Would you give up your bank account and credit card numbers to a stranger on the street after he approaches and asks for them? Of course not. But that’s essentially what people do when they’re tricked by online crooksters into revealing sensitive personal information, including their Social Security numbers.
- The phishing attack is when the thief sends out thousands of the same e-mail. If enough people receive the message, sooner or later someone will take the bait.
- The bait may be a notice you’ve won a prize; a warning that your bank account has been compromised or that you owe back taxes; an alert that something went wrong with your UPS delivery; or something about your medical insurance.
- These subject lines are designed to get you to open the e-mail and then follow its instructions to remedy the problem—instructions to the tune of typing out your personal information including passwords.
- Sometimes the fraudster has already gained information from a victim and will use that to make the victim think that the phishing e-mail is legitimate.
- These e-mails contain links; never click on them. They’re designed to entice people into giving up personal information, or, the site they take you to will download a virus to your computer.
- Sometime the e-mail will contain an attachment. Opening it can download a virus.
- What if the e-mail appears to be legitimate, complete with company logo, colors, design and details about you? Contact the company first, by phone, to see if they sent out such an e-mail. Don’t click any link to get on the company’s site; instead go there via typing into the URL field.
- You may have heard that hovering over the link will show its true destination, but this isn’t always the case.
- Remind yourself that you are not special: Why would YOU inherit money from some strange prince in a foreign country?
- Passwords should never contain words or names that can be found in a dictionary. I know you so desperately want to include the name of your favorite football team in it, but don’t. Such passwords are easier for hackers to crack.
- Never use keyboard sequences; again, a hacker’s tool can find these.
- Make a password almost impossible to crack by making it at least 12 characters, a mix of upper and lower case letters, and include numbers and other symbols.
- Use a different password for every account.
- You should have a complete system that’s regularly updated.
- Have a firewall too.
Virtual Private Network
- Download Hotspot Shield to encrypt your data on public WiFi hotspots.
- Shield your IP address from webtracking companies who desire your information to sell you stuff or from search engines who hand that data over to the government.
- Whenever possible, visit only sites that have https rather than http, because the “s” means it’s a secure site.
A padlock icon before the https means the site is secure.
Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- How to Recognize a Phishing Scam
So someone comes up to you in a restaurant—a complete stranger—and asks to look at your driver’s license. What do you do? Show it to that person? You’d have to be one loony tune to do that. However, this same blindness to security occurs all the time when a person is tricked by a “phishing” e-mail
- How to win the War on Phishing
A phishing attack is a trick e-mail sent randomly to perhaps a million recipients, and the thief counts on the numbers game aspect: Out of any given huge number of people, a significant percentage will fall for the trick. The trick is that the e-mail contains certain information or is worded in such a way as
- Phishing Alert: 8 Tips to protect yourself from Attacks
It’s as easy for hackers to phish out your personal data as it is to sit in a canoe on a still pond, cast the bait and wait for the fish to bite. So many people fail to learn about phishing scams, a favorite and extremely prevalent scam among cybercriminals. A type of phishing scam is to
- Be aware of all these Confidence Crimes
Criminals often rely on tricking their victims to gain access to their passwords and other account information. This act of tricking is called social engineering, also known as a confidence crime, and it comes in many forms. A type of phishing e-mail where the criminal targets someone specific is called spearphishing. The spearphishing e-mail will look
- Phishing works and here’s why
A phishing e-mail is sent by a cyberthief to trick its recipient into revealing sensitive information so that the crook could steal money from the recipient or gain access to a business’s classified information. One way to lure an employee is for the crook to make the e-mail appear like it was sent by the