This is the second of a three part series on ways to combat identity theft. Part 1 contained descriptions and examples of various types of identity theft. This second part continues with on-line threats.
On-Line Fraud-ID Theft
- These take place via computer
- Crackers, viruses, spyware, phishing, and pharming are threats
- All can result in identity theft
- Computer users try to gain access to your hard drive remotely over the Internet
- Passwords, encryption, and up-to-date firewall can make their lives more difficult
- Keep anti-virus and anti-spyware software current
- Run anti-virus and anti-spyware scans at least once a week
- You get an email that looks like it comes from your bank, credit card company, etc.
- Asks you to “update their records”
- Purportedly due to potential fraud, other reasons
- Provides a hyperlink to a web page where you enter your personal information
- The link takes you to a thief’s website that is disguised to look like the company’s
- Email may have an attachment. DO NOT OPEN IT.
- One of the worst phishing scams encrypts all files on your computer when you open and execute an attached file. This is known as ransomware.
- The thieves demand a ransom before they will send you a password to decrypt your files.
- As you can image, the decryption key never comes, but rather the malware perpetrators use the credit card info to make unauthorized purchases.
Avoiding a Phishing Scam
- Look out for
- Misspelled words
- Beware of @ sign in URL
- Unusual company behavior
- DO NOT respond to the email
- DO NOT provide personal information
- DO NOT click on any links
- And especially, DO NOT open any files that were downloaded by clicking on a link.
Avoiding a Phishing Scam
Newer browsers have anti-phishing tools
Phishing – Never Give Out Passwords
Social networking sites like MySpace, Twitter, and Facebook request their users’ AOL, Gmail, Yahoo and Hotmail passwords, and then use them to access users’ address books and send ‘invitations’ to join, making them appear to come from the user. The password prompt screen typically includes the ISP’s logo right next to the password prompt.
Make sure you are on the actual social site if you give out passwords. Never give passwords in response to an email purportedly from a social site.
Pharming Scam (Subset of Phishing)
- A pharming scam is carried out through a copycat website
- Thief creates website that looks like a legitimate business’ website
- You enter the address of a legitimate business but a re-directed to a “spoofed” site
- When you enter personal information, it is sent to the con artists – NOT the legitimate business
Pharming Warning Signs
- Site does not show security features (https, padlock)
- Text on page cannot be highlighted – the material is an image rather than words
- If you enter information you will receive an “error” or “next page cannot be displayed” message