The Web's Biggest Scams: From 419 to the Hitman

The Web is awash with bad seeds who want your money, your data and your sweet, sweet identity. We don't want to scare you -- since these people are the exception, not the rule -- but they are out there. Crafty buggers who prey on trust and carelessness, scammers are not only persistent social engineers, but also skilled hackers who take over Facebook accounts, break into bank databases and spread malware. Using their skills (and sometimes brute force), these crooks have made themselves millions (and potentially billions) of dollars by turning people into their own worst enemies. While we could sit here and spit out a diatribe about avoiding suspicious e-mail attachments or being wary of strange requests from friends, we thought it might be more effective to simply show how some of the biggest (and most successful) scams work their malicious magic, and just how rich the perpetrators got off of careless users.

Keep reading after the break for ten scams that have made the Web a more dangerous (and admittedly more interesting) place. Take our guide, use the lingo, proceed with caution -- and maybe gain some wisdom from the mistakes of others. Trust us, you don't want to get caught up in these ruses.

419 Scams

No discussion of Internet scams can exclude the classic and constantly evolving 419 scam. This form of advance-fee fraud came to most people's attention in the form of e-mails from supposed Nigerian princes. These messages often claim that the sender is sitting on top of a vast fortune that, for some reason or another, they are unable to access. They offer you a portion of the wealth -- only after you front a small fee that they will use to unlock the funds, of course. The scam has evolved to utilize hacked Facebook accounts and Craigslist job postings, among other things. You may even recall those swaths of McCain supporters being taken in by 419 crooks during the the 2008 election. While it's hard to pin down the exact amount of money that these far-reaching scams have stolen, it's safe to assume that their victims have lost millions of dollars worldwide.

Buy Cheap Viagra / Medical Spam

False claims promising sexual virility have been around almost as long as e-mail... or time immemorial. Sometimes, the scammers simply take your credit-card info; other times, they simply ship placebos. Regardless of what (if anything) they're selling, gangs and cyber-crime lords have long been flooding our inboxes with several million dollars worth of solicitations for duplicitous drugs, such as cheap Viagra. Clever groups play on timely fears, as some did during the swine flu epidemic, when they used that hot topic to funnel over $100,000 per day into their coffers.

Hitman

This chilling twist on the 419 scam gets its own special entry because of its disturbing tactic. Rather than trying to earn a victim's confidence, these so-called hitman messages threaten the recipient's life if they don't pay up. While most of these messages are simply sent to random people, more enterprising crooks glean personal info from sites like Facebook in order to tailor their messages to particular victims. It's not clear whether or not these scams are successful in generating big cash for the cons, but their violent nature makes them unique in the world of Internet hustling.

Swedish Bank Phishing Scam

Phishing scams are nothing special. Arriving in a variety of forms and hoping to harvest everything from your Facebook password to your banking credentials, bank-phishing scams arrive through official looking e-mails and fake logins. In particular, one sophisticated scam targeted the Swedish bank Nordea. When it hit in early 2007, it was the largest phishing scam ever, with some 250 customers being fooled into downloading a keylogger sent to them via an e-mail that appeared to come from the bank. All told, the crooks snatched up eight million Swedish kronor (about $1.1 million) via repeated, small transactions that flew under the radar of bank security.

Phishing Scam + DDoS

Phishing scams almost always involve an e-mail, app or a fake website. But the most successful scams also involve a certain amount of social engineering and innovative use of multiple scamming mediums. A man named Robert Thousand, Jr. was the victim of a particularly interesting attack. After harvesting his info, the dupers began transferring boatloads of cash from his Ameritrade retirement account. The transactions were large enough to set off alarms at Ameritrade, who then attempted to call Thousand to confirm the move. But the crooks had an inventive trick up their sleeves; they used several VoIP accounts to repeatedly dial Thousand's home, work and cell phones, preventing Ameritrade reps from reaching him. The crooks then called, pretending to be Thousand, complained that the transaction hadn't gone through, and convinced the reps to move forward with the transfer. At the end of the day, Thousand was out $399,000.

eBay / Craigslist Crooks

Scam artists love eBay and Craigslist. Although eBay has implemented safeguards, it's still possible for crooks to game the system and jack up their positive feedback. These fraudsters will often then collect payments without shipping items, or sell broken or counterfeit goods. The craftier crooks will even hijack the accounts of respected sellers to auction off nonexistent and expensive items like cars. Craigslist is home to similar scams, but its lack of security features allows cons more room to dupe. Plus, since it's local, some even turn dangerous. A recent spate of Craigslist classifieds for the Oakland area ended with the purchaser being robbed at gunpoint.

Fake Job

Scam artists posing as potential employers represent a particularly dangerous brand of crook -- one that has proven quite popular on Craigslist. The ruse is simple: they enlist your services for anything from legal defense to guitar lessons. Your employer sends you a check (but for more than he or she owes you), and then requests that you send some of that money back to them or a third party. By the time anyone realizes the original check is a counterfeit and worthless, the victim has already put a big dent in their own account by wiring cash to the crooks. One New Hampshire lawyer fell for the scam, and wired away some $240,000 of his own money before the bank stopped the fake check from clearing.

Forged Checks

Hackers have found that banks, check-cashing outfits and other businesses that store images of checks hold a bounty of material for the crafty crook. Scammers first hack sites and steal scanned images of checks. Then, using the harvested routing and account numbers, or the victim's signature, the crooks print fraudulent checks -- worth, in one case, a total of $9 million. By the time anyone notices the checks are fake, the crooks are already long gone.

Extortion Via Dating Sites

To avoid getting lured into a scam online, you'd do well to avoid sketchy dating services. Plenty of adult-themed sites are merely portals for malware and cam-girls. But the more dangerous types are the ones that will hook you up with real people that might have less than honorable intentions. For example, SeekingArrangement.com connects rich, successful men with attractive young women seeking "financial support" in exchange for their (ahem) "companionship." Heir to the DuPont fortune, Stephen Dent, discovered this the hard way after becoming the victim of not one but two extortion scams that took him for $140,000.

Post-Purchase Scams

These scams are a different breed than the rest on this list. While the others are perpetrated by ne'er-do-wells and crooks, post-purchase scams are run by seemingly trustworthy retail outlets. 1-800-Flowers, Barnes & Noble and Fandango were among those taken to task by the U.S. Senate for luring customers into making additional purchases or signing up for rewards programs by using aggressive and deceptive tactics. Post-purchase pushes have netted these companies around $1.5 billion, according to a Senate Commerce Committee report. Classmates.com made $70 million all by itself, thanks to reward and discount programs users unwittingly joined.

Tags: 419Scam, craigslist, ebay, facebook, phishing, privacy, scam, Scams, security, spam, top, web