Welcome to the APBWeb.
Results 1 to 3 of 3
  1. #1
    Roses's Avatar
    Roses is offline Member
    Join Date
    02-19-06
    Posts
    1,361
    Rep Power
    513337

    How To Stop Internet Identity Theft

    Jack M. Germain, newsfactor.com
    Tue Apr 25, 10:00 AM ET


    Internet identity theft is one of the fastest-growing crimes in the U.S. today. For five straight years, the Federal Trade Commission (FTC) ranked it as one of the most-reported types of fraud. Despite the increasing awareness of identity theft among consumers and financial institutions, the identity-theft racket shows no signs of slowing. Reported losses from identity theft, currently responsible for over 40 percent of all fraud complaints, approached nearly $300 million last year.

    "True identity theft is a problem that goes far beyond simple credit-card fraud, against which consumers are fully protected, thanks to zero-liability laws and other regulations," said Dave Collett, a spokesperson for MasterCard. "ID theft is when a person's entire identity is taken over. For that to happen, a fraudster would need far more information than just what is found on a credit or debit card."

    All too often, consumers provide that needed information unknowingly through careless Web surfing and by using computers whose security is breached by virus and spyware infections.

    One of the leading causes of identity theft online is consumers falling prey to phishing attacks, a form of identity theft that employs a criminal strategy that security professionals call social engineering. Essentially, the process works by tricking e-mail recipients into going to phony Web sites to divulge personal data, like bank-account numbers or credit-card information. Identity thieves also use technical subterfuge through spyware and Trojans to capture user names and passwords so they can gain access to consumers' financial details.

    While many consumers have placed a great deal of faith in their antivirus or antispam software, industry experts say that security applications, for the most part, are not bulletproof as a method for fighting identity thieves. Rather, the software serves mainly to eliminate most major phishing and Trojan threats and works best only in combination with user awareness of increasingly sophisticated social-engineering tactics.

    Avoid Suspicious Attachments

    It might seem obvious, but you must be doubly cautious about opening e-mail attachments, which serve as one of the most common vehicles for Trojan horse programs, the worst kind of malware. Just because you recognize the e-mail sender as a family member, friend, or business associate does not make the attachments safe to open. The e-mail might have been sent from a friend's computer that had been infected with a Trojan-bearing worm.

    Network worms, which are arguably the most dangerous of all virus types, jump from one machine to another, spreading around the Internet and leaving infected computers in their wakes. Some network worms do not require any kind of user intervention to spread. They secretly scour the Internet for connected computers that do not have current security updates or firewalls installed.

    Other worms have become so sophisticated that they use multiple strategies to spread themselves. In addition to spreading automatically to computers with outdated security software, these worms can commandeer your e-mail address book and send e-mail messages, laden with Trojans, to your friends and business associates. This means that e-mail recipients have no way of knowing, with perfect certainty, that they are receiving a legitimate message from you or from the worm hiding on your machine.

    So, unless you are expecting an e-mail attachment, never assume it is safe to open. Although it might seem tedious, it is important to make sure the attachment is legitimate by checking with the sender before opening it. Once you receive an attachment that looks suspicious, all that is required is a quick reply e-mail asking whether the sender intended for you to receive the file.

    Furthermore, even if your friend intended that you receive the attachment, you are not out of danger just yet. Your friend might have unwittingly forwarded you an infected file, so it is then up to your antivirus or security software to determine whether that attachment is safe to open.

    Attached files often contain documents or graphics that can have damaging hidden code in them. Simply clicking on the graphic or a link in the attachment can activate the malicious code, unleashing keylogging programs or other malware designed to steal your identity.

    On the surface, many of these messages might seem innocuous. They might be the latest Internet joke or even a call to help victims of the Hurricane Katrina disaster. Besides being poor computing etiquette to click the forward button and share these messages with friends and family, doing so can be very dangerous because of the likelihood that they contain malicious links or code.

    "It is extremely easy for someone to forge an e-mail message," said Chris Hofmann, director of engineering for the Mozilla Foundation, the organization that makes the Firefox Web browser. "If a message requests that you send your password or other private information, or asks that you run or install an attached file, then it is very likely that the message is not legitimate. When in doubt, just mark the message as junk and delete it."

    Use Multiple Layers of Protection

    Beyond exercising a great deal of caution with attachments, it is especially important to use software that not only offers antivirus protection, but also can protect you against spyware and spam. Identity theft comes in many guises. The more types of threats a computer program can detect and deflect, the better. At the very least, you should use a product that provides advanced e-mail protection and can scan attachments for dangerous content in both incoming and outgoing messages.

