Top 10 online scams

Having spied a whole new wired world in which to ply their tricky trade, fraudsters have dusted off dozens of seasoned scams and repackaged them for presentation via email.

In addition, the internet has bestowed upon con artists lots of fresh methods for parting the unwise and unwary from their money.

Even if it's not cash they're after, today's tricksters have discovered plenty of ways to turn technology to their advantage.

A mouse click on the wrong button at the right moment can turn a PC into an electronic snitch, prompting it to report to persons or parties unknown every move its user makes.

At times, computer use can be hazardous. Fortunately, Computeractive is here to help. If you want to avoid being hoaxed or scammed, take note of our guide to the top 10 confidence tricks.

Not a government grant
Perhaps the most notorious online con - and certainly the one with potentially the most serious consequences for unsuspecting victims - is the Nigerian letter scam, also known variously as the advance-fee swindle, the money-transfer hoax, or the 419 fraud.

This particular deception started life decades ago, targeting business owners, community leaders and similarly well-placed individuals with mail or faxed proposals.

Using email, perpetrators of the 419 fraud adopt a scatter-gun approach. While there are numerous variations on the theme, a typical example is an email message purporting to be from a relative or assistant of some corrupt government official.

This person, so the story goes, had used their time in office to siphon millions of dollars from public coffers and into a private trust fund.

Thanks to this official's sudden and unexpected death/imprisonment/disappearance, the funds are floating around in financial limbo.

With a little intercontinental assistance the cash can be spirited out of the country, often to Nigeria in past cases but now to other countries too.

The dangled carrot is a percentage share of the multimillion dollar stash, paid as a commission to the recipient of the email in exchange for their help.

The stick is a demand to open up an offshore bank account and deposit within it thousands of pounds, in order that your would-be benefactor can grease the palms of the trust fund management.

In fact, there is no government official, no multimillion dollar booty and no trust fund managers to bribe.

The only money switch ever likely to take place is out of the account set up by the unwary recipient and into the pockets of the contact, who is soon to be out of contact forever.

In extreme cases, victims of the 419 fraud are invited to journey overseas to meet the holder of the made-up meal ticket.

Former Northampton mayor Joseph Raca discovered that this was a bad idea only when he met up with his 419 fraudster in South Africa in 2001, when Mr Raca was kidnapped and his wife received a £20,000 ransom demand.

Fortunately, his kidnappers grew nervous when the police were called in and he was released unharmed.

Don't click here
The Nigerian letter scam is about as hard core a hoax as you're ever likely to encounter but charlatans work dozens of less ambitious tricks on unsuspecting surfers - and they can be every bit as insidious.

Perhaps the most familiar menace is spam: unsolicited email messages offering instant access to any number of unwanted commercial services, unbelievable one-time-only discounts on products you've never heard of or have no interest in, or yet another once-in-a-lifetime opportunity to get rich quick.

Receiving junk email is frustrating and many people look for a way out. You might be forgiven for thinking that the answer is to be found by reading through the unwanted message; most spam emails include within the body text a clickable link that holds the promise of removal from the mailing list.

Typically, such a note might read: 'You received this email because you signed up at one of our affiliate websites or a party that has contracted with our site. To unsubscribe from this list click here.'

However, following those instructions will result in precisely the reverse of the desired effect. More often than not, clicks on 'unsubscribe' links are used by spammers as an electronic signal that the email address is accurate and active, and ready to be sold to other spammers.

Pop and stop
Another internet irritant are so-called pop-ups - shrunken browser windows that from time to time appear as you surf the web.

Often these are straightforward adverts: harmless (albeit annoying) commercials that can be closed with a quick click of the cross found on the top-right side of the window.

However, many have more malicious intent. One common example is a pop-up window warning that, unbeknownst to you, the computer is transmitting your personal information to all and sundry.

In order to stop it doing so, the message goes on, you should click on the displayed link. At this point, a few things could happen.

Pressing the link might result in the main web-browsing window displaying an advert for a commercial product.

Another possible outcome is the initiation of the download dialogue box with an enticing promise along the lines of 'Free software!'. All you need do to enjoy such benevolence is click on Yes and the installation will begin.

However, to do so may well result in exactly the opposite effect of the pop-up's promise: far from protecting your PC from transmitting personal information, programs installed in response to a pop-up often fall into a category dubbed 'spyware'.

These are applications that masquerade as something useful to conceal their real, underhand intent.

The most infamous of the genre is GoZilla, a download-management program that includes 'ad-serving applications': computer code that reports your online activities.

The worst kind of pop-ups are persistent and won't take no for an answer, especially when the perpetrator behind the pictured example used a programming trick to launch a barrage of legitimate-looking Internet Explorer dialogue boxes, each imploring the user to click on OK to install 'free software'.

Come across a box like this and click on 'Cancel' and it'll keep at you, insisting that you must choose 'Yes' to continue.

Once encountered, there is no easy way to escape this kind of trap: a click on Cancel simply prompts another Click Yes! entreaty.

You can avoid being ensnared by using a pop-up prevention program, such as Pop-Up Stopper Free from Panicware, available as a free download on the Computeractive website here.

Bad form
Talking of things popping up, there's recently been a spate of con artists pretending to be kosher companies. The cleverest occurred at Christmas.

A lone trickster targeted customers of internet service provider AOL with an email that began: 'We regret to inform you that there was a recent attack by a hacker on your billing or password information.

'We have made a contract with SYI - Secure Your Information - to upgrade our account databases on to their web servers. Please go to http://256bit.at/secureaol and fill out the information requested.'

