|
|
1-888-8 PUEBLO (1-888-878-3256)
|
|
Home > Consumer Focus Archive > Online Safety and Privacy
|
Consumer Focus: Online Safety and Privacy |
|
Online Safety and Privacy
Cyber security, phishing, worms, firewalls, Trojan horses, hackers, and viruses seem to be in the news every day. Plus warnings to update your virus protection, watch out for online scams, protect your privacy, and watch what you click on are everywhere. But what does it all mean? And what can you do to safeguard access to your computer and to protect yourself and your family?
Posted: April 3, 2006
|
|
What is this all about?
The first step in protecting yourself is to recognize the risks and become familiar with some of the terminology associated with cyber security. The Department of Homeland Security created this list of terms:
Hacker, attacker, or intruder - These terms are applied to the people who seek to exploit weaknesses in software and computer systems for their own gain. Although their intentions are sometimes fairly benign and motivated solely by curiosity, their actions are typically in violation of the intended use of the systems they are exploiting. The results can range from mere mischief (creating a virus with no intentionally negative impact) to malicious (stealing or altering information).
Malicious code - This category includes code such as viruses, worms, and Trojan horses. Although some people use these terms interchangeably, they have unique characteristics.
- Viruses - This type of malicious code requires you to actually do something before it infects your computer. This action could be opening an email attachment or going to a particular web page.
- Worms - Worms propagate without you r doing anything. They typically start by exploiting a software vulnerability (a flaw that allows the software's intended security policy to be violated). Then once the victim computer has been infected, the worm will attempt to find and infect other computers. Similar to viruses, worms can propagate via email, web sites, or network-based software. The automated self-propagation of worms distinguishes them from viruses.
- Trojan horses - A Trojan horse program is software that claims to do one thing while, in fact, doing something different behind the scenes. For example, a program that claims it will speed up your computer may actually be sending your confidential information to an intruder.
Top
E-mail this page to a friend |
|
Phishing
Phishing is a scam that where criminals fraudulently obtain and use an individual's personal or financial information. Here is how it works:
- You receive an e-mail that appears to originate from a financial institution, store or company you do business with, or government agency.
- The message describes an urgent reason you must "verify" or "re-submit" personal or confidential information by clicking on a link in the message.
- The link appears to be to the web site of the financial institution, store or company you do business with, or a government agency. But in "phishing" scams, the web site actually belongs to the criminal.
- Once you are inside the fraudulent web site, you are asked to provide Social Security numbers, account numbers, passwords or other information used to identify you.
- When you provide the information, the criminal can access your current financial accounts or create ones using your identity.
Here are some tips from the U.S. Computer Emergency Readiness Team:
How do you avoid being a victim?
- Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about your personal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
- Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person's authority to have the information.
- Do not reveal personal or financial information in emails, and do not respond to email solicitations for this information. This includes following links sent via email.
- Don't send sensitive information over the Internet before checking a web site's security (see Protecting Your Privacy for more information).
- Pay attention to the URL of a web site. Malicious web sites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a web site connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group.
- Install and maintain anti-virus software, firewalls, and email filters to reduce some of this traffic (see Understanding Firewalls, Understanding Anti-Virus Software, and Reducing Spam for more information).
What do you do if you think you are a victim?
- If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.
- If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account.
- Check your credit reports for unusual activity.
- Report your situation to your local police, and file a report with the Federal Trade Commission.
Top
E-mail this page to a friend
|
|
How can you minimize the access other people have to your information?
It is probably easy for you to identify people who could gain physical access to your computer—family members, roommates, co-workers, members of a cleaning crew, and maybe some others. But identifying the people who could gain remote access to your computer becomes much more difficult. As long as you have a computer and connect it to a network or the internet, you are vulnerable to someone or something else accessing or corrupting your information. Luckily, you can develop habits that make it more difficult.
- Lock or Log-off your computer when you are away from it. Locking or logging off your computer prevents another person from waiting for you to leave and then sitting down at your computer and accessing all of your information.
- To be really secure, disconnect your computer from the Internet when you aren't using it. DSL and cable modems have made it possible for users to be online all the time, but this convenience comes with risks. The likelihood that attackers or viruses scanning the network for available computers will target your computer becomes much higher if your computer is always connected. Disconnecting your computer may mean ending a dial-up connection, turning off your computer or modem (you can sever your connection to the Internet while keeping your computer on by unplugging your modem), or disconnecting the cables that connect your computer to your modem.
- Evaluate your security settings. It is important to examine your computer's settings, especially the security settings, and select options that meet your needs without putting you at increased risk. Many, but not all Internet providers offer free security software. If you don't receive free software, you should consider buying a commercial product that includes virus scan, firewall, and pop-up blockers. You should also be aware of your Internet cookies setting. Cookies are short pieces of data used by web servers to identify users. Some cookies are useful for storing images and data from websites that you frequent, but others are malicious and collect information about you. You'll have to decide how much risk from cookies you can accept. Finally, if you install a patch or a new version of software, or if you hear of something that might affect your settings, reevaluate your settings to make sure they are still appropriate.
Top |
|
Other Resources
This is just a brief overview. For more information, check out these resources:
Read this publication online or order it from our Computers page:
Read this publication online or order it from our Family page:
Websites*:
* Names of resources and organizations
included in this online article are provided as examples only,
and their inclusion does not mean that they are endorsed by
the Federal Citizen Information Center or any other Government
agency. Also, if a particular resource or organization is not
mentioned, this does not mean or imply that it is unsatisfactory.
*If you click
on these links, you are leaving FCIC's website. Please bookmark
us before you leave so you can return easily. FCIC is not responsible
for the content of these websites.
Top |
|
We will not retain or use this
information for any other purpose.
Top
|
|
For
more information on other popular consumer issues check out
FCIC's Consumer
Focus Archive.
Top |
|
|
- |
|
This service is provided by the Federal Citizen Information Center of the . E-mail us your comments or questions. |
|
|
|