- Internet & the Web
How to Avoid Internet Scams and Computer Viruses
There are ways that you can be 100% safe from scam artists. Learn how.
It's well known that criminals steal paper bills and bank statements from the garbage, finding social security numbers and account numbers that can be used to buy products under someone else’s name?
Credit card numbers are even stolen at checkout counters in stores where the thief simply looks over the cardholder's shoulder and quickly jots down the number while they are holding the card waiting to pay.
This happens in the real world, but in cyber space we can protect ourselves a lot easier. The problem is that people don’t know how.
Why People Get Fooled
Many people get fooled into giving away their user ID and password by a method called phishing. They receive an email stating that their account was compromised and that they should log in and change their password immediately. They click on the link in the email and go to their bank's site or broker's site, whatever it may be. The site looks familiar and they think they are really there. However, it's a fake site, a spoof of the real thing.
In a hurry to change their password they no longer are thinking clearly. They enter their user ID and password to log in. Being in panic mode, they don’t even take the time to first check things out. They just quickly change their password.
If they had checked things out they might have found that some things just didn't seem right. A spoof site copies a lot, but may have missed a few things. Anyway, it's too late. They just gave their logon information to the criminal by entering it on the spoof site.
Any login user ID and password would have worked. The hacker is anticipating that people will enter their true login information. Then they use this to log into the real site and transfer all the victim's money to an account of their own.
How to Avoid Email Scams and Viruses
You can be 100% safe if you follow the rules of safety. Never log into an account via a link from an email. Always go directly to the site by entering the URL yourself. Better yet, save it in your bookmarks and click to it from there. Not from an email.
In addition, if another website talks about, say your bank, for instance, and they have a link to it. Don’t follow that link. Again, just go direct or via your own bookmark that you have saved on your own computer.
The people who fall for these scams are not stupid. They just have not educated themselves with the proper safety methods in cyber space and they don't understand how hackers work.
This is somewhat computer illiterate, but there is no excuse for that. There are scam artists and hackers in the real world outside of cyberspace too, and there always have been.
In cyber space, or in the real world, it makes no difference. If you allow yourself to fall for scams you can lose your hard-earned money for being hasty. It's easy to check things out by going to a site with a direct method rather than trusting a link from an unknown source.
It's better to use your intelligence to recognize when things don't seem right. Use your due diligence to check it out yourself, without panicking and without following dangerous links.
Example of a Phishing Email and How to Recognize It
Don't fall for email hoaxes that attempt to get you to click to a site that plants a virus on your computer. These are known as phishing emails.
Learn how to quickly determine a hoax. I recently received the following email that looks like it was sent by the IRS...
The link to the word doc file for the tax report actually takes you to a website that plants a virus in your machine. It's not a doc file.
I simply hovered my mouse over that link. I did not click it. By simply hovering over it, most browsers will display the actual URL address that you'd go to if you click. This is usually displayed in the lower left or right of your window.
In this case, it showed me a strange-looking URL. So I knew it was fake. If it were really the IRS it would have been a ".gov" address. This one was not, so I knew not to click on it. I knew it was a fake.
The fact that the link looks like a ".doc" word file is meaningless. Don't fall for that game. The address can be easily forged.
Now you know.
Why Do Scams Succeed?
If everyone would just stop responding to these email scams, our inboxes wouldn’t be so cluttered with this garbage. The scammers would give up. They succeed because there are so many people who fall for it.
I am surprised that so many people are always falling for Internet scams. Without giving it a second thought they fall for them and give away their logon info by trying to log into a phishing site.
It's so easy to avoid problems simply by avoiding clicking on links in emails to login on any site whatsoever.
Never Use the Same Password on Multiple Sites
Here’s a story of what can happen if you use the same password in two places. It’s not pretty.
A friend of mine used the same password on her Facebook and Gmail accounts. Due to a security breach of Facebook’s user database, a major Nigerian hacker was able to access user emails and passwords.
Six months after the report was made public about the breach, my friend found her Gmail account's password had been changed.
The hacker had taken over her Gmail account, sent an email in her name to her contacts saying that she had lost her wallet on a business trip, and desperately needed a loan of a couple thousand bucks to get home.
You can see how easy it is for her good friends to fall for this, thinking it was really her, since it came from her email account, and wire her the funds as described in the email. However, these funds would actually go to the hacker.
So remember, if you receive a fishy-sounding email from a friend, it's possible they've been hacked. Try to confirm it's really them by some other means, not by replying to the email. If you reply, you'll give your email address to the hacker.
What You Can Do to Help Others Avoid Scams
Whenever I get legitimate emails from my bank with links in the email to log in, I try to teach them. I send a report to management explaining how they are inadvertently teaching their customers to log in by clicking on links in emails.
I continue to explain that someday one of their customers will receive a phony email and will be scammed into giving their account information to a hacker of a phishing site.
