Fraud Tactics

Stay up to date on the latest FTC Scam Alerts.

Different fraud tactics all share the same goal: to obtain your personal, confidential and financial information for fraudulent use.

From obtaining your information ‘the old fashioned way’ via discarded mail, to emails that ask you to verify personal information under the guise of a trusted source ― like your financial institution ― fraudulent activity comes in many different forms.

Fraud Tactics Include


Software that displays advertising content on your computer. Like its cousin spyware, some adware runs with your full knowledge and consent, some doesn't. More often an annoyance than a security risk, adware may also monitor browsing activities and relay that information to someone else over the Internet.

Bot or Web Bot

Derived from "robot." An automated program, such as a Web crawler, that performs or simulates human actions on the Internet. Used for legitimate purposes by search engines, instant message (IM) programs, and other Internet services. Web bot can also be used to take control of computers, launch attacks, and compromise data; may act as part of a blended threat.

Botnet or Zombie Armies

A group of computers that have been compromised and brought under the control of an individual. The individual uses malware installed on the compromised computers to launch denial-of-service attacks, send spam, or perpetrate other malicious acts.

Check Washing

Criminals use solvents to dissolve the ink on a check and rinse it away. Basically, the payee name and amount is “washed” off the check, allowing the criminals to rewrite the information to deposit any amount into their own bank accounts. This is a growing problem, but there are ways to protect yourself.

Denial-of-Service (DoS)

An attack on a computer or network in which bandwidth is flooded or resources are overloaded to the point where the computer or network's services are unavailable to clients. Can also be carried out by malicious code that simply shuts down resources.

Dumpster Diving

Thieves rummage through trash looking for bills or other paper that includes your personal information.

Jury Duty Scam

Consumers are advised to be on alert for an identity theft exploit known as the "Jury Duty Scam." In this scam, the scammer telephones their victim posing as a local court official who claims the victim has failed to report for jury duty, and as a result, a warrant has been issued for his or her arrest. The victim will rightly claim they never received any jury-duty notifications. To "clear things up," the scammer then asks for confidential information (i.e., social security number, birth date) for "verification" purposes or payment information (i.e., credit card number, bank account details) for alleged fines.

This is a scam. Consumers are urged not to give any personal information over the phone. These scam artists are attempting to commit identity theft by appealing to the victim's sense of social conscience and fear of prosecution.


Key loggers monitor what is being typed at keyboards, and what mouse movements or clicks are being generated. Key loggers come in hardware and software
versions. A fraudster can go through the logs looking for account credentials and answers to challenge questions.  Sophisticated software key loggers can also capture
what is displayed on the screen.


Short for malicious software, is designed to access a computer without the knowledge or permission of the user. Malware may be used to gather or destroy information.

Man-in-the-Browser (MitB)

Man-in-the-Browser (MitB) attacks move the proxy function of a Man-in-the-Middle (MitM) attack from an external application into an extension of the browser itself. In essence, MitB is a sophisticated variation of MitM.  

In a MitB attack, the fraudster still has visibility into all data sent or received. Fraudsters can still collect login, password, and challenge question information. Additionally, fraudsters can use the already authenticated session to independently navigate the site, adding new payees or initiating funds transfers, without displaying any of their activity to the browser screen.

For sites that use Multi-Factor Authentication, the MitB can stay dormant until the user initiates an action the fraudster is interested in, such as adding a new payee. At the time the new payee is added, the MitB can alter the data being sent to the banking site, while still displaying what the user entered back to their browser screen.

For example, user adds account #12345 as a new payee. MitB alters what is sent to the banking site to account #31254. User is prompted for a One Time Password (OTP). User receives OTP via SMS. User enters OTP into browser to authenticate the payee addition. The confirmation page on the user’s screen shows payee #12345 successfully entered, while the banking application actually has a new payee of #31254.

Man-in-the-Middle (MitM)

In a Man-in-the-Middle (MitM) attack, users believe they are interacting directly with a real banking site, when in reality there is a proxy function that is intercepting, manipulating, and forwarding the 14 data between the user’s browser and the real banking site.


Pharming takes place when you type in a valid Web address and you are illegally redirected to a Web site that is not legitimate. These ‘fake’ Web sites ask for personal information such as credit card numbers, bank account information, Social Security numbers and other sensitive information.


A scam that involves the use of replicas of existing Web pages to try to deceive you into entering personal, financial or password data. Often suspects use urgency or scare tactics, such as threats to close accounts.


A form of Web advertising that appears as a “pop-up” on a computer screen, pop-ups are intended to increase Web traffic or capture email addresses. However, sometimes pop-up ads are designed with malicious intent like when they appear as a request for personal information from a financial institution, for example.


This virus specifically targets your computer defenses. It will look for vulnerabilities within your computer operating system or any third party security software. Most security vendors have some form of tamper-proof measure in place, so it is important to keep your patches up-to-date. Retro Viruses are usually combined with another form of attack.


A program that allows a person to secretly gain privileged (e.g. “administrator” or “root”) access to a computer by way of a hidden program that is installed on a victim’s computer.


Skimming devices are placed either at an ATM, a merchant register or an unattended terminal such as a gas pump, and are used to "skim" your card data during a legitimate transaction.  The thief can then use your card information to make fraudulent purchases or withdrawals.

Keep a sharp eye on the ATM you are using. Look for loose faceplates and readers, or a mismatched look on the ATM itself. When at all possible, use well-known institution owned ATMs, which are more likely to be regularly inspected.

When making purchases, be aware if the clerk takes your card out of your sight when there is no need. Experts say organized crime rings are now planting skimming devices and enlisting the help of the cashier, who usually makes a small fee. Obviously certain types of businesses, such as restaurants, cannot always conduct your transaction within your sight. Just be as alert as possible, and watch your account activity closely.

Social Engineering

Gaining information by tricking an individual into releasing information. Dating websites are frequently used by fraudsters to gain trust and obtain personal information and even log-in credentials.


Unsolicited email, usually sent in bulk to a large number of random accounts; often contains ads for products or services. Also used in phishing scams and other online fraud. Can be minimized using email filtering software.

Spim or Instant Spam

Unsolicited instant messages, usually sent in bulk to a large number of IM accounts; often contain marketing materials and links to product Web pages. May also be used in phishing scams or to spread malware. See also, spam.


Spoofing is when an attacker masquerades as someone else by providing false data. Phishing has become the most common form of Web page spoofing. Another form of spoofing is URL spoofing. This happens when an attacker exploits bugs in your Web browser in order to display incorrect URLs in your browser location bar. Another form of spoofing is called “man-in-the-middle”. This occurs when an attacker compromises the communication between you and another party on the Internet. Many firewalls can be updated or configured to significantly prevent this type of attack.


A program that self-installs on a computer and covertly gathers information about a person’s Internet use, passwords, etc.

Trojan horse

A program that appears to be a useful file from a legitimate source but tricks the victim into opening it to steal information or harm the system.


A program that can replicate itself and spread from one computer to another by attaching itself to an existing program. 


Vishing is a type of phishing attack where the attacker uses a local phone number in the fake email as a means of obtaining your sensitive information. The goal is to fool you into believing the email is legitimate by instructing you that responding to the request by phone is safer than responding by email and shows authenticity. The unsuspecting caller is then tricked through an automated phone system to relinquish their sensitive information.


A self-replicating program that uses a computer network to send copies of itself to other computers on the network to send copies of itself to other computers on the network and does so without any user intervention.

Zero Day Attack

When a Trojan finds its way onto computers and into the browser by exploiting software vulnerabilities before the vendor has had a chance to create a workaround.