|
This is a very complicated topic and I will
try my best to make it easy to understand. We are not going to
cover everything here, just the basics. You have to keep in
mind though that identity theft is not new. It has been around
a long time before the Internet became common place.
First, a little example of how easy it is to steal
information.
At a previous job we were trying to look at
the computer systems and check how vulnerable they were to the
staff and people connecting in using the Internet. So, we went
looking for a professional “hacker”. We had a few people and
companies apply, but the one I was most interested in was one
individual. This person while waiting for me brought in a
laptop to the meeting room and connected to the network. After
we exchanged hand shakes he asked me if I knew how much the
President of the company made. I said no. He asked me if I
wanted to know.
Here, this guy, within 10 minutes, used a
password cracker and broke into the payroll system in the
company. Out of all of the applicants, who do you think I
hired?
What do I mean by “Identity Theft is Not New”? Let me give
you a couple of non-computer example of Identity Theft.
Have you ever eaten in a restaurant and
used a credit card to pay for the bill? If the answer is Yes,
then you have become vulnerable to identity theft. The waiter
or waitress could easily copy the numbers down with the
expiration date and ordered something over the phone. They
could have copied it, and in the past, they could have kept the
carbons that made copies of the transactions.
Have you ever thrown away bank statements
or bills away at home without shredding them? If you have,
again you were vulnerable from anyone that could go through the
trash, especially recycled paper.
Have you ever given out any personal
information over the phone without verifying the person on the
other phone is who they say they are? Again, if you answered
Yes, you became vulnerable.
Have you ever kept your car unlocked with
your insurance card and registration card in the glove
compartment? If you answered Yes, you again might have been a
victim.
What do these examples mean? It means that you should be
aware of your activities on and off line.
How big is the problem on line? An
organization called Consumer Sentinel works with various
government agencies to help monitor what is going on in the
areas of theft and security. Below are their 2002 findings:
Between January and December
2002, Consumer Sentinel, the complaint database developed and
maintained by the FTC, received 380,103 consumer fraud and
identity theft complaints. Consumers reported losses from fraud
of more than $343 million.
What steps can I take to help protect myself while on line?
A lot of this is covered in an article in
my Ebook
“Computers 101: The Questions You Were Afraid to Ask”. In
this article we will cover how to tell when you are safe.
E-Mail and Chat Room
The first thing you have to be aware of is
not to give any personal information in an e-mail, or in a chat
room. This means, social security number, passwords, and credit
card number. I would also be leery if you do not know the
recipient when giving your home phone number and possibly your
address, especially if you have children at home. Having your
phone number I can easily find out your address on line, and
having your address, getting your phone number. With either of
these I can instantaneously get directions to your home.
Individuals who want to steal information
use a software program to help them with their cause. They look
for certain types of sequences, such as credit card (16
digits), social security numbers (9 digits), phone
number (10 digits), passwords (usually 6 to 8 random
digits), etc. E-mail and chat room are un-secure and
transmitted in what is called clear text, meaning that anyone
can read it. There is a security “digital” signature, but both
parties have to have it turned on in order to read the other
person’s message. If there is enough interest, I will write an
article on how to set that up.
Web Sites
This is a very big topic and a lot of this
is covered in my Ebook. This section will cover:
 | Cookies |
| Spyware |
| Temporary Internet Files |
| Secure and Un-secure sites |
Cookies
The bottom line is that when you visit
sites, many of them place a file on your PC called a cookie. A
cookie is information about you, especially if you have to log
onto a site, or if you filled out a form on site. If you use
Internet Explorer and Netscape, cookies are placed on your PC.
It is not uncommon, over time to have a thousand or more cookies
on your PC. Some cookies are good, some are bad. To delete the
cookies currently on your system, go to the Tools menu in
Internet Explorer and select Internet Options from the menu, as
shown below:
After clicking on Internet Options, the
following window appears:
In the middle of the window is a button
called Delete Cookies. Click on it and the following window
appears:
Click on the OK button and the cookies will
be deleted that are used by Internet Explorer, not Netscape.
Just close the Internet Options window when it is complete.