If you get an email like that from your bank or financial institution, give them hell. Tell them they are creating a security breach. If enough of us show them that we are smarter than they are, they may get the message.
If you have kids using computers, educate them about the proper use of computers in order to maintain safety and security. Teach yourself and pass it on to your kids.
Are You Unknowingly Spreading Viruses to Your Friends?
Cyber terrorists take advantage of those who fall for scams or simply are somewhat computer illiterate. You might even unknowingly be spreading computer viruses among your friends. Learn the facts.
I once got two similar emails from two friends at about the same time. Both had a link to a site and mentioned that I should look at this interesting site. However, nothing was said about why I should look at it.
It was immediately obvious to me that both my friends had a virus that spreads by looking like it was sent from a trusted friend. Instead of clicking the link, which I knew was asking for trouble, I just deleted the emails.
Getting two similar emails from two people at the same time was definitely a clue that those emails were not written by my friends.
Even if I had gotten just one, I still would not have clicked the link. I'll tell you why...
The fact that there was no information as to why I should follow the link also made it clear that something was wrong. If it were real, they would have or should have said something more about it.
Tough luck if a real friend sends me something without the courtesy to include a meaningful reference in the subject field. I just won’t open it for my own safety. They need to be taught proper computer etiquette. This lack of understanding comes from being computer illiterate. You know better. Teach your friends. Spread the knowledge for their safety and yours.
These types of emails can contain a link to a site that plants a virus on your computer. That's why I won’t follow the link.
How a Computer Virus Duplicates and Spreads
A computer virus can copy itself and spread to other computers. It does that by looking for email addresses in your email directory as well as any email addresses contained in the "TO:" field or the "CC:" field of emails you received from other people.
Then it uses your own email program to send an email to all your friends, like the one I was talking about, with itself attached. It keeps repeating the process from one person's computer to another.
Your own friends may be opening the door for these viruses to spread by not hiding email addresses in the "BCC:" (blind copy) field, when they send a message to multiple friends at once.
If any one of the recipients has a virus that spreads like this, each of your friends gets an email with the virus. The friends who are not savvy will click the link and continue spreading the virus because they think they received the email from a trusted friend.
That explains how I got two at the same time. It happens quickly. You have 10 friends and they each have 10 friends. That's already 100 copies of this virus out there duplicating itself. They each have 10 friends, now there are 1000 copies.
By the 4th generation there are 10,000 copies of this virus. By the 5th generation... 100,000. Okay. I'll stop drilling my point. Just as long as you can see that a million people now have the virus after just six repeated generations of friends opening the virus.
What does this mean? You are responsible for millions of cyber attacks if you are one of the people in the chain.
Break the chain and you might one day save the world. Why do I make this sound so extreme? Because it is extreme.
The Mischief That Viruses Accomplish
Some of these viruses were created for one reason. They may be benign to you and me. They just use us to spread and search for something specific so that cyber crime can eventually be achieved.
Eventually a copy of it will reach its desired destination. When it does, it wakes up and performs its reason for existing. Possibly finding a computer in the Pentagon or the U.S. Defense Department and sending back all the data on those computers.
In May 2011 defense contractor Lockheed Martin was hit by a cyber attack made possible by malware that was carelessly introduced into their system.
It requires a human to allow a virus to become active. Too many people allow themselves to be fooled by emails that ask to click a link that ends up freeing the malware that activates a virus. They need to learn to do their due diligence with email requests to click a link.
There are ways to investigate the actual source of the email from its header info. The sender's address is useless because it can be forged, or the sender may have a virus that is duplicating it self by sending itself to all their friends.
This carelessness can lead to cyber warfare.
A virus might be searching for a control server of a nuclear power plant to instruct it to disable the cooling system to create a melt down.
Another might shut down the US power grid or disrupt telecommunications. I'm not making this stuff up. See my list of references for these details.
When a Virus Reaches its Destination
Over the past few years it has been discovered that the Chinese have been implementing malware into the chips we import for our computers.
So far these viruses have been stopped in their tracks before doing anything really bad. However, many of them already had infiltrated government computers to get vital information that the creator of the virus needed to get their hands on. On the other hand, they may have been paid to do it for someone who wants the data with a desire to trigger something more serious.
These are cyber terrorist. They are using the Internet to create destruction in the real world. The data these hackers find is sold to terrorists planning worse catastrophes. I already made my point about acquiring control over a computer server that controls telecommunications, the national power grid, or anything related to national security,
I don't need to tell you how vital secret government information can be used against the U.S. and hinder our national security.
Don't include yourself in the chain that leads to this demise. Be alert to emails that you think have come from a trusted friend asking you to follow a link. Otherwise you will be the trusted friend who spreads mayhem.
© 2011 Glenn Stok