    Many traditional antivirus vendors now offer integrated-security products that not only give you the ability to set up a firewall easily, but also offer several options for locking down your computer against spam, viruses, and spyware. Rather than require that you purchase and maintain separate software products for each type of protection you need, these integrated software packages combine several kinds of protection in one suite, providing overall security for your computer at a lower cost per module.

    McAfee, for example, offers one of the most popular security packages for guarding against virus, spam, and worm attacks. "We've taken a close look at today's threats and found that consumers are facing blended threats more than just one type of malware," said Gus Maldonado, product manager for McAfee. In addition to offering firewall and antivirus protection, McAfee's Internet Security Suite offers protection against phishing.

    For a phishing scam to work, you must click the link in a forged e-mail -- which might look like it's from your bank or other financial institution -- and then enter your user information on the Web page that your browser opens. By adding antiphishing capabilities to your e-mail through McAfee's Internet Security Suite, or any other popular integrated-security package that can protect against phishing, your e-mail program can screen the e-mail source code to help you determine whether the content is legitimate.

    McAfee's suite also adds an antiphishing plug-in to your browser so that even if you do click on the link in your e-mail, believing it to be legitimate, you will get another warning when you access the fake Web page. Many integrated-security packages also can alert you if your browser is being secretly redirected to a known or suspected phishing Web site or when secret executables, such as malicious ActiveX controls (which are Internet Explorer plug-ins that add all kinds of functionality), attempt to transfer your personal information to another computer on the Internet.


    Copyright 2006 NewsFactor Network, Inc.


    Copyright 2006 Yahoo! Inc. All rights reserved.

    http://news.yahoo.com/s/nf/20060425/bs_nf/42950
    http://img455.imageshack.us/img455/1369/rosekdrosetransp9fk2eb.gif

    A Smile

    A smile cost nothing, but gives so much.

    It enriches those who receive it,
    without making poorer those who give.
    It takes but a moment, but the memory
    of it sometimes lasts forever.

    None is so rich or mighty that he
    can get along without it,
    and none is so poor but that
    he can be made rich by it.

    A smile creates happiness in the home,
    fosters goodwill in business,
    and is the countersign of friendship.

    It brings rest to the weary,
    cheer to the discouraged, sunshine to the sad,
    and it is nature's best antidote for trouble.

    Yet it cannot be bought, begged, borrowed,
    or stolen, for it is something that is of no
    value to anyone until it is given away.

    Some people are too tired to give you a smile.
    Give them one of yours, as none needs a smile
    so much as he who has no more to give.

    - author unknown

  2. #2
    Roses's Avatar
    Roses is offline Member
    Join Date
    02-19-06
    Posts
    1,361
    Rep Power
    513337

    Continued

    Don't Neglect Software Updates

    One of the most common methods that antispyware and antivirus software uses to identify malicious code and remove it is by comparing what it finds on your hard drive -- or what comes in via e-mail -- to an exhaustive database of malicious threats. Users who keep clicking the delay button instead of following through with their software's regular suggestions to update their local signature list can put themselves at risk.

    While some of the most advanced security software uses "heuristics" -- a method that relies on looking at the actual behavior of malicious code to determine whether it might be attempting to create a viral infection -- the mainstay of any antivirus application is its database of signature files. An out-of-date database can weaken your security software's protective barrier and make it much easier for thieves to steal your identity. So it is imperative that your security software always use the most recent signature files available from your security vendor.

    Of course, your software might want to update itself right when you're in the middle of doing something on your PC that requires most of your processor's power. And you might be tempted to click the delay button. But when the software prompts you to update, resist the urge to postpone it. The more current your software is, the less likely it will be that you have to cancel your credit cards as a result of identity theft.

    It also is important to learn about the settings for your security software's update features. Some programs will let you choose a time interval for regular updates. Other programs provide an option to do it automatically. In most mainstream security software, these settings are relatively easy to find.

    In much the same way that the software gives you the ability to schedule software updates, most popular security packages give you the ability to schedule complete system scans for intruders. While these scans often slow the responsiveness of other programs that you might be running at the time, you should avoid the temptation to cancel a scan just because it is inconvenient. Also, it is very important to scan your computer regularly. Having the ability to detect and remove harmful viruses and spyware that can steal your identity is worthless if your software does not run frequently enough to keep you protected.


