This week I have seen a number of media stories (blogs, papers and TV) highlighting the increase in online fraud and how Social Netwok sites are now being used to lure in the prey. Therefore, I wanted to remind you that if you own a website it is possible that it can be used as a part of these scams – without you even knowing. It is more vital than ever that you ensure your site is kept up-to-date and running the most recent versions of its content management system and other scripts.
Here is a brief overview of some of the recent scammer terminology as written in the Courier Mail, Saturday 5 March, 2011.
Fake text messages from financial institutions are used to gain access to your internet banking accounts.
When personal and financial details are sourced via social networking sites like Facebook and Twitter.
Emails from trusted organisations like the Australian Tax Office claiming a refund is owing to you. The email requests your bank account details (via a link) so they can deposit the refund into your account. I received this email twice last week – so be wary.
Forms and scripts on website pages are ‘hijacked’ by spammers and scammers, manipulating your site so that it is sending out masses of spam mail and you haven’t a clue. Hackers find the insecure script then use it for their own purposes – however you are the one seen to be the spammer.
A vulnerability is found in web scripts or FTP access is gained so that fake websites are uploaded to your web server, alongside your website. Usually they are fake banking websites that scammers use to gather peoples account data. It is these fake websites that people are directed to when they click on a link within an email like the Sham email described above.
Just as you are careful about your computer always runnng up to date software and operating systems, so to should you ensure that your website is running up-to-date applications and scripts.