Banner: Maryland Attorney General Brian E. Frosh
  Home | Protecting Consumers | Safeguarding Children | Seniors | Law Enforcement | Site Map Search

Office Overview
About the AG
About the Office
News Releases

Contact Us
Frequent Questions

Services to the Public
Consumer Protection
Open Government
Health Decisions Policy
Victim Assistance
Publications & Forms
Helpful Links

Join us on
Facebook icon

Photo Gallery

Employees Only Logo and Link to






Cyber Security

Internet and Safety

Many people think that once they sign on to the Internet and begin searching for information, everything they do is private. They are mistaken. There are a number of ways in which your Internet business is not private.

Many web sites you visit record information about you, including information about your computer, your Internet Service Provider and more. Some web sites even ask you for information. If you provide it, it can be added to a database for future use by that company or that information can be sold to other companies. Your Internet provider can also gather information about you. They can keep track of your e-mail address and where you go when you surf the web.

Much of the information that is collected may never be used. Many companies claim they use the information to improve their web sites. The information, however, can be used to send you unsolicited e-mails, or be sold to other companies that create databases of personal information for marketing or other purposes.

What You Can Do

In general, you should limit the amount of personal information you disclose on the Internet—only provide the information that is necessary to complete a transaction you have initiated. If you feel uncomfortable with the information that is requested by the site, look for a phone number that can connect you with a company representative and ask why the company needs the information.

Additionally, there are a few things you can do to protect your privacy and personal information on the Internet.

Safeguard Your Personal Information. Never give personal information—such as your social security number, credit card number, bank account numbers or address— to unknown companies or e-mail pals. If you are going to do business on the Internet, stick with the companies you know. It is incredibly easy for scam artists to impersonate a legitimate business online. See the Attorney General's Consumer Alert on Phishing scams at]

Look for the Lock Icon. For extra security, when browsing through Internet sites, look for the security lock located on the bottom right hand of the screen, an indication that the site has been encrypted and authenticated. A site will contain this icon when it has been issued a certificate that proves they are who they say they are. When a site has not been encrypted, it shows an unlocked icon. Information sent over the Internet without encryption can be seen by other people while it is in transit. When web sites are issued the certificate, a window will sometimes pop up alerting you that you are on a secure browser. Make sure the domain names match, because scam artists can send fake certificates, which is called spoofing. You can click on the lock icon to make sure the domain names match, if the alert window does not pop up. When shopping online, many sites do not have the extra security until you are ready to pay. Once you are ready to pay, a security warning pops up advising you that you are entering a secure site and will say something like, “You have requested an encrypted page. The web site has identified itself correctly and information you see or enter on this page can not easily be read by a third party.”

Another way to determine if a site is secure is to look at the URL. Secure sites begin with https://, while unsecure sites begin with only http://.

Use caution when visiting chat rooms, bulletin boards, etc. Since these are open forums, it's not a good idea to reveal your address, financial information or other personal information.  Read more about Social Networking and Personal Web Sites.

Learn how to block “cookies.” Cookies are small files placed on your computer by web sites you have visited. If you revisit the site, the cookie file lets the site identify you as a return guest and offer you products tailored to what your last visit revealed about you. Cookies can also reveal to web sites where else you have traveled in cyberspace and allow them to build a data file about you. Go to the Help section of your Internet browser program, such as Netscape or Explorer, to learn how to block cookies. You can also choose to require that your permission be given before any cookie is placed on your computer. Know that if you disable cookie files, some web sites at which you've registered will no longer recognize you and you may find it difficult to access certain sites.

Use anti-virus software, firewall, anti-spyware. Anti-virus software protects your computer from viruses that can destroy your files, and even worse, cause a crash. Anti-virus software protects your computer by attempting to identify and combat malicious computer viruses. Anti-spyware software combats against software that “spies” on your Internet usage, such as monitoring your online usage and obtaining your personal information as you surf the web. A firewall thwarts hackers from the outside trying to obtain personal information. These programs may already be installed on your computer, and simply need to be activated. If they are not, they can be purchased for a small fee. Make sure your software is from a reputable company. Some offers for free anti-virus or anti-spyware programs actually unleashed viruses or spyware instead.

Password Protection. Use passwords that contain at least eight letters and includes numbers and symbols. Do not use common words—hackers can use programs that can try every word in the dictionary. Do not use your personal information as your password. Change your password regularly.

E-mail and Your Ride on the Internet

E-mail is the fastest and most common way to stay in touch and to communicate with friends, family and co-workers. Scam artists have also discovered the benefits of e-mail—it is a fast and inexpensive way to con people out of their money.

Some e-mail scams are easy to spot. Like most too good to be true offers, these scams promise much, but deliver nothing. Con artists are becoming increasingly deceptive and have found a multitude of ways to mask their attempts to con people out of money and valuable information. By creating web sites and e-mails similar to legitimate businesses, organizations and government offices, con artists can dupe even the most savvy Internet user.


Phishing (pronounced ‘fishing') is a ruse con artists use to lure consumers into disclosing personal and financial data. By posing as a trustworthy person or business, the data these cons try to obtain can be used to run up charges on existing credit card accounts, apply for new loans, services or benefits in the victim's name and even file fraudulent tax returns. The messages contain some request to verify or confirm account information and will direct the victim to a web site that looks legitimate, but is not. The fictitious site's purpose is to trick the victims into giving out very valuable information. Consumers should remember that almost all reputable businesses and organizations do not ask for account information via e-mail, especially pin numbers and entire account numbers.


Pharming (pronounced ‘farming') is different from phishing in that the con artist does not have to rely on the victim to click on a link in an e-mail to deceive the victim. Even if the user types in the web address into the browser bar, the con artist can still redirect the victim to a malicious web site.


Vishing, short for “voice phishing” is the latest con artist invention. By using Voice over Internet Protocol (VoIP) phones to steal people's financial information, vishing uses both the Internet and phone to con people out of their money. In the online version, the con artists send an e-mail disguised as a financial institution, online payment service or other reputable business to unsuspecting victims. The e-mail claims to be reporting a “security” problem with the recipient's account and urges the victim to call a telephone number to fix the problem. The area code might be a local one, one that is easily recognizable or appears to be toll-free. When the victim calls, they reach an automated attendant prompting them to enter their account number, password or other private information for “security verification” purposes.

Having a firewall, anti-spyware and anti-virus software on your computer can help combat against pharming, phishing and vishing. The Maryland Attorney General's Office is constantly on the look out for e-mail scams. Read more about e-mail scams and hoaxes at these Web sites:

Attorney General of Maryland 1 (888) 743-0023 toll-free / TDD: (410) 576-6372
Home | Site Map | Privacy Policy | Contact Us