SurfControl is warning people to use extra security precautions against "brand spoofing," which is a tactic used to defraud people. The technique involves scammers who send out mass email messages hoping to lure people to fake Web sites that appear to be the Web sites of legitimate companies. Sometimes the email message itself contains an HTML form that appears to be an official page from a Web site. Scammers hope to obtain private information from users, such as name, address, contact information, credit card numbers, and social security number.

The company said that in recent months, scammers have spoofed sites and pages that pretended to be from Best Buy, UPS, Bank of America, PayPal, First Union Bank, SonyStyle, and Australian banks.

The most recent instance of this type of scam affected the Massachusetts state lottery. A scammer, believed to have been located in Nigeria, sent out email messages to users alleging that they'd won $30,000 in the state lottery. Users were led to a fake lottery site that looked similar to the real state-run lottery. Users were asked to provide their name, social security number, and credit card number, and then asked to pay $100 as a processing fee to obtain their supposed lotto winnings. This isn't the first time that scammers have tried to fool people with a fake Massachusetts state lottery.

[ Read more ]