Internet Security

Parents need to know that there is a lot of sexual innuendo on websites this days, as well as some pretty steamy photos, nasty lyrics, videos and additional information that your kids can see and download to the home PC. But it's all delivered with a wink and a smile... also there are many companies that offer free stuff; you need to read their privacy policies and terms of use very carefully.

Each year, billions of dollars in transactions are conducted on the Internet. In spite of this, many people are hesitant to provide their credit card information to complete an online transaction for fear that the number may be stolen. This has become less of a concern more recently as businesses have taken on the responsibility of ensuring that transactions are reasonably safe. Nonetheless, caution is always the best approach when conducting personal Internet activity. The best way to be sure that your transaction will be safe is to look for a message or symbol indicating that your transaction is being conducted on a secure server. This will mean that the site owner is using special software that will encrypt, or scramble any information so that it would be meaningless to anyone who gained access to it without authorization. The most common form of digital encryption is virtually impossible to crack. In most Internet browsers, you will see a small symbol or icon at the bottom of your browser window that will identify the page you are viewing as being protected by the highest level of security. This symbol may vary in different browsers, but will usually be an image of a closed lock or perhaps a key.

Internet Privacy: Another cause for concern for many people is the use of personal information on the Internet. Many Internet sites may require you to register for their "free" services, but they do not always tell you what they do with the information you provide. Some sites will sell the information to advertisers, while others will use the information for their own advertising. Make a point of looking for a link to the site's "privacy statement" or something similar. This page should tell you how your information is to be protected, how it would be used and whether or not the information you provide will be shared with other organizations or individuals. If you do not see a privacy statement anywhere on the site, then use caution when filling out online forms. Let the credibility of the company help you to decide if it is safe to share information with them.

Here are some tips to follow to maximize security and privacy on the Internet:

  • Beware of anyone who tries to obtain your personal information such as social security number, credit card number, password and logon ID.
  • Do not give out any personal information to anyone requesting it, unless you know the person.
  • Show common courtesy on the Internet by not jumping into a chat conversation uninvited.
  • Do not intentionally upset or irritate any person's or company while on the Internet.
  • Do not intentionally send promotional information indiscriminately to everyone on your email address list. This practice is known a “spamming” and is widely frowned upon. In some states there are laws governing such practices and the Federal government has taken up the issue, as well.

E-Mail Security: Perhaps the single most common use of a computer today is for the sending and receiving of e-mail messages. Many people will send or forward messages without any concern or thought about the content of their message, and this can be very risky.

After the e-mail leaves your computer, it is then forwarded to an Internet mail relay host where anyone who has access to the host can view, delete or change any message. The mail relay host is basically a computer that is specifically designated to handle e-mail and is connected to the Internet. Essentially, all e-mails can be monitored. One way to prevent this from occurring is to encrypt or scramble your messages using certain software programs or by using the full security features included in most common e-mail programs.

Other e-mail concerns include the spread of viruses and other malicious programs such as Trojan horses and worms (See the Computer Viruses topic for more information), chain letters and Internet hoaxes. Chain letters are messages that attempt to perpetuate themselves by convincing the recipient to forward the message to as many people as possible. They will often promise financial or other rewards to those who forward the message. Internet hoaxes are messages that attempt to generate fear or alarm in the recipient by detailing a threat or problem that does not really exist. Hoaxes will often arrive in the form of a chain letter and may play on people’s emotions to convince them the information is true and should be forwarded.

E-Mail Safe Practices

  • Today, the majority of viruses are spread via e-mail. With this in mind you should install anti-virus software and configure it to scan all incoming and outgoing e-mail to ensure that it is virus-free.
  • Never forward chain letters that you receive. Though many make promises of great reward, if they sound too good to be true they probably are. In addition, chain letters can expand rapidly and clog e-mail servers which slow the delivery of legitimate e-mail.
  • Be skeptical of unsolicited e-mail that claims to be alerting you of a threat or problem. They are often hoaxes and if forwarded can unnecessarily alarm others.

Internet Phishing: Phishing is a form of information theft that uses "spoofed" emails and Web sites to trick people into revealing confidential information, such as passwords, PINs, credit card numbers, bank account numbers, maiden names and other privacy or account-related information. Criminals and hackers use the information they obtain to perpetrate identity theft, credit card fraud and other financial crimes.

A typical phishing attempt involves an email that pretends to come from well-known companies, such as banks, eBay, PayPal, etc. The email will have an official look and may even include accurate logos and other official-looking features to persuade the recipient that it is legitimate. In addition, the email will often include persuasive suggestions that the recipient’s service might be interrupted or accounts in danger if immediate action is not taken by following instructions in the message. Finally, the phishing attempt directs the recipient to validate or update personal information by clicking an Internet link that leads to a Web site with a "look and feel" like that of the targeted business. Unfortunately, the Web site is fraudulent and any information provided is compromised and placed into the hands of criminals!

There are ways to identify and protect yourself from phishing attempts. First and foremost, remember that legitimate businesses normally do not request personal or confidential information via email.

If you suspect you have received a phishing email, look for the following clues:

  • Is the email unsolicited?
  • Is the email personalized? Does it address you specifically or is it generic?
  • Does the message have misspellings or grammatical errors?
  • Does it stress urgency by threatening negative consequences if instructions are not followed?

Any of the above could indicate the email is not legitimate.

Ways to protect yourself:

  • Be skeptical! If in doubt, call the company directly. Do not use any phone numbers listed in the suspect email as they might also be fraudulent.
  • Never provide personal information unless you initiated the communication.
  • Do not click links within emails as they may not be what they seem. Always key the web address yourself.
  • Make sure you are using a "secure" Web site. Look for https:// in the web address field.
  • Regularly review your accounts and financial statements for unusual activity.
  • Keep your Internet browser and other software updated to "patch" security flaws.

If you believe you may be a victim of a phishing attempt:

  • Immediately contact your financial institutions to have your accounts flagged for suspicious activity.
  • Contact the following credit bureaus. They can place a fraud alert on your files to prevent criminals from opening new accounts in your name.
  • If you become a victim of identity theft, ask your financial institution if they offer an identity theft kit containing form letters and checklists to help you address your situation.
Contact these credit agencies and ask for your credit report, if you feel you have been a victim of Identity theft you must report it to them ASAP.
  Equifax 800-525-6285
  Experian 888-397-3742
  TransUnion 800-680-7289

The following checklist provides a central place where you can record steps you have taken to report fraudulent use of your identity. Keep this list in a safe place for your reference.

Checklist to Track Your Course of Action

Credit Bureaus – Report Fraud
Bureau Phone Number Date Contacted Contact Person Comments
Equifax (800) 525-6285      
Experian (888) 397-3742      
TransUnion (800) 680-7289      
Banks, Credit Card Issuers and Other Creditors
Creditor Address And Phone Number Date Contacted Contact Person Comments
         
         
         
Law Enforcement Authorities
Agency/ Department Phone Number Date Contacted Contact Person Report Number Comments
FTC (877) 438-4338        
           
           

Report any suspicious contacts to the Federal Trade Commission: www.consumer.gov/idtheft or 1-877-IDTHEFT (438-4338).

Additional information regarding phishing can be found at the Anti-Phishing Working Group Web site: www.antiphishing.org

For additional information and assistance go to: www.bisnerconsulting.com or write to: info@bisnerconsulting.com