FBI talks about computer crimes

The Fallbrook Citizens’ Crime Prevention Committee hosted a presentation on international and domestic computer hacking, fraud, and security breaches at Fallbrook Library on Oct. 28. FBI agent James Duczakowski and FBI computer specialist Darren Bennett conducted the meeting.

The purpose for the session was to cover ways that individuals and businesses can keep ahead of international computer criminals. To begin, Duczakowski explained how fraud works online.

“Fraud is basically when someone misrepresents himself or herself for money, and is driven by greed,” said Duczakowski. “They might not be stealing money, but fraud is definitely a form of robbery. They try to get you to willfully give them your money.”

Duczakowski reminded the community that offers seen via email or online should be carefully scrutinized. If something is too good to be true, it probably is, he said.

“People wonder how someone could fall for a lot of these scams, especially when they seem to be too good to be true, but some of the scams have gotten very sophisticated,” said Duczakowski. “It’s the ones that are sophisticated that we fall for.”

Duczakowski covered a broad spectrum of fraud and hacking, from network computer hacking and unauthorized purchasing, to unsolicited opportunity schemes. He said that there is a process to fraud that exploits individuals.

The first stage is to provide an opportunity.

“They exploit the need you have, whether it’s money to try and get a home, or a want to help others,” Duczakowski said.

The second stage is to provide the incentive with pressure, continued Duczakowski.

“They offer to give you what you want, but with pressure. It could be time, or a special deal. They don’t want you to think about the offer,” said Duczakowski. “The third stage is rationale, which can make you a part of the scheme. You want to have others join in on the scheme because it allows you to make up money that has been lost.”

Duczakowski used a credit repair scam as an example of how people can be sucked into a fraudulent scheme.

“It can feel legitimate because they can be offered by real estate agents, or because the service is marketed to real estate companies,” he said.

Certain scams are specifically marketed to individuals, said Duczakowski, because it is not hard to find out basic information about individuals.

“Information can be found in the trash, or through hacked computer systems. It is not hard to access public records, and people tell others a lot if they think they are a part of a survey,” said Duczakowski. “One scheme we see a lot of in San Diego is when grandparents are called from Mexico saying a grandchild is in jail. Another is an arrest warrant from the IRS, which needs to be paid up front, or <another ploy can be> a disaster wildlife relief fund.”

Red flags that indicate that someone is being targeted for information is when they receive emails that have awkward phrases or the use of high-pressure tactics. In addition, Duczakowski stated people should be wary of vendors who do not want to meet buyers in person.

“To minimize risk, do not be afraid to say no,” he said. “Get offers in writing, and be skeptical. Research offers. If there is fraud involved, someone will have written about it.”

Bennett, the FBI computer scientist, stated that though he sees hundreds of companies attacked through data breaches, nearly a hundred percent of the attacks can also be used on home users.

“Hacking has become easy. The days of ubertech geek use are gone,” said Bennett. “If you are not getting virus warnings every once in a while, that might not be good. Everyone receives questionable emails.”

Both criminal and national hackers are after the same thing, said Bennett: information and money. It is common for hackers to socially engineer users of systems into giving them access to personal information.

“The most non-technical form is emails and email attachments,” said Bennett. “If you click a link, they can get into your systems. Logo headers could look like legitimately attached documents, and you might get an email about information that you might really seem to need. These emails make my job hard because they are targeted. They are called spear phishing.”

Bennett stated that opening suspicious emails on a cell phone is unwise, as well.

“Most people do not have phones with antivirus protection on them, and they have just as much sensitive data, if not more, than our personal computers,” said Bennett.

Bennett stated that if a person is ever in doubt about an email, they should simply discard it. It is also advisable to talk to an information technology technician at work if questions arise with emails. A good antivirus program can help identify malicious emails.

“They are a good first layer of defense,” he said.

For more information regarding what spear phishing scams and fraudulent activity to be on the lookout for, Bennett stated that individuals can go to the FBI website (www.fbi.gov) and see current scams that have been identified.

“Though we have a lot of information, we can’t see everything,” he clarified. “We need you to partner with us, and if you see something, or are targeted by a well crafted scam, you need to let us know.”