Phishing scams and attacks have long been a favorite way for crooks and hackers to steal your personal information, then your cash. Any request for your data, whether online or off, should set alarm bells ringing in your head: identity theft alert!
Most people have now heard of phishing scams, and are reasonably on guard against them. But the criminals are very inventive and imaginative, and are constantly dreaming up new ways to trick us, and con us out of our hard-earned money.
One such method that has been around for a while is known as scareware. It works like this. You suddenly get a pop-up on your screen, warning you that your computer has supposedly been infected with a virus. The box looks just like the usual dialog box you are used to seeing from Windows, so you are not too suspicious.
You see a link to a Web site where you can buy a program to remove the malware. However, if you purchase and run the software, it will do the opposite. It will put real viruses and spyware on your computer. This malware could scan your computer for credit card numbers, passwords and bank login credentials. Even worse, the hacker now actually has your credit card number.
How did the pop-up get onto your computer in the first place? You may have inadvertently fallen for a phishing scam. Or you may have been the victim of a drive-by download. You visited a well-known and respected site that had been attacked and compromised. The simple act of visiting the site caused a malicious program to be downloaded and installed on your computer, without any other action from you.
Here are two other common attack pathways. You clicked on an ad on Google or other news site. The ad had in fact been placed by a hacker. This leads you to a malicious site that infects your PC. Or, the crooks determine what is popular and in the news these days. Then they create Web sites dealing with these topics.
Through optimization techniques, they get their pages to appear in the top 10 Google search results. This is known as poisoning the results. When you click on one of these "fake" results, you get a scareware pop-up or other malware.
Twitter and some social networking sites have been repeatedly attacked, using different combinations and variations of the above methods. No one is entirely safe on the World Wild Web any more. A recent survey found that almost half of Web surfers were confident that their security programs were protecting them. But in fact the programs had not been updated, and so were barely providing any protection at all. Identity theft alert!
Your anti-virus software should be updated every day or two. Anti-spyware programs should be updated once a week. A couple of times a month, check to see if there are any Windows Updates for you.
Before we get to some other helpful tips, you should take care how you close that pop-up box on your screen. If you click the pop-up itself or that little red X on the upper right, instead of closing the dialog box, it may actually initiate the malware download! So do this:
Right-click the pop-up's tab on the Task Bar at the bottom of your screen, and click Close. If this does not work, press Ctrl + Alt + Delete. Find your browser in the list of running programs, and click End Task. Then disable pop-ups altogether, in your browser.
So what should you do if, regrettably, you fell for the scam and bought the software? Update Windows as well as your anti-virus, anti-spyware and other cleaner programs. Disconnect from the Internet. Launch and run your security programs, one by one, until they come up clean. Watch your credit card statements closely over the next few months. Report any unauthorized charges at once.
Get all your software from reputable sources only. Never buy anything in response to a pop-up or spam. Keep all your programs and applications up to date, not just your security software. The hackers love to use Adobe Reader or Flash, or media players, to attack you. I know, keeping everything up to date can be a time-consuming and tedious chore.
But a relatively painless way to do it is to use the Secunia Online Software Inspector It will scan your computer for the most popular software. If it finds anything out of date, it will warn you and help you patch the wayward programs. Currently, Secunia reports that 26% of all programs it scans are insecure. Now that is definitely a scary thought! Run the Inspector once a month or so.
Identity theft is a messy, costly business. It can take a year of frustration and teeth-gnashing to get your life back on track. The good news is, applying these guidelines plus a bit of common sense, should keep you secure. Happy (and safe!) surfing.
Most people have now heard of phishing scams, and are reasonably on guard against them. But the criminals are very inventive and imaginative, and are constantly dreaming up new ways to trick us, and con us out of our hard-earned money.
One such method that has been around for a while is known as scareware. It works like this. You suddenly get a pop-up on your screen, warning you that your computer has supposedly been infected with a virus. The box looks just like the usual dialog box you are used to seeing from Windows, so you are not too suspicious.
You see a link to a Web site where you can buy a program to remove the malware. However, if you purchase and run the software, it will do the opposite. It will put real viruses and spyware on your computer. This malware could scan your computer for credit card numbers, passwords and bank login credentials. Even worse, the hacker now actually has your credit card number.
How did the pop-up get onto your computer in the first place? You may have inadvertently fallen for a phishing scam. Or you may have been the victim of a drive-by download. You visited a well-known and respected site that had been attacked and compromised. The simple act of visiting the site caused a malicious program to be downloaded and installed on your computer, without any other action from you.
Here are two other common attack pathways. You clicked on an ad on Google or other news site. The ad had in fact been placed by a hacker. This leads you to a malicious site that infects your PC. Or, the crooks determine what is popular and in the news these days. Then they create Web sites dealing with these topics.
Through optimization techniques, they get their pages to appear in the top 10 Google search results. This is known as poisoning the results. When you click on one of these "fake" results, you get a scareware pop-up or other malware.
Twitter and some social networking sites have been repeatedly attacked, using different combinations and variations of the above methods. No one is entirely safe on the World Wild Web any more. A recent survey found that almost half of Web surfers were confident that their security programs were protecting them. But in fact the programs had not been updated, and so were barely providing any protection at all. Identity theft alert!
Your anti-virus software should be updated every day or two. Anti-spyware programs should be updated once a week. A couple of times a month, check to see if there are any Windows Updates for you.
Before we get to some other helpful tips, you should take care how you close that pop-up box on your screen. If you click the pop-up itself or that little red X on the upper right, instead of closing the dialog box, it may actually initiate the malware download! So do this:
Right-click the pop-up's tab on the Task Bar at the bottom of your screen, and click Close. If this does not work, press Ctrl + Alt + Delete. Find your browser in the list of running programs, and click End Task. Then disable pop-ups altogether, in your browser.
So what should you do if, regrettably, you fell for the scam and bought the software? Update Windows as well as your anti-virus, anti-spyware and other cleaner programs. Disconnect from the Internet. Launch and run your security programs, one by one, until they come up clean. Watch your credit card statements closely over the next few months. Report any unauthorized charges at once.
Get all your software from reputable sources only. Never buy anything in response to a pop-up or spam. Keep all your programs and applications up to date, not just your security software. The hackers love to use Adobe Reader or Flash, or media players, to attack you. I know, keeping everything up to date can be a time-consuming and tedious chore.
But a relatively painless way to do it is to use the Secunia Online Software Inspector It will scan your computer for the most popular software. If it finds anything out of date, it will warn you and help you patch the wayward programs. Currently, Secunia reports that 26% of all programs it scans are insecure. Now that is definitely a scary thought! Run the Inspector once a month or so.
Identity theft is a messy, costly business. It can take a year of frustration and teeth-gnashing to get your life back on track. The good news is, applying these guidelines plus a bit of common sense, should keep you secure. Happy (and safe!) surfing.
SHARE