The email went on to warn that failure to do so would result in the user's account being suspended.

Those fooled into following this link found themselves confronted by a website sporting an official-looking AOL banner atop a form requesting extensive personal information, including credit card numbers and security details.

The site's design convinced many of its authenticity and, fearful of having their internet access suspended, these dupes duly entered the requested information.

Sadly, the site had nothing whatsoever to do with AOL and when the scam was exposed, those kidded into supplying their details had to spend time cancelling credit and debit cards; and no doubt many a week worrying about their private information falling into the wrong hands.

The lesson to be learned here is that respectable organisations like AOL never send out emails requesting the supply of personal information, nor do reputable companies ever instruct a representative to telephone a customer to ask for such details (another well-worn scam).

You might be asked to volunteer a few bits of personal information when calling a customer-services department with a query about your account and this will indeed be for security purposes.

However, be it via email or telephone, if someone unexpectedly requests your name, address, date of birth, credit card details, passport number and shoe size, then alarm bells should start ringing.

Going, going, gone ...
A similar scam to that described above has plagued PayPal, a secure funds-transfer system popular with users of online-auction sites such as eBay.

However, a greater cause for concern might be the auctions themselves. In the global marketplace created by these online bazaars, anyone can set up shop selling anything, even if they have nothing to sell.

Most of the time the tricksters are easy to spot - eBay uses a dark-spectacles icon to flag up new or fleeting users of its site and the feedback system allowing buyers and sellers to comment on one another's conduct does a good job of sorting wheat and chaff.

But serious scammers know the score, and the appraisal-by-peers method has an Achilles' heel.

Trading as Calvin Auctions, Chris Chong Kim spent two years selling and reliably delivering small items to countless eBay users, generating an enviable level of feedback praise along the way.

Armed with the thumbs-up from thousands of folks, he then posted a plethora of high-value lots - desktop PCs, organisers and notebook computers.

Spurred on by Calvin Auctions' good name, dozens of people placed bids on the items, eventually passing on hundreds of thousands of dollars in payment.

But the auction winners were to be disappointed. All his costly lots were bogus. His long-drawn-out ploy having at last come to financially pleasing fruition, he did a midnight flit to nowhere.

There are other scams that are recycled. In years gone by, you may have been approached by a con artist in a pub who had some 'unwanted' hi-fi speakers. Now he has a notebook PC to sell.

You'd be foolish to buy it from him. Always stop, think and apply common sense, and treat unsolicited email approaches in the same way as if they were made by phone or post.

Back exit
As well as allowing old scams to be repackaged in new ways, the internet has given crooks and cheats access to unwitting victims the world over.

Our investigation into online scams and hoaxes leads us to restate an age-old adage: if you come across an offer that seems too good to be true, it probably is.

Hoax virus alerts
Retired army officer Mike Turner of Hertfordshire is one of many thousands of internet users worldwide who've had the misfortune to fall for a convincing (but generally harmless) hoax virus alert.

Mr Turner received a message purporting to be an alert about a new and damaging electronic infection. The email warned that the presence of a particular file - JDBGMGR.EXE - on a computer's hard disk would indicate a virus infection.

Moreover, the email explained, when viewed in Windows Explorer, the infected file's evil objective would be camouflaged by a cuddly teddy bear icon.

Helpfully, the message included instructions detailing how to locate and delete the suspect file.

Mr Turner followed these guidelines and discovered that his computer was harbouring the file. Keen to prevent a virus wreaking havoc on his PC, he quickly vanquished JDBGMGR.EXE from his hard disk and thought no more about it.

Later, when reading a computer magazine article, Mr Turner realised that he'd been the victim of an email hoax.

Such mails are often received from well-intentioned friends or colleagues who forward hoax warnings after falling into the trap themselves. By deleting the named file, Mr Turner had actually removed a legitimate component of the Windows operating system.

SNIFF OUT THE SCAMS

The online world plays host to many more deceptions than we've space to cover in these pages but here are a few hoaxes to watch out (rather than fall) for:

Chain emails
There are numerous modern versions of the old-fashioned chain letter. A recurring example claims that, by forwarding on the received email, your information will be automatically logged by Microsoft as part of an experiment to see how quickly an email can permeate the online world.

As an incentive, the message says, every person who forwards the email will receive a $249.85 cheque signed by Bill Gates himself. Don't dip into your overdraft in anticipation of its arrival - it won't ever arrive.

Today's prize winner
As you surf, a pop-up window appears with a congratulatory message: 'Well done! You're today's internet winner. Dial 0906 STUPID to claim your award of a holiday/television/car!!!'

It's an advertisement, pure and simple. Dial the number to claim and you'll discover that the 'award' is a worthless discount voucher or similar.

Ditto text messages that arrive unannounced on your mobile phone with the promise of a £500 'reward' for dialling a (premium-rate) number: you'll spend £10 on phone charges to claim vouchers worth pennies.

Upgrade your '.co.uk' domain to a '.com' for £175
This is a recent scam, perpetrated by an outfit misleadingly called UK Internet Registry Ltd.

The company was collared sending out documents resembling invoices to owners of '.co.uk' internet domain names, informing them that the '.com' equivalent of their domain name is available, with a request for £175 for the registration service.

In short, this is a rip-off, albeit quite legal. Quite apart from the fact that an unused '.com' domain name can be simply registered elsewhere for roughly £15, UK Internet Registry Ltd's activities have been condemned by Nominet, the firm officially responsible for administering '.uk' domains.