In this crazy technology-enabled world we live in today, scammers, theives, and otherwise unscrupulous folks have never had more tools at their disposal for stealing your data, your identity, and your money.
In this blog post, I’ll recall some of the scams and schemes that I’ve been the personal target of in the past year, and review some of the ways that you can avoid becoming a victim of online scams!
Typical Scams
“Your account has been compromised, please verify all of your information”
A common scam involves sending a victim an “official-looking” email, scaring them with a claim that their account is in danger, and then soliciting personal login credentials from them.
Remember: no website or company will EVER ask you to “verify” or “confirm” your username/password information!
“I want you to buy $3000 in laptops using these two credit cards”
I’ve received emails from people claiming to be interested in purchasing computers from me. They ask how much I’d charge for, say, three high-end Sony VAIO laptops. Once I give them a quote, they say, “Ok, great – I’ll give you this credit card information, and you go ahead and purchase that for me”.
Yeah, right – can you say “stolen credit card” with MY name attached to a $3000 fraudulent purchase? I don’t think so.
“Click here to Download, Win, Verify!”
We’ve all seen this on various websites and unsolicited emails. Just go to any “free” software download site, and you’ll see this type of “clickbait” plastered all over the site. The danger here is that some of these URL links can lead to virus-hosting malicious websites.
Rule of thumb: before clicking on ANYTHING, just “mouse-over” the link and look at the URL preview that your browswer/email client displays. If you don’t recognize the URL, DON’T CLICK IT.
“Hi, I’m so-and-so from the Help Desk. BIG problem with your system, so I’m going to need all of your information to fix it”
While rare, these types of one-on-one social engineering attacks can be very effective. Attackers pretend to be calling from your company’s IT department, scare you with claims that your system is compromised, and then subtly ask you for sensitive data and information to help them “fix” the problem.
If you ever receive an unsolicited call like this at your workplace, don’t release ANY information, and make sure that your REAL IT department is made aware of it immediately!
“This app is requesting permission to do the following: take ALL of your data”
On Facebook, there are thousands of apps you can install on your account: everything from games, birthday reminders, and video-sharing apps. Most of these apps are harmless, but some of them take control of your Facebook profile and extract your personal data for viral marketing purposes. This way, the app can spread itself through your personal social network by posting and otherwise notifying your friends’ of its presence.
Before you install ANY app, read it’s privacy and permission statements first!
“Install this software using the (Recommended) settings”
Software developers want to make their product easy for the end-user to install and use, so they’ll often include a “Recommended” installation option alongside an “Advanced” one. This way, the software is installed using default settings without the user having to do anything else.
Be careful, though: MOST of the “Recommended” installations will also install “piggyback” software. For example, downloading and installing the popular “Adobe Flash Player Plugin” also includes (as the “recommended” or “default” option) downloading and installing the “Google Chrome” web browser. So, if you follow Adobe’s “recommendation”, a browser that you might not even want will get installed on your system (and automatically set as the default browser)!
A better way to install software is to use the “Advanced” option (don’t worry, it’s usually not THAT advanced – just select the installation folder, and you’re done). This way, you’ll be able to prevent any built-in, unwanted piggyback software from installing.
Conclusion
I want all readers to be safe when they’re browsing the Internet, because there are a lot of people out there looking to steal from you. My best advice is to be vigilant (and skeptical) when it comes to browsing, email, and software, so as not to leave yourself vulnerable to a scam or attack.
And remember: if it seems too good to be true, it probably isn’t true. (especially on the Internet!)