SEARCH
     
Cybersecurity
 

Internet and wireless connections are a great way to shop, bank, play and communicate with friends and family. Unfortunately, nearly every technological advance creates an opportunity for cybercriminals to exploit our desire to use technology for the fun, ease and convenience it represents.

YOU are the best defense are against cyber criminals who want to steal your information and use it for personal gain. By just taking a few simple precautions to safeguard your devices and knowing the signs of cyber schemes, you can greatly reduce your chances of becoming a victim.

ITAC offers these tips to stay safe using Internet and wireless connections.

Protect your computer and devices

  • Protect your computer with three core protections: anti-virus software, firewall and anti-spyware software. New threats emerge daily and quality software packages come with subscriptions that allow you to update your defenses on a regular basis. In most cases, you can set the software to retrieve the updates automatically.
  • Update your computer’s operating system. If you surf the Internet, you use a browser as well. Both should be updated regularly. Many of the updates that address security issues can be scheduled to run automatically.
  • Protect your mobile devices. Take the same precautions on your mobile device as you would on your computer. For example:
    • When in doubt, don’t respond. Text and call only the people and businesses you know in real life.
    • Secure your phone with a strong passcode or other privacy feature.

Don’t get hooked by phishing schemes

Phishing is a tactic used by criminals who pose as legitimate businesses, government agencies, utilities or retailers to trick you out of disclosing personal and financial information.

  • Be suspicious of any unsolicited email or text message requesting personal information.
  • Avoid filling out forms in email messages that ask for personal information.
  • Always compare the link in the email to the link that you are actually directed to.
  • Log on to the company’s official website, instead of "linking" to it from an unsolicited email
  • Contact the business that supposedly sent the email to verify if the email is genuine.

Be mindful of all communications asking for personal information – no matter where it comes from. There are variations of phishing – “vishing” and “smishing.” Vishing uses the phone, or combination of telephone and email, to trick people into divulging personal information online or by phone. Smishing scam artists use alarming SMS text messages that urge the recipient to take immediate action to correct an account problem.

Online Shopping

It's important to take steps to protect yourself when shopping online. Online shopping is convenient, easy, and quick. But before you start adding items to your cart, make sure you are up-to-date and have the latest security software, web browsers and operating system. Keeping a clean machine is the best defense against viruses, malware, and other online threats. Here are some other ways to protect yourself when shopping online:

  • Check out sellers: Conduct independent research before you buy from a seller you have never done business with. Some attackers try to trick you by creating malicious websites that appear legitimate, so you should verify the site before supplying any information. Locate and note phone numbers and physical addresses of vendors in case there is a problem with your transaction or your bill. Search for merchant reviews.
  • Make sure the site is legitimate: Before you enter your personal and financial information to make an online transaction, look for signs that the site is secure. This includes a closed padlock on your web browser’s address bar or a URL address that begins with shttp or https. This indicates that the purchase is encrypted or secured. Never use unsecured wireless networks to make an online purchase. Check out this GetNetWise tutorial for more information. 
  • Protect your personal information: When making a purchase online, be alert to the kinds of information being collected to complete the transaction. Make sure you think it is necessary for the vendor to request that information. Remember, you only need to fill out required fields on a vendors checkout form. Before providing personal or financial information, check the website's privacy policy. Make sure you understand how your information will be stored and used.
  • Use safe payment options: Credit cards are generally the safest option because they allow buyers to seek a credit from the issuer if the product isn’t delivered or isn’t what was ordered. Also, unlike debit cards, credit cards may have a limit on the monetary amount you will be responsible for paying if your information is stolen and used by someone else. Never send cash through the mail or use a money-wiring service because you’ll have no recourse if something goes wrong.  Don’t forget to review return policies. You want a no-hassle ability to return items.
  • Keep a paper trail: Print and save records of your online transactions, including the product description, price, online receipt, terms of the sale, and copies of any email exchange with the seller. Read your credit card statements as soon as you get them to make sure there aren’t any unauthorized charges. If there is a discrepancy, call your bank and report it immediately.
  • Turn your computer off when you’re finished shopping: Many people leave their computers running and connected to the Internet all day and night. This gives scammers 24/7 access to your computer to install malware and commit cyber crimes. To be safe, turn off your computer when it's not in use.
  • Be wary of emails requesting information: Attackers may attempt to gather information by sending emails requesting that you confirm purchase or account information.  Legitimate businesses will not solicit this type of information through email. Contact the merchant directly if you are alerted to a problem. Use contact information found on your account statement, not in the email. 

