All About Safe Computing
by Rev. Linda Smallwood
What Is Phishing?
.....
While the Internet has brought many benefits, it has also become a haven for criminals and a medium by which they can scam and steal from innocent people. And just because you don't have much money doesn't make you immune to their attacks. Whether $10 or $10 million, they're happy to take it!
With continuous system upgrades and safer operating systems, it's getting harder for spammers and scammers to use their old tricks to gain access to your computer; they're now turning their attention to 'social engineering' tricks. These are new and inventive ways to trick you into divulging personal information, such as credit/debit card numbers, bank accounts, passwords, PINs, etc. It's called "Phishing" and a lot of people are losing a lot of money.
You've probably already seen one or more of these phishing emails. Here's how they work:
- The scammer uses spam to send an email or pop-up message that looks like it's from a business you deal with or are familiar with, such as...
· your Internet Service Provider (e.g., AOL, MSN, SBCGlobal, Cox, Juno)
· your bank or other familiar bank (e.g., Citibank, Wells Fargo, Chase)
· an online payment service (e.g., PayPal, Western Union)
· a government agency (e.g., Federal Reserve, Social Security Administration, IRS, FBI) - The message usually warns you of a security violation and says you need to "update" or "validate" your account information.
- When you click on the link in the email, a website opens that looks like the legitimate organization's site; but it's actually a carefully-constructed fake. This fake site prompts you to enter your personal information.
- Using the information you provide, the scammer can then steal your identity, withdraw funds from your bank, run up credit card bills, or even commit crimes in your name.
How the Scammers and Hackers Get Information about You
In addition to harvesting unprotected email addresses, hackers gain access to your PC through your PC's "ports". There are thousands of "ports", like little gates, that let information in and out. Some of the legitimate information moving through the ports includes emails, accessing a website, submitting a form on a website, and downloading programs (includes games and music).
However, a lot of information flows to and from your PC without you even knowing about it. Most of it is legitimate, such as checking for Windows updates, anti-virus software checking for the latest virus updates, etc. However, some of what's going on behind-the-scenes poses a grave threat to your PC and your privacy, in the form of:
- Viruses [click for definition]
- Worms [click for definition]
- Port Scanning [click for definition]
- Cookies [click for definition]
- Trojans [click for definition]
- Denial of Service Attacks [click for definition]
- Spyware [click for definition]
- Spam [click for definition]
At a minimum, you should install or enable the following programs:
- Firewall: This is not some discretionary piece of software you don't need. A computer firewall is a software application that filters traffic flowing into and out of your computer.
A firewall controls communications to and from your PC. It permits or denies communications based on the security protocols you set. A firewall can:
• make your PC invisible on the Internet. Your ports don't just appear closed, they don't appear at all!
• automatically block suspicious incoming traffic.
• alert you every time a program on your PC tries to send information to a remote computer or network.
If you don't have a firewall installed, then as soon as you connect to the Internet (before you even start your browser or email handler), you are open to attack — because some or all of your ports are open and unmonitored. A firewall is especially important if you have a high-speed Internet connection. Hackers love to take over broadband machines because they can use them to spread spam even faster!
- Anti-Virus: Anti-virus programs usually detect virus threats — including most trojans and worms — before they download and infect your computer. Upon detection, the anti-virus program will display a prompt wherein you may determine the action to take.
- Anti-Spam: Many of the anti-spam programs I've tried only detect spam, but they don't stop it from downloading to your computer. The program I use, MailWasher, enables you to view an email's content before it gets to your computer. This means you don't have to download anything you don't want — thereby greatly reducing your chances of your computer receiving something rogue.
You can help to stop spam, first by adhering to the email guidelines on the previous page, and second by forwarding unwanted or deceptive messages to the following organizations. These organizations then analyze the unique digital signatures in the email(s) to identify and stop future emails from that spammer or anyone sharing their digital signature.
• CastleCops: Free registration and reporting service. Go to www.castlecops.com.
• SpamCop: Free registration and reporting service. Go to www.spamcop.net.
• Federal Trade Commission: Simply forward a copy of the offending email to spam@uce.gov.
- Anti-Spyware: Most anti-spyware programs alert you before your computer goes to potentially hazardous websites, thereby thwarting an attempt to redirect your browser. Some actually rewrite a potentially risky email into a benign safe email.
And last but not least, make sure your Windows software is up-to-date! It's easy to do and free. Just go to http://windowsupdate.com.
.....References: Nick Bolton, Firetrust.com
Wikipedia — The Free Encyclopedia
Copyright © 2007. LetterPerfect Online™. All rights reserved.