It doesn’t matter whether you are an older person sitting at home, an international financial institution, or a government agency, at some point some unscrupulous scoundrel will try to separate you from your money. The IRS has been having a heck of a time stemming losses from fraudulent tax returns being filed with stolen identities. It’s a balancing act between making access to your organization so secure to block out the bad guys, and giving easy access to legitimate customers.
In the age of the internet, fraud is changing so rapidly. Law enforcement has just about given up and told the public and business alike, “You’re on your own.” We are the first line of defense against cybercrime. If the bad guys break through our defenses; we are told there is no back up.
In a world of digital everything, how are you to know if you are dealing with a reputable organization or just another fraudster with a stolen or fraudulent identity? No one is immune. From the poor unsuspecting home buyers to international banks, losses from fraud are exploding. Only a few years ago an unsuspecting young couple buying a house was tricked into sending their hard-earned closing money to a phony title company. The fraud was diabolical and easy. They spoofed by creating emails made to look like they were from the real title company right before the couple was to close on their house, telling them to please transfer the funds. Only it was not from the actual title company. Poof, money you have saved your entire life was gone into a maze of international banks.
Spoofing a legitimate company is pretty simple. Say you are Republic Title and your URL web address, is www.republictitle.com, a real address by the way, and you are a customer dealing with firstname.lastname@example.org. A scammer simply goes to godaddy and buys www.republictitleinc.com, presto, they can now scrape information from the real Republic and start sending you emails from email@example.com. Did you catch the difference? I simply put “inc” at the end of title. This could look legitimate since Republic Title may very well be a corporation and who would catch such a small change.
So if we are on our own, what can we do to protect ourselves from unscrupulous criminals?
First off, call the person you are dealing with before you send any money. Don’t use a telephone number on the email you receive. Check 3rd legitimate source to get the actual number of the business or company you are dealing or want to deal with. Most companies have their telephone numbers listed somewhere on the web. If you can’t find the exact number you are told to call, call the main number and ask the operator or automated directory to connect you. If they are with the company, you will be put through. If they are not on the company directory, beware.
Second, and this is a new one, check the URL at a service like godaddy.com. Godaddy has a section called WHOIS, which will tell you when the URL was created and who owns it. If the company is an established company, the URL should be years old and the owner public. If it was created just a few months ago, or the owner has been marked private, chances are it’s a fraud. Look carefully. Does that email address match the legitimate site when you do a google search?
If you are given a bank account to send money, don’t be shy about calling the bank to confirm who owns that account and when it was opened. Banks are as interested in preventing fraud as you are and would like to catch crooks using their bank to launder money.
Be diligent. If a business, friend or acquaintance gives you a referral, check the numbers or web sites; be suspicious. Don’t think that someone else did your homework for you. Others may not do the proper vetting and unintentionally drag you along into a fraud.
Don’t be a victim. If you are looking to do business with “The Real Deal”; Look to AeroFund Financial. Look us up on the web. Our URL should say simply Aerofund.com, no “financial”, no “inc” or two “D’s” anything but “aerofund” is an imposter. Take a minute, give us a call.