Data theft, Trojans and quotes from the Bible: the murky world of spam money lenders
The experts at Kaspersky Lab explain the dangers posed by loan offers sent out in spam and what can happen if users reply to spam messages.
They also provide some useful tips on how to avoid falling victim to unscrupulous financial organizations and Internet scams.
Spam money lenders: expensive and dangerous
Small organizations and private money lenders unable to compete with the scale of marketing campaigns available to big multi-national banks often resort to electronic mailings.
Quite often, these messages serve as a cloak for unscrupulous organizations whose services turn out to be far more expensive than advertised. Typical Internet scams may also distribute credit spam.
In order to collect information about the victim, they can offer their assistance in obtaining a loan and ask either for a password to the online banking system, a three-digit card verification value (CVV) or the user’s passport or contact details. This information can be used for example for drawing up false documents.
The loan scammer’s tools of choice:
1. Phishing – an attempt to steal a user’s financial data using fake web pages that imitate official application forms from well-known banks.
2. Malware attachments that imitate loan application forms or approved credit agreements.
Responded to a spam message? Watch your inbox fill up with even more spam!
A response to a spam email, even made without any intention to use the services offered in the advertisement, tells the spammers that the email address really exists and is actively used. Some spammers send messages to randomly generated address lists.
As a result, the number of advertising messages sent to the ‘exposed’ email box will increase significantly.
“We see fraudsters using all kinds of tricks to deceive users. Some senders introduce themselves as charity or Christian organizations that help the needy. Such messages may contain quotes from the Bible to look more convincing,” said Maria Vergelis, Spam Analyst at Kaspersky Lab.
“Others want to attract potential clients by promising them large sums of money (sometimes up to several million in cash) which can be granted in a short period of time (from several hours to a couple of days) without any pledge or guarantors, or any certificate of income and with a minimum number of documents,” she added.
“Please remember that any attempt to open an attached ‘contract’ can lead to system infection and the loss of data stored on the hard drive,” Vergelis advised.
. Don’t enter your personal details on dubious sites
. Don’t fill in HTML forms delivered from unknown senders, especially if your computer is not protected by an antivirus program that can promptly identify and block fraudulent links
. Never provide your personal data to third parties or enter into correspondence on financial issues with unknown “lenders”
. Do not run executable files or open attachments, especially archives and office documents from unknown senders in extreme cases, only do this after getting a safety verdict from an antivirus program
The full version of the report on spam money lenders is available at.
More information: Spam evolution 2013
# # #
About Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.com.
* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2011. The rating was published in the IDC report “Worldwide Endpoint Security 2012–2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2011.