How Gullible are You?
April 3, 2008 – 10:00 amThe internet is one of the easiest media to get your identity stolen. Everyday you can open your inbox to find emails from Paypal, Citibank, Ebay, Bank of America, etc. requesting you to go to “their website” to log in and confirm some information. When you follow the link and log in, you believe that you are logging into their website (and you are sometimes), but you are actually doing it through an identity thief’s site first. Upon logging in, you have given this person everything that they need to know to access your financial information. The worst part is, you just gave it to them!
The reason this is the topic today is because of an article I read about the Army pulling an April Fool’s Day prank offering our armed forces free tickets to theme parks. The Army has warned the troops to never give out personal information on the internet, but they wanted to test just how gullible the troops are. While the results aren’t published, I’m sure that they will show that the weakest link in information security still lies with the people using the computer.
Ways you can avoid Internet Identity Theft:
- Check your credit report regularly. By federal law, each credit agency is required to give you one free credit report every year. Sometimes checking this can mean the difference between no theft, and hundreds of thousands of dollars of debt.
- If you receive an email from “your bank” or “ebay” asking you to follow a link so you can log in and check your preferences, DO NOT FOLLOW THE LINK. Open a new browser or a new tab in your current browser. Type in the website that you normally go to (ie. for ebay, type www.ebay.com), log in, and see if there are any new announcements. If they are not, then you know that you could have been scammed.
- Run a phising filter. Both IE7 and Firefox have one. If your browser doesn’t have a phishing filter, then perhaps you need to get a new browser.
- Be cautious of any website you get a link to, even if you know the person that sent the link. This is very important. There are many viruses that will automatically send an email out to every person on the infected computer’s contact list. If you receive one of these from a friend, it could be asking you to go to a link that will install a virus without you knowing it.
- Use a spam filter. Many of these phishing email addresses are already logged as being spam, and a basic spam filter should filter them out for you. Norton has a spam filter in their Internet Security bundle, but if you don’t want to pay lots of cash for big spam filter, you can always download an open source one for free (these will generally take more technical skill to implement correctly. One can be found at http://popfile.sourceforge.net/)
- Never give out your personal information to ANYONE that you don’t know is who they say they are. If Dell customer support calls you and asks you to give your Social Security number to access your account, even if you have an account, don’t do it. Either tell them that you will call back at the number you found on the internet, or ask them to find a different way to access your account, and make them verify information to you (not items of public knowledge like address or phone number).
- If a “federal agency” requests information, ask if you can call them back, look up that department’s number on the internet and when they request your SSN, force them to cite the law which gives them authority to request that knowledge (they are required to upon request per US Privacy Act of 19).
Just remember, your identity is only as secure as you keep it. Just say no.
Sorry, comments for this entry are closed at this time.