In general, those involved in internet fraud try to access confidential information (passwords for account usernames, credit card numbers, PIN-codes, etc.), infect your computer with viruses, or withdraw money from your account (by sending an SMS using a short number, etc.).
The main types of internet fraud:
- Phishing emails are mass emails sent under the name of a company, service, social network, etc. They bring an "issue" to the user's attention and request that they hand over, renew, or verify their confidential information.
- Verification of account information, claim of delivery problems, or notification system errors. You are asked to state your username and password for the given service or site. More often than not in the From field of these emails is listed Support service, support or admin. Yandex employees never ask you to send your log-in information.
- Verification of ID or email address. For these purposes, you are asked to send an SMS to a short number. The cost to send an SMS to a short number is usually higher than sending an SMS on your usual tariff, but this information may not be included at all, or may be listed in the fine-print of the email. As a result, money is withdrawn from your phone immediately after you send a message. In many cases money can be withdrawn from your phone on a daily basis. Yandex never asks you to send an SMS. If we need to, we can send you one. You do not need to respond to these SMSs.
- Participate in a lottery. To enter, you need to fill out an application, which in addition to your full name and phone number, asks for your passport information and credit card number. If you receive an email regarding a Yandex lottery, get in touch with someone from our staff at http://company.yandex.com and let us know. If there is a legitimate lottery, make sure that no one is asking you to pay ahead of time for a prize delivery or to pay to participate. Yandex never asks you to pay for something that you didn't order yourself.
- Phishing links lead to fake internet sites. If a user enters his information on a phishing page, it's easy for hackers to get access to it. Whenever you authorize something on Yandex, make sure that the site address matches the format: name.yandex.com/section. After yandex.com you should see the / symbol, rather than a period.
- Website spoofing is when a hidden mechanism automatically redirects the user to a fake site with the help of malware. When trying to reach a popular site, the user ends up on a fake site that looks very similar to the real one. Then they enter their personal account information, which gets passed on to phishers. A virus can also attack in other ways, like when you register or authorize something on a site and are asked to confirm personal details via SMS.Attention. Yandex never asks a user for money in order to register or use its services. We also don't ask you to confirm your registration via SMS.
- A virus can damage domain information in the DNS system. To eliminate problems, use our free Yandex.DNS service.
- A virus can alter the system hosts file on your computer. Check your computer using the antivirus software CureIt! from Dr.Web or the Virus Removal Tool from “Kaspersky Lab”. If the antivirus program doesn't detect any malicious code, you can delete any of the virus' potentially harmful traces by completing the following steps (in MS Windows):
- Go to the folder C:\WINDOWS\system32\drivers\etc.
- Make a backup copy of the hosts file and open it using “Notepad”.
- Delete all the lines except for the following:
- Save file. Restart your browser and try going to the site again. If the appropriate page loads, then the problem has been solved.
- Put the hosts file into a Read only state. This may protect it from simple viruses. To do this, right-click on the name of the file and choose the menu option Properties, click the Read only setting, and then click OK.
Spoofing sites generally crop up in one of two ways:
- Mobile fraud — phonecalls or SMSs from hackers who supposedly represent your bank or payment system. They usually ask you to disclose your confidential information, claiming that your password has expired, or that your card was blocked, there was a system breach, information was lost, you won a major prize, etc.
- Password information left unsecured, lost or thrown out (be it on paper, a computer, phone, SIM-card, flashdrive, etc.) can all be used by phishers to steal your data.
- Unknowingly disclosing your password. Examples: you mention your password during a phone conversation without realizing that someone is listening in, or someone sees you enter your PIN-code.
- Offers to become a phisher yourself: trick a bank or payment system, earn money without any effort, get access to strangers' SMSs, etc.
- Using simple passwords and security questions that are easy to hack.
How to protect yourself against internet fraud
- Use and regularly update licensed anti-virus programs.
- Protect your email (by turning off the message preview function).
- If you get an email or message on an instant messaging program (such as Skype) from an unfamiliar or suspicious person, don't open it and don't download any attachments.
- Carefully review all incoming messages and check the sender's address. Phishing site addresses partly contain non-sensical or misspelled groups of symbols.
- Don't send an SMS to suspicious or unfamiliar numbers.
- Don't pay for products or settle a bill if you have any doubts about the legitimacy of the transaction.
- Don't share your passwords, PIN-codes, or other confidential information with anyone.
What to do if you are a victim of fraud
- If someone illegally withdrew money from your account, call your bank so that they block your card immediately. Then inform your local police.
- If you sent an SMS to a short number that turned out to be linked with fraud, request that your mobile provider or the company that services that short number return your money.
- If you went to a phishing site, check your computer for viruses using free antivirus programs.
- If you entered your password on a fake site, immediately change it, along with your security question and answer. It's better to change this personal information after you run a virus check.