    Use a Little Link Logic

    As a routine safe-computing practice that can help avoid many kinds of identity-stealing scams, you should always enter a Web site's URL in a new browser window. For example, if an e-mail claiming to be from your bank asks you to log in to verify your password or account information, resist the temptation to click on the link in the e-mail itself, regardless of how authentic the message might appear.

    Do not be fooled by these common tricks. One of the most effective methods that phishers use is to send an e-mail that looks exactly like the one you would get from your bank, service provider, or just about any kind of company that has your sensitive financial information. While these pieces of e-mail might look legitimate, they secretly hide fake URLs and potentially malicious script in the HTML source code.

    Here is one example of the kind of messages designed to steal your account information: "This e-mail is a reminder that your eBay account information is suspended. To avoid any interruption to your service, including the ability to log on to your eBay account, please update your credit or debit card information by clicking here and submitting our form." While the text might sound completely authentic and the e-mail might look perfectly legitimate, replete with eBay graphics, resist the temptation to follow the instructions.

    In many cases, the actual link in the HTML code will be different from the URL displayed in the e-mail. In other words, even if the piece of e-mail looks legitimate and a link in it claims to take you to a familiar and legitimate URL, the underlying source might send you to an impostor Web page that looks exactly like eBay but is designed to steal your personal information or bank account number. However, if you copy and paste the included link into a new browser window -- or if you simply type the URL into that window yourself -- you can avoid this kind of trickery altogether.

    Also consider installing a respected browser toolbar to help protect you from known fraudulent Web sites. One such product is offered for free by Internet service provider Earthlink. The toolbar is called ScamBlocker and works by alerting you before you visit a page that is on Earthlink's list of known phishing sites. There are many such toolbars on the market -- some free, others not -- that all do essentially the same thing. It is likely that, eventually, all browsers will have this technology built right in.


    Use Safer Surfing Tools

    Currently, Internet Explorer 6 is the most dangerous Web browser to use because it is the most popular. When it comes down to it, it's a numbers game for hackers. They know that some 90 percent of Internet users rely on Internet Explorer to surf the Web. So they tailor their malicious scripts, ActiveX controls, and all sorts of other malware specifically to weaknesses in the current version of Internet Explorer.

    Until the time when Internet Explorer 7 hits the market with a better security arsenal to help protect you against online scams, there are several alternative browsers that can take you out of the targeted majority. And there are several add-on security tools that can make life with Internet Explorer 6 much more secure.

    Some alternative Web browsers (Opera is one) and some software-security products (like Earthlink's ScamBlocker) can compare the URLs you are browsing against a known list of fraudulent Web sites and Web sites that are known to install malicious code on visitors' computers. These programs either block your connection to the Web site altogether or issue a warning before loading the page.

    Some e-mail clients provide similar antiphishing features. For example, the Mozilla Foundation's Thunderbird e-mail client detects links in e-mail that use Internet Protocol addresses instead of domain names and other common techniques for diverting users to an attacker's Web site. When Thunderbird detects this content in messages, it displays a status bar at the top of the message to indicate the message might be an e-mail scam. If the user ignores the warning and clicks on a link in the message, Thunderbird provides another warning to the user with a dialog message that says: "This site is suspicious!"

    None of Microsoft's main programs -- Internet Explorer, Outlook or Outlook Express -- currently has these security features, but Redmond last year updated the MSN toolbar with antiphishing capabilities. MSN's new toolbar, which can be used without an MSN account, scans Web pages visited by users and prevents customers from entering personal data on known phishing sites.

    While Internet Explorer add-ons and alternative browsers can batten down the security hatches to some extent, all-in-one security software is your best bet for fighting identity theft on the technology front. But installing an integrated-security package does not mean that you do not need to exercise caution against online scams.

    Subscribe to a Credit-Monitoring Service

    Beyond security software and good common sense when it comes to transacting business online, it is important to watch your credit information. Truly nasty identity theft not only hits you in the pocketbook, but also can affect your credit. In fact, watching your credit is a great way to make sure that you haven't been a victim of identity theft.

    You can obtain free credit reports from the major credit-reporting services, like Experian or Equifax. For a relatively small price, however, a credit-monitoring service can notify you immediately about any suspicious transactions that would affect your credit information.

