple copies of itself on one system and that it propagates itself through computer networks. After the comparison between computer viruses and biological viruses, the obvious comparison here is to a bacterium. Many people confuse the terms "virus" and "worm", using both to describe any self-propagating program. It is possible for a program to have the blunt characteristics of both a worm and a virus.

Virus: A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. Thus, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells.