Don't get cleared out by phishing scams or seductive websites

Earlier this month, it emerged that Russian hackers had stolen 1.2 billion internet usernames and passwords after breaking into 420,000 websites.

It remains to be seen whether or not any Irish websites are amongst the 420,000 targeted.

Should they be, or should any of these websites have Irish customers, consumers here could find themselves the victims of phishing attacks, in which people are tricked into divulging personal or financial information over email.

Irish consumers are no strangers to phishing scams.

In a recent phishing attack, some people had their bank accounts cleared out. The individuals in question received emails which appeared to have been sent by a major credit card company.

The email strongly advised consumers to update or confirm their credit card details by clicking on the fake website link contained in the email.

"The link directed the user to an imitation website - which looked just like the valid one for that card scheme," said a spokeswoman for the Irish Banker Federation (IBF).

"Customers were duped into believing that their cards would be blocked if they didn't take this urgent action. Individuals who responded to this phishing attack, filling in all of the requested bank security information, had their bank accounts cleared out by the criminals."

Fake emails purporting to be from Irish banks have been on the rise over the last year. The Revenue Commissioners, Tesco, Netflix and Apple's iTunes are amongst the other households names which have been recently targeted by phishing scams in Ireland.

"Phishing tends to come in waves," said the IBF spokeswoman. "The emails generally appear as though they have been sent by a bank or financial institution and the criminal will aim to obtain security details so that they can access the person's bank account. In recent years, the quality of the emails and bank branding has improved - years ago, the grammar used in the emails and the images use by criminals was easy to spot as a fraud attack."

The growing popularity of the internet is one of the main reasons for the increase in phishing attacks.

However, online scams aren't the only things which can catch consumers out when using the internet.

One area where consumers could easily lose money online is penny auction websites.

Most penny auction websites are not scams. These sites typically lure consumers by promising discounts of 80pc or more. The advertisements for such sites might say, for example, that you can buy a 55-inch TV for less than €25 or a holiday in the sun for a few euro.

In reality, however, these sites are a waste of money for most of the people who use them. Only a tiny fraction of those placing bids become the winning bidder - which is what you need to be to buy the 'cut-price' item.

With penny auction websites, you pay money to bid for something advertised on the site. You typically buy a package of credits and use those credits then to place your bid. The more valuable the item being auctioned, the more credits you need to place a bid. Each time you place a bid, the price of the item being auctioned increases.

The auction runs for a certain amount of time. Each time a bid comes in, several seconds get added to the auction. The last person to make a bid before the auction closes becomes the winning bidder - and gets the right to buy the "bargain". As the timer restarts each time someone makes a bid, many have found it impossible to win the right to buy anything on these websites.

Another catch is that even if you emerge as the winning bidder at an auction, you must pay to buy the product. So winning the auction doesn't mean you've won the auction item. On top of the money spent to buy the item, you'll have paid to bid for the item in the first place. You must also pay for postage and packaging. All of this adds up and could leave you paying more for the so-called bargain than you would have had you bought the item on the high street.

Of course, there are also those who bid at penny auction websites, only to lose the auction. Any money spent by the losing bidders on bids is immediately lost. People have spent hundreds of euro bidding at penny auctions - only to lose that money and to be left with nothing to show for it.

The consumer watchdog, the European Consumer Centre (ECC), has received a number of complaints about penny auction websites. Some consumers contacted the watchdog to seek refunds for transactions they'd engaged in on the sites. Another complaint, which is currently being investigated by the ECC, arose when a consumer ran into problems cancelling his subscription.

"He purchased a credit package which allowed him to bid on auctions on the trader's website," said a spokeswoman for the ECC. "The consumer later decided to cancel his subscription and contacted the trader to do so. He had a number of credits left in his account and sought a refund for the unused credits. The trader responded and said that as he had used some of the credits already, he couldn't cancel the contract. The consumer claims that he was not given adequate information on his cancellation and withdrawal rights, as is required by European law."

Some dishonest auction sites use bid bots, which are computer programs that automatically bid on behalf of the website, according to the Federal Trade Commission (FTC), the agency charged with protecting consumers in the United States.

"You may be seconds away from winning an auction when another user places a bid," said the FTC. "That keeps the clock ticking, and forces you into a bidding war to stay in first place. Though the bidder appears to be another user, it may be a bot programmed by the website to extend the auction and keep people bidding (and spending money) as they chase the win."

Buyer beware.