In Part 1 of our three-part series on Internet Security we talked about Malware - trojans, worms, spyware, adware - and how you can defend yourself against these software threats. In Part 2 we'll discuss Scams and Phishing, devious ploys to capture your personal details - or even your money - that sometimes trick even the professionals!

Phishing

The origin of the word phishing dates back to the 1970s and the original hacker, John Draper (aka "Captain Crunch"), although the practice of phishing didn't begin until the mid-1990s. It refers to the act of acquiring users' login details (usernames and passwords) by deception. In a modern phishing attack, the user will click on a link that appears to go to a website where they hold an account, at which point they are presented with a login page. The page however is not part of the website, rather being a scam which sends the login details to the hacker's database.

Common targets for phishing are online banking accounts and social networking sites. If you receive an email asking you to confirm your account details for any reason, alarm bells should ring in your head. Whenever you're about to enter your password for a website, take a second to make sure the URL in the address bar is exactly what it should be (for example www.paypal.com not paypal.dodgyweb.ru).

Scams

Con Men operate on the internet just as they do in the real world, only with the anonymity the internet provides it can be much harder to tell. Besides phishing scams designed to steal your password, there are plenty of other cons to watch out for in your inbox.

The most common online scam is a "419" scam, so called because of the article of the Nigerian Criminal Code which deals with fraud. This is a form of "Advance-Fee Fraud" in which an email arrives stating that the recipient has inherited a large amount of money from a late wealthy distant relative (or similar) but owing to legal issues, the money cannot be released. Usually the email apparently comes from a lawyer or attorney, who says that for a small up-front fee or bond, the legal issue can be resolved and the money will be sent. Sometimes these scams are drawn out for months, with clever tricksters inventing new hurdles and requesting more money.

The important thing to bear in mind is that on the internet, it is very hard to check credentials. If you receive an email out of the blue, you should always treat it with suspicion and tread carefully.

Secure webpages

Information you type into webpages is always sent somewhere. When you log in to a website, you're sending your username and password to their system to be checked. A secure connection encrypts the data so that only the computer you're trying to send to can understand it. Without a secure connection, it's possible for somebody to intercept the data and steal your information.

This is most important when shopping - you wouldn't just let anyone have your credit card details, you want them to go to the retailer and only the retailer. Secure connections are indicated by a padlock icon in the address bar of the major browsers. If you don't see this symbol when you're about to make a payment, think twice.

In Part 3 we'll take a look at Hackers and what you can do to protect yourself from their attacks.

Get in touch for more information on internet security for you or your business!

• < Prev
• Next >