How and Where Online & Computers

Online and Computers

Fake IT Service Calls

In the past month I have had several people tell me about phone calls they have received from people claiming to be from BT Trust, and other IT Service companies.  The caller informs the individual that they are looking at their computer screen and can see several areas which they are prepared to help them to fix.  One of the callers stated that there was a specific virus in the local area which they could help to deal with for a fee.  Callers have then told these people to put their computer on and talks them through a number of steps in order to allow them remote access.  The caller then proceeds to gain remote access to the computer and downloads free basic scanning applications, which of course happens after all the relevant credit/debit card information has been taken.  Sometimes a helpline number is left which is bogus.  I tracked one of them down to West Bengal where the scammer had used Skype to set up a UK phone number.

Worse than that the scammer not only has credit/debit card info but also remote access to the user’s computer which they can take over and extract passwords and sensitive information from.

Kindly reported by Irene MacBain Web and Media Ministry Calvary Christian Fellowship on 19 April 2011

Email Phishing and Advance Fee Scams (419 Scams)

Identity Theft with Email Phishing

Identity Theft with Email Phishing

We’ve all received those emails asking for fees in advance for funds that need to be moved out of Nigeria and if you supply your bank details you will receive a 20% commission!  Those who respond are leaving themselves open to being a victim of identity theft.   Section 419 of the Nigerian Criminal Code was specifically enacted to help prevent this type of fraud, but the scam remains rife.

Advice

  • Never respond to suspicious emails – just delete them.  Any email seeking your assistance to move cash is likely to be a scam
  • Never give your personal financial details to anyone by email.  Email is not a secure method of communication and reputable companies would never ask you to do this
  • Never disclose your bank account details
  • Never disclose your date and place of birth – a birth certificate can be obtained with this information
  • Assume that all emails asking for personal information are frauds
  • Don’t click on links in emails if you are not sure who they are from – type the url yourself
  • Never allow the kids to use the same computer as the one you do your accounts or online banking on

Theft of Your Banking Details

Identity Theft - Bank Phishing Emails

Identity Theft - Bank Phishing Emails

If you use online banking be wary of emails that appear to come from your bank.  These emails usually contain a link that goes to a convincing copy of your bank’s website using real logos and images stolen from the real bank site.  The purpose of these fake sites is to collect your online banking login and password details.  This is called “phishing” – criminals are trawling the net trying to find people who will fall for their scams.

Advice

  • Never click on the link in an email purporting to come from your bank.  Treat all emails from your bank as highly suspicious as in general banks do not email you.  If you need to go to your bank’s website type the url into the address bar of your browser – do not click on links in emails
  • Keep control of your email addresses.  Consider using different email addresses for different purposes – one for family and friends – one for general use and one you only use for trusted sites and important tasks

WiFi Hotspots

Identity Theft from WiFi Hotspots

Identity Theft from WiFi Hotspots

Many hotels, airports and motorway service stations offer WiFi hotspots so that we can pick up our emails or access the internet whilst we’re travelling.  Should you take advantage of them or not?

Security experts warn that hackers may be masquerading as free public WiFi providers to gain access to the laptops of unsuspecting travellers.  It’s difficult to tell if the WiFi hotspot is legitimate or not.

Make sure you use your inbuilt security measures – install and use a firewall, anti-virus, anti-malware etc.  The most up to date wireless security system is WPA2 – this provides greater protection than its predecessors WPA and WEP.

The general advice is to connect only to networks that you trust, disconnect the wireless when you stop using it, do not use unknown networks to make online purchases or to do any online banking.

Safe Online Shopping

Identity Theft When Shopping Online

Identity Theft When Shopping Online

When buying online make sure that the address line begins with https:// rather than the usual http://.  The “s” indicates a safe site.  Look also for a picture of a small padlock or an unbroken key in the bottom right corner of the browser window.

Consider using a separate credit card for your online purchases and reduce the credit limit on it to what you think you will need.  This limits your risk and makes it easier for you to check your online purchases.

Make sure you log off any site properly, don’t just close the browser window.

Do not make online purchases from Internet Cafes, WiFi Hotspots or public computers.

Social Networking and School Reunion Sites

Identity Theft from Social Networking Sites

Identity Theft from Social Networking Sites

Social networking sites like myspace, twitter, facebook etc are becoming increasingly popular.  It’s wise to be cautious about the information you divulge especially your date and place of birth – remember it’s easy to obtain a birth certificate with this information.  Consider creating an alias rather than your real name.

If you add your name to a website that helps school friends make contact, be aware that school lists are displayed by school year so a criminal can view and calculate the year of your birth.  Most schools are near to people’s place of birth and a criminal will be able to work out the details and apply for a copy of your birth certificate from the General Register Office (www.gro.gov.uk) for just £10.

With your birth certificate the criminal has sufficient data, including your mother’s maiden name, to do some real damage.

Your address can be obtained from Electoral Roll records.  These are sold legally but you can opt out when you submit your details – ensure you tick the box to opt out.  It's the Edited Register column.

Wireless Internet Connection

Identity Theft from Social Networking Sites

Indentity Theft from Insecure  Wireless Internet Connection

Wireless internet or WiFi enables you to pick up a digital signal from a router – the signal is sent from the router and is picked up by either an internet wireless receiver or USB receiver fitted to your personal computer or laptop.

The danger arises if you have set up your router without an encrypted signal which means that anyone within a certain radius of your router would be able to use your internet connection, but could also, with the right software, access data stored on your machine. This could be your online banking or accounting records, passwords, CV etc.  All of these would make it easy to steal not only your money, but your identity.

For you own protection you should make sure that your wireless product uses a WEP keyWireless Encryption Protocol and that you have it enabled.  Ensure your password is not easy to guess.

Old Computer Hard Disks

Identity Theft from Social Networking Sites

Identity Theft from Old Computer Hard Disks

Never sell a computer or laptop without erasing all the data on it.  Criminals scan newspaper adverts for second hand computers – an un-erased hard disk is too good an opportunity. Never dispose of an old computer or laptop without removing and destroying the hard disk.  You don’t know where it’s going to end up. Use an eraser at least 3 times – this may take some hours but is better than the alternative. 

The only truly safe method of destroying data on a hard disk is physical destruction.  When disposing of old CDs make them unreadable by physically damaging them.

Top Shredders

Choose a CROSS-CUT or DIAMOND-CUT shredder rather than a straight-cut.