Safe on the Web: Defeating Hackers Part 1
The Federal Trade Commission (FTC) reported an estimated 8.3 million Americans fall victim to identity theft each year.*
The IdentifyTheftResourceCenter reported** between a quarter and a third of victims spend 4 to 6 months correcting the aftermath of their identity theft cases.
The amount of loss in the average ID theft is shown by multiple studies to cost around $500, with of course, some costing much more. Some identity theft cases don't directly involve money at all. In the US, 15% of identity theft cases involve misdirecting blame of traffic violations or crimes to random innocent victims**.
And you, wise web-surfer, are concerned about hackers stealing your identity from your online activity—as well you should be.
The first thing you need to know is: most loss of sensitive data on the internet is voluntary. Sadly, you are tricked into giving your private data to criminals more times than not. Fortunately, this is easy to avoid, once you learn a little about sensitive data..
This most common attack is one I trust you’ve already heard of. It’s a simple spam email from the "Deposed Prince of Nigeria", trying with all his might to make you rich . As spam emails make up half to three-quarters of all emails, there’s a lot of spam to worry about.
Spam attacks work on the same underlying principle. Whether they are phishing or pharming, they're counting on you not knowing just how dangerous the information you send them is—and how deftly they will use it against you.
Like this writer? Like adventure/ fantasy? Try:
If you find yourself thinking, "there's no real risk," you're probably not thinking enough. Take, for instance, the Canadian Bank Note con. It seems risk-free, but as always, there’s a catch. While the internet isn't required for this con to work, it is often employed.
You win a high-dollar bid on eBay, and contact the seller. For some innocent-sounding reason, the seller wants to send you a Cashier's Check (bank note) for $2,000, and in exchange, you overpay by the same amount. The seller sends you the cashier's check first, and you deposit it and verify it clears before you send anything. No risk, right? Wrong.
The US banking system has a loophole where banks take other bank's cashier's checks at face value, and deposit them to your account available for withdrawal immediately, without verification, even if they never heard of the name of the bank. So you deposit your $2k, it 'clears', and you send your oversized payment to the con. By the time your bank figures out the $2k check was printed on a $100 inkjet printer, the con has your money for the bid, plus the additional $2k. Your bank takes back the $2k, possibly overdrawing your account, then to add insult to injury, charges you an additional fee for depositing a bad check. You can expect bad checks will be written against your account thereon. This scam is older than the Web itself, but it still goes on today.
Social mining and sweet-talk attacks (such as our poor deposed prince) stem from a basic misunderstanding of risk.
Information is Risk
Is it OK to put your birth date in Facebook or Myspace? What about the name of your hometown? Can you get a virus just by reading an email, or viewing a picture online? Can you safely allow a gambling or sweepstakes website to deposit money into your bank account? When can you safely type your password or credit card into a web browser? Is your online banking really safe? Can a hacker steal your credit card number from L.L. Bean's internal database...or your SSN from the Social Security Dept.?
These are the questions you need to be able to answer to survive online. And I promise, the answers will surprise you.
read Living Safely on the Web: Defeating Hackers Part 2: http://hubpages.com/hub/Living-Safely-on-the-Web-Part2
**ITRC study suuported by grant from US Dept. of Justice: http://www.idtheftcenter.org/artman2/publish/m_press/2007_Trends_and_Predictions_printer.shtml