SurfControl is warning people to use extra security precautions against "brand spoofing," which is a tactic used to defraud people. The technique involves scammers who send out mass email messages hoping to lure people to fake Web sites that appear to be the Web sites of legitimate companies. Sometimes the email message itself contains an HTML form that appears to be an official page from a Web site. Scammers hope to obtain private information from u sers, such as name, address, contact information, credit card numbers, and social security number.

The company said that in recent months, scammers have spoofed sites and pages that pretended to be from Best Buy, UPS, Bank of America, PayPal, First Union Bank, SonyStyle, and Australian banks.

The most recent instance of this type of scam affected the Massachusetts state lottery. A scammer, believed to have been located in Nigeria, sent out email messages to users alleging that they'd won $30,000 in the state lottery. Users were led to a fake lottery site that looked similar to the real state-run lottery. Users were asked to provide their name, social security number, and credit card number, and then asked to pay $100 as a processing fee to obtain their supposed lotto winnings. This isn't the first time that scammers have tried to fool people with a fake Massachusetts state lottery.

"Internet outlaws and con men are often on the cutting edge of technology using every trick in the book to find ways to hide their identity and avoid detection. Companies need to focus on three things to stay ahead of the spammers: get organized and institute intelligent, articulate acceptable use policies, get smart and use the latest \[email filtering\] technologies, and get employees educated and engaged in managing their e-mail wisely and responsibly," said
SurfControl Senior Vice President Susan Getgood.