|
Cyber
Security
Internet
and Safety
Many
people think that once they sign on to the Internet and begin
searching for information, everything they do is private. They
are mistaken. There are a number of ways in which your Internet
business is not private.
Many web sites you visit record information about you, including
information about your computer, your Internet Service Provider
and more. Some web sites even ask you for information. If you provide
it, it can be added to a database for future use by that company
or that information can be sold to other companies. Your Internet
provider can also gather information about you. They can keep track
of your e-mail address and where you go when you surf the web.
Much of the information that is collected may never be used. Many
companies claim they use the information to improve their web sites.
The information, however, can be used to send you unsolicited e-mails,
or be sold to other companies that create databases of personal
information for marketing or other purposes.
What You Can Do
In general,
you should limit the amount of personal information you disclose
on the Internet—only provide the information
that is necessary to complete a transaction you have initiated.
If you feel uncomfortable with the information that is requested
by the site, look for a phone number that can connect you with
a company representative and ask why the company needs the information.
Additionally, there are a few things you can do to protect your
privacy and personal information on the Internet.
Safeguard Your Personal Information.
Never give personal information—such as your social security
number, credit card number, bank account numbers or address— to
unknown companies or e-mail pals. If you are going to do business
on the Internet, stick with the companies you know. It is incredibly
easy for scam artists to impersonate a legitimate business
online. See the
Attorney General's Consumer Alert on Phishing scams at http://www.oag.state.md.us/Press/2006/071306a.htm]
 Look
for the Lock Icon. For extra security, when
browsing through Internet sites, look for the security
lock located on the bottom right hand of the screen, an
indication that the site has been encrypted and authenticated.
A site will contain this icon when it has been issued a
certificate that proves they are who they say they are.
When a site has not been encrypted, it shows an unlocked
icon. Information sent over the Internet without encryption
can be seen by other people while it is in transit. When
web sites are issued the certificate, a window will sometimes
pop up alerting you that you are on a secure browser. Make
sure the domain names match, because scam artists can send
fake certificates, which is called spoofing. You can click
on the lock icon to make sure the domain names match, if
the alert window does not pop up. When shopping online,
many sites do not have the extra security until you are
ready to pay.  Once
you are ready to pay, a security warning pops up advising
you that you are entering a secure site and will say something
like, “You have requested an encrypted page. The
web site has identified itself correctly and information
you see or enter on this page can not easily be read by
a third party.”
Another
way to determine if a site is secure is to look at the URL.
Secure sites begin with https://, while unsecure sites begin
with only http://.
Use caution when visiting chat rooms, bulletin
boards, etc. Since these are open forums, it’s
not a good idea to reveal your address, financial information
or other personal information. Read more about Social
Networking and Personal Web Sites.
Learn
how to block “cookies.” Cookies
are small files placed on your computer by web sites you
have visited. If you revisit the site, the cookie file lets
the site identify you as a return guest and offer you products
tailored to what your last visit revealed about you. Cookies
can also reveal to web sites where else you have traveled
in cyberspace and allow them to build a data file about you.
Go to the Help section of your Internet browser program,
such as Netscape or Explorer, to learn how to block cookies.
You can also choose to require that your permission be given
before any cookie is placed on your computer. Know that if
you disable cookie files, some web sites at which you’ve
registered will no longer recognize you and you may find
it difficult to access certain sites.
Use
anti-virus software, firewall, anti-spyware. Anti-virus
software protects your computer from viruses that can destroy
your files, and even worse, cause a crash. Anti-virus software
protects your computer by attempting to identify and combat
malicious computer viruses. Anti-spyware software combats
against software that “spies” on your Internet
usage, such as monitoring your online usage and obtaining
your personal information as you surf the web. A firewall
thwarts hackers from the outside trying to obtain personal
information. These programs may already be installed on your
computer, and simply need to be activated. If they are not,
they can be purchased for a small fee. Make sure your software
is from a reputable company. Some offers for free anti-virus
or anti-spyware programs actually unleashed viruses or spyware
instead.
Password
Protection. Use passwords that contain at least
eight letters and includes numbers and symbols. Do not use
common words—hackers can use programs that can try
every word in the dictionary. Do not use your personal information
as your password. Change your password regularly.
E-mail and Your Ride on the Internet
E-mail is the
fastest and most common way to stay in touch and to communicate
with friends, family and co-workers. Scam artists
have also discovered the benefits of e-mail—it is a fast
and inexpensive way to con people out of their money.
Some e-mail scams are easy to spot. Like most too good to be true
offers, these scams promise much, but deliver nothing. Con artists
are becoming increasingly deceptive and have found a multitude
of ways to mask their attempts to con people out of money and valuable
information. By creating web sites and e-mails similar to legitimate
businesses, organizations and government offices, con artists can
dupe even the most savvy Internet user.
Phishing
Phishing
(pronounced ‘fishing’) is a
ruse con artists use to lure consumers into disclosing personal
and financial data. By posing as a trustworthy person or business,
the data these cons try to obtain can be used to run up charges
on existing credit card accounts, apply for new loans, services
or benefits in the victim’s name and even file fraudulent
tax returns. The messages contain some request to verify or confirm
account information and will direct the victim to a web site that
looks legitimate, but is not. The fictitious site’s purpose
is to trick the victims into giving out very valuable information.
Consumers should remember that almost all reputable businesses
and organizations do not ask for account information via e-mail,
especially pin numbers and entire account numbers.
Pharming
Pharming (pronounced ‘farming’)
is different from phishing in that the con artist does not have
to rely on the victim
to click on a link in an e-mail to deceive the victim. Even if
the user types in the web address into the browser bar, the con
artist can still redirect the victim to a malicious web site.
Vishing
Vishing, short for “voice phishing” is the latest
con artist invention. By using Voice over Internet Protocol (VoIP)
phones to steal people’s financial information, vishing uses
both the Internet and phone to con people out of their money. In
the online version, the con artists send an e-mail disguised as
a financial institution, online payment service or other reputable
business to unsuspecting victims. The e-mail claims to be reporting
a “security” problem with the recipient’s account
and urges the victim to call a telephone number to fix the problem.
The area code might be a local one, one that is easily recognizable
or appears to be toll-free. When the victim calls, they reach an
automated attendant prompting them to enter their account number,
password or other private information for “security verification” purposes.
Having a firewall, anti-spyware and anti-virus
software on your computer can help combat against pharming, phishing
and vishing.
The Maryland Attorney General’s Office is constantly on the
look out for e-mail scams. Read more about e-mail scams and hoaxes
at these Web sites:
|
