For instance, a widely used, relatively new scheme that's difficult to detect features pop-up notifications that look just like antivirus software alerts. They usually say something to the effect of, "Your computer has been infected with 49 viruses, click OK to quarantine them."
Clicking OK sends the user to a website that claims their antivirus software license has expired, and a payment needs to be made before the virus problem can be mitigated.
These sites look completely legitimate -- and, adding to the scheme's plausibility, many of the spoofed websites even have working customer service phone numbers with "operators" on the other end of the line who will gladly take your money.
Another stealthily and fast-growing attack is called "spear phishing": sending e-mails to specific recipients from spoofed addresses that look completely legitimate. The attacks often appear to be from loved ones, claiming to be in an emergency situation and asking for money.
These schemes show that Internet scam artists, who had long been thought of as too unsophisticated to be considered real "hackers," are venturing into the realm of some of the more expert cybercriminals.
"Now, there isn't a very big gap in their capabilities," said Dave Aitel, president of security firm Immunity Inc. and a former computer scientist at the National Security Agency. "Re-shippers and check fraudsters are now just an arm of organized cybercrime."
Social hacking
Unlike their organized counterparts, online fraudsters tend to live below the poverty line and lack legitimate employment opportunities, according to Eric Fiterman, founder of security startup Rogue Networks and a former FBI cybersecurity special agent. Many steal to survive.
More here: Internet scam artists are more effective than you think - Jul. 26, 2011