    For example, Equifax, one of the three leading credit bureaus, offers a service called Credit Watch that can alert you about any credit file changes at all three major credit-reporting companies. Other credit-monitoring services include Identity Guard (www.identityguard.com), which provides three-bureau monitoring and is offered directly through some online-banking outlets. Another is TrueCredit (www.truecredit.com), which provides reports on credit scores from the three major credit bureaus and offers other credit-monitoring services.

    You also should check with your existing credit-card companies to make sure you are not charged for fraudulent activity resulting from identity theft. If the banks backing the credit cards do not provide this service, consider closing those accounts and opening new ones with banks that provide better protection. In the process, another step is to activate credit-card insurance through the account sponsors or purchase credit-card insurance from a credit-monitoring service.


    Copyright 2006 NewsFactor Network, Inc.


    Copyright 2006 Yahoo! Inc. All rights reserved.

    http://news.yahoo.com/s/nf/20060425/bs_nf/42950
    http://img455.imageshack.us/img455/1369/rosekdrosetransp9fk2eb.gif

    A Smile

    A smile cost nothing, but gives so much.

    It enriches those who receive it,
    without making poorer those who give.
    It takes but a moment, but the memory
    of it sometimes lasts forever.

    None is so rich or mighty that he
    can get along without it,
    and none is so poor but that
    he can be made rich by it.

    A smile creates happiness in the home,
    fosters goodwill in business,
    and is the countersign of friendship.

    It brings rest to the weary,
    cheer to the discouraged, sunshine to the sad,
    and it is nature's best antidote for trouble.

    Yet it cannot be bought, begged, borrowed,
    or stolen, for it is something that is of no
    value to anyone until it is given away.

    Some people are too tired to give you a smile.
    Give them one of yours, as none needs a smile
    so much as he who has no more to give.

    - author unknown

  3. #3
    Roses's Avatar
    Roses is offline Member
    Join Date
    02-19-06
    Posts
    1,361
    Rep Power
    513337
    Educate Yourself About Online Threats

    Being well armed with information about computer security is just as necessary as having up-to-date software. Find out all you can to minimize your chances of becoming an identity-theft victim. Educating yourself about these threats is easier than you might think. Most banks and financial institutions now provide their subscribers with information about privacy and identity-theft issues.

    Be sure you familiarize yourself with your bank's procedures for protecting yourself against identity theft. For instance, PayPal will never send an e-mail addressed to "Dear PayPal User." Instead, PayPal always uses your first and last names, two pieces of information that identity thieves will not know until you tell them.

    Also, an easy way to spot a fraudulent e-mail message is to move the mouse pointer over the link in a suspected phishing e-mail. In most cases, excepting some very sophisticated phishing scams that use advanced scripting to mess with your e-mail client's ability to determine the real link, you will see the details of the actual URL. Usually phishing e-mail contains lengthy Web addresses that are not based on your bank's domain name.

    Learn more about protecting yourself from phishing attacks and other online identity scams by visiting sites specifically devoted to these issues, such as www.antiphishing.org, www.consumer.gov/idtheft, http://safety.msn.com/phishing, or several others that provide information about how to protect yourself against online scams.

    Ultimately, while technology can help protect you, the fight against identity theft must be fought with common sense, informed caution, and a solid understanding of what you are up against.

    Copyright © 2006 NewsFactor Network, Inc.


    Copyright © 2006 Yahoo! Inc. All rights reserved.

    http://news.yahoo.com/s/nf/20060425/bs_nf/42950
    http://img455.imageshack.us/img455/1369/rosekdrosetransp9fk2eb.gif

    A Smile

    A smile cost nothing, but gives so much.

    It enriches those who receive it,
    without making poorer those who give.
    It takes but a moment, but the memory
    of it sometimes lasts forever.

    None is so rich or mighty that he
    can get along without it,
    and none is so poor but that
    he can be made rich by it.

    A smile creates happiness in the home,
    fosters goodwill in business,
    and is the countersign of friendship.

    It brings rest to the weary,
    cheer to the discouraged, sunshine to the sad,
    and it is nature's best antidote for trouble.

    Yet it cannot be bought, begged, borrowed,
    or stolen, for it is something that is of no
    value to anyone until it is given away.

    Some people are too tired to give you a smile.
    Give them one of yours, as none needs a smile
    so much as he who has no more to give.

    - author unknown

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 31
    Last Post: 06-22-07, 01:33 PM
  2. Internet gangs hire students for cybercrime
    By Roses in forum In the News
    Replies: 5
    Last Post: 12-17-06, 02:23 PM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •