Online scams and identity theft are becoming more prevalent, and the tactics used are increasingly sophisticated. Operators of "phishing" schemes use forged emails and websites that look almost identical to those representing your bank or credit card company, hoping you will unwittingly reveal personal or financial information. Another common trick is offering free software; when the user installs the program, it launches a "Trojan horse," giving a hacker remote access to the system. Surfing the net can be risky, but with careful security practices and common sense, you can help keep yourself safe online.
In cyberspace, a little paranoia is a good thing. Hackers can "spoof," or imitate, almost any source, including familiar websites and email addresses. Unless you're absolutely sure of the recipient, never give out credit card numbers or other personal information online.
Be wary of free software, including fake "antivirus" and "spyware" programs with names similar to those you know and use. Before you download any program, type the name into your search engine and check software reviews.
After making a credit card purchase, or banking online, log off from the website to prevent unauthorized access. If you cannot log off, shut down your browser.
Install a personal firewall to block off intruders, and set up automatic security scans. Go to Kim Komando's website for free software (www.komando.com/downloads/categories.aspx?cat=Security)
Keep your operating system and browser up to date to ensure that you have the most recent security protections.
Identify Dangerous Websites
Install WOT (Web of Trust), a free add-on for your browser, for a "traffic light" alert that will warn you before you land on a dangerous website. To find add-ons in Firefox, select Tools, Add-Ons. In Internet Explorer, select Tools, Manage Add-Ons, and click "Find more toolbars and extensions" at the bottom of the pop-up. In the add-on gallery, search for WOT, or browse for other privacy and security add-ons.
Bank and shop only on known, trusted sites. Before entering financial information or passwords, look for an unbroken lock symbol in the lower right-hand corner of your browser window, or check the address bar for "https"--not just "http"--to make sure the website is encrypted.
Never click on a link in an email unless you're positive of the source. "Spoof" emails can resemble messages from your bank or credit card company, with links that send you to skillfully forged websites. Before clicking on a link, hover over it with your cursor and check the address in the lower right-hand corner of your browser to make sure it is authentic. If you have any doubt, navigate to the site directly, by typing the correct address into your browser.
Keep Passwords Safe
Choose hard-to-guess passwords that combine letters, numbers and symbols, and don't use a single password for everything. Keep any records of passwords offline, preferably under lock and key.
If you are assigned a default username or password, change it to one that's unique.
When setting up password reminder questions and answers, trick the hackers by deliberately answering wrong. For instance, if the question asks for your pet's name, don't supply your boa constrictor's real name, "Matilda"--many people know that. Instead, say her name is "Horace." Another technique is to answer a different question altogether. For the question, "What is your mother's maiden name?" type in your favorite sports team or the name of your elementary school.
- To learn more, check out the Privacy Rights Clearinghouse's fact sheet on Internet safety (www.privacyrights.org/fs/fs18-cyb.htm).
- Even with the best security practices, identity theft can happen to anyone. If you suspect you might be a victim, find out what to do next at the Federal Trade Commission's website (www.ftc.gov/bcp/edu/microsites/idtheft/).