As the economy worsens and more people are laid off, online fraud and financial scams are rising, security experts say.
Many of the scams lure people in with promises of quick and easy money. For instance, there has been a marked increase in money-mule recruitment scams for people to transfer funds online between countries, and other illegal work-related spam in recent months, security firm Panda said on Thursday. Such offers promise $225 (£150) or more a day for what they call "rebate processing" work at home.
"The schemes are aimed at people who are desperate in rough times and who are likely to respond as they lose jobs," Ryan Sherstobitoff, chief corporate evangelist at Panda.
While the US unemployment rate increased by over six percent between August and October, reaching a 14-year high of 6.5 percent, dubious work-recruitment scams rose 514 percent over that same period, according to statistics from the Honeynet Project, a security-focused research group.
Those types of recruitment spam hit an all-time high as a percentage of total spam, topping 0.31 percent, up from 0.23 percent the previous month and 0.13 percent in August, according to PandaLabs, the malware analysis laboratory of Panda.
Meanwhile, the success rate for the money-mule operations in North America was on average 66 percent higher than the success rates of such scams in other regions, said PandaLabs, which analysed a sample population of seven large mule networks around the world. Recipients respond to about one in three of the money-mule emails, Sherstobitoff said.
In the money mule scams, emails offer jobs as independent contractors and commissions for processing rebates that are supposedly from purchases made at legitimate companies. "Applicants" are asked to provide their bank-account information and are then instructed to wire money that is deposited into their accounts to drop boxes via Western Union, said Sherstobitoff.
Rather than processing rebates, the operation is designed to launder stolen money from one country into another through legitimate bank accounts, he said. The "contractor" may or may not receive a small sum in exchange, but it won't be enough to make up for the risk posed by participating in an illegal scheme, he said.
Also believed to be related to the economic downturn is a spike in phishing attempts, whereby fraudsters lure people into providing sensitive bank and personal information on malicious websites that appear to be legitimate bank sites. The phishing emails lately have been made to look like they come from banks that have been involved in mergers, such as Chase and Washington Mutual, and are preying on bank customers who may be confused.
Over the past month there has been a significant increase in phishing attacks, or malicious websites discovered that victims are directed to via email, according to security firm Cyveillance.
The daily average number of phishing attacks detected has risen from 400 or fewer in the first quarter of 2008 to more than 1,750 in the past month, the firm said. On one day the number of attacks spiked to greater than 13,000, said Cyveillance, which helps commercial customers get phishing sites taken down.
It is unknown how many people are falling for the phishing scams and losing money, said James Brooks, director of product management at Cyveillance.
The attacks are easy to do once email addresses are obtained, and the risk of getting caught is incredibly small while the payoff can be huge, he said.
"Phishers are getting rich and are very organised," Brooks said. Meanwhile, "no one is going to jail over it".
Firefox and Internet Explorer have built-in features that warn web surfers when a site they are visiting is potentially harmful, and Google has a Firefox extension that alerts people when a page appears to be requesting personal or financial information under false pretences.
"None of these [technologies] is foolproof, but they're a step in the right direction," Brooks said.