Protect Yourself with these STOP. THINK. CONNECT. Tips:

  • Keep a clean machine: Having the latest security software, web browser and operating system are the best defenses against viruses, malware and other online threats.
  • Make passwords long and strong: Combine capital and lowercase letters with numbers and symbols to create a more secure password.
  • Unique account, unique password: Separate passwords for every account helps thwart cybercriminals.
  • When in doubt, throw it out: Links in email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or if appropriate, mark as junk email
  • Get savvy about Wi-Fi hotspots: Limit the type of business you conduct and adjust the security settings on your device to limit who can access your machine.
  • Protect your money: When banking and shopping, check to be sure the sites is security enabled. Look for web addresses with “https://” or “shttp://”, which means the site takes extra measures to help secure your information. “Http://” is not secure.
  • Think before you act: Be wary of communications that implores you to act immediately, offers something that sounds too good to be true, or asks for personal information
  • Help the authorities fight cybercrime: Report stolen finances or identities and other cybercrime to the Internet Crime Complaint Center (www.ic3.gov) and to your local law enforcement or state attorney general as appropriate.

Protect Your Phone

Smart phones are increasingly being targeted by fraudsters as a way to steal information. ITAC offers these suggestions to secure your personally identifiable information (date of birth, street address, social security number), account numbers, passwords and other information on your smart phone that can be used to commit fraud.

  • Lock it. Protect your smart phone with a password in case it falls into the wrong hands. Android, BlackBerry, Apple and Windows mobile operating platforms all offer this option, which generally can be found in “settings.” For Android, go to the home screen, press Menu, Settings, Location & Security, and under Screen Unlock you'll find options for setting passwords. Take advantage of any other security options offered, like the ability of the provider to locate and wipe information from the device remotely in case the phone is lost or stolen.
  • Watch your app. Not all applications are equal when it comes to security. When you come across a great free app, be aware that you could also be downloading a Trojan that will capture your bank account information next time you log in to pay a bill. Be especially skeptical of apps offering free wallpaper, movies, MP3s and the like. To play it safe, download apps from trusted sources, like the App Store, Verizon Apps or Google Marketplace. Take advantage of free security apps from your provider that provides basic virus scan and safe browsing protection.
  • Back it up. All platforms offer apps or utilities to backup the data on your phone – including contacts, email and photos – in case the phone is lost, stolen or wiped of information. After the initial set up, the utility will update the phone on a regular schedule.
  • Update it. Immediately download any updates to your smart phone’s operating system. These often include new features but security fixes to protect your phone as well.
  • Disable dormant connections. Attackers can exploit vulnerabilities in software that use these interfaces such as Bluetooth and Wi Fi. A good practice is to turn off these connections while not in use.
  • Keep it personal. Fraudsters will often pose as a financial service company or government agency to send an urgent text message about your “account.” Or maybe it's a company informing you about a “prize” you have won. Don’t fall for it. If you get requests via email or text for account information from any business, contact the business directly to confirm the request. The same advice goes for opening links in unsolicited emails or texts.  

Social Networking: Beware what you Share

Social networks like Facebook are a great way to share information that’s important to you. Unfortunately, they are fertile ground for criminals looking for information that can be used to commit identity theft. A study by Consumer Reports found that 52 percent of social-network users post their full birth date, home addresses, vacation plans or other personal information that could increase their risk of becoming victims of identity theft or other computer crimes.Here are some tips to keep you secure while networking:

  • Think about keeping some control over the information you post.
    Consider restricting access to your page to a select group of people, for example, your friends from school, your club, your team, your community groups, or your family.
  • Keep your information to yourself.
    Don’t post your full name, Social Security number, address, phone number, or bank and credit card account numbers — and don’t post other people’s information, either. Be cautious about posting information that could be used to identify you or locate you offline. This could include the name of your school, sports team, clubs, and where you work or hang out.
  • Make sure your screen name doesn’t say too much about you.
    Don’t use your name, your age, or your hometown. Even if you think your screen name makes you anonymous, it doesn’t take a genius to combine clues to figure out who you are and where you can be found.
  • Beware of phising attempts.
    It can be hard to tell if an email supposedly from a social networking site you belong to is an attempt to steal your login information. So to be safe, never click on a link from an email that looks like it came from a social netowrking site--type in the site's URL manually.
  • Don't be scammed.
    Scammers can gain access to one of your friend's accounts and then solicit all the friends linked to the account for money. Never respond with a credit card number or online payment, even if it looks like it is from a friend. Call your friend and ask if it's a legitimate request.
  • Choose your password carefully.
    Make it at least eight characters and include a number and a symbol in it. This way it's very difficult for someone to guess your password and hijack your account.

 

 

 

Additional Resources
 

Copyright © 2013    ITAC, the Identity Theft Assistance Center, is the national advocate for identity theft victims and a leading voice on identity policy. Millions of consumers have access to the ITAC victim assistance service through our members - the financial services companies who support ITAC and offer it as a free service for their customers. ITAC is dedicated to protecting all consumers through education, research and the criminal prosecution of identity crime.