Spyware
In my Ebook,
“Computers 101: The Questions You Were Afraid to Ask” is a
number of articles on Spyware. This is the number one cause for
pop up ads and slowness using Internet Explorer. Have you ever
responded to an ad on the Internet that dealt with financing
your home. In a couple of days, you get more and more pop up
ads that have loan information. Or, how about visiting adult
only sites. You start receiving pop up ads, emails and even
while in AOL Instant Messenger, or MSN Instant Messenger, the
ads appear. This is due to Spyware. This file or files placed
on your PC is monitoring what you fill out as well as where you
go on line.
These files should be routinely eliminated
off of your PC and you should be pro-active and prevent them
from going onto the PC to begin with.
I recommend the following products to
eliminate Spyware and pop up ads:
Pop-Up Stopper will work all of the time.
Ad-aware and Spy-Bot will need to run manually at least once a
week for the free version. The pay version prevents Spyware
from being installed on the PC.
Temporary Internet Files
Whenever you are online almost every site
that you visit places temporary files on your PC. The next time
you go to that site it will load faster because some of the
bigger files are on the PC. This is called cache. You may have
thousands of these files on your PC. To empty the Internet
files, go to the Tools menu and select Internet Options. The
following window will appear:
Click on the button in the middle of the
window called Delete Files and the following window will appear:
You want to make sure that the Delete all
offline content is checked, and then click the OK button.
Depending on how often you do this will depend on how long it
will take. Your mouse will turn into an hour glass. It make
take a couple of minutes.
When it is complete click the OK button and
the window will close.
Secure and Un-Secure Sites
It is fairly easy to tell a “secure” site
from an “un-secure” site. A secure site has the following
characteristics:
The address starts with https, instead of
http as shown below.
The bottom of the Internet Explorer window
has a lock on it as shown below. If it was un-secure the lock
would not be visible.
The other way to tell a secure site is if
there is a certificate of some kind displayed on the site. For
example, Verisign, probably the most used is shown below:
Sometime a certificate will come up and ask
you to proceed. An example of one is below.
With both of these forms, your data that
you enter and receive is encrypted and cannot be viewed by
anyone else. These certifications actually look at what your PC
address is and authenticates your user name and password. These
sites are the most secure.
If the site is not secure, then any
information you type in can be seen by anyone. That is why most
email lists only ask for your first name, maybe last name and
email address.
What can I do to protect my system at home?
The US government has a site that deals
with additional strategies to help protect the home user. There
site which outlines the strategies is located at
http://www.whitehouse.gov/pcipb/.
Some strategies you should consider are:
| Purchasing an Internet Security
program that has
| Anti-Virus |
| Fire Wall |
| Pop Up Blocker |
| Privacy Control |
| Parental Control |
| Spam Blocker |
|
| Having Virus Protection Software on
every PC, if you do not buy a complete package mentioned
above. |
| Setting up a firewall on any PC that
connects to the Internet, if you do not buy a complete
package mentioned above. |
| Use meaningless passwords, and not
your birth date, kid’s names, etc. |
| Download all security patches on your
PC. |
| Disconnect from the Internet when not
in use |
Internet Security
The all encompass Internet Security program
I recommend is Norton Internet Security and it has all of the
functions mentioned above. You can go to
www.symantec.com for more information, or buy it from here:
Norton Internet Security 2004 Professional
The Professional version is about $20 more,
but it is like one stop shopping. You do not need to buy any
separate components.
Virus Protection
There are many out there. Buying the
package is one thing. Keeping it up to date is another.
Please, for your own protection do not forget to keep the
product current. The two top ones are Norton Virus Protection
and McAfee. Best Buy:
Firewall
A Firewall is basically a hardware and or
software device that helps prevent people from accessing your
PC. If you use DSL or Cable modem it is not unheard of to have
your PC “hit” by other PCs 15 or more times a day. A Firewall
prevents this from happening.
I personally recommend having both a
hardware and software solution. The software solution is Norton
Internet Security mentioned above, or Norton Firewall, which can
be obtained here:
 
Norton Personal Firewall 2004 - Windows
The hardware firewall solution that I
recommend is probably the easiest to setup and it is from a
manufacturer called D-Link. They have three versions
| 4 port wired |
| 4 port wired with print server |
| 4 port wired and 4 port wireless |
The four port wired is below:
Instant Broadband EtherFast Cable/DSL Firewall Router with
4-Port Switch - BEFSX41
There is an article on firewalls,
terminology, and how to set them up in the Ebook “Computers
101: The Questions You Were Afraid to Ask”
Passwords
Passwords are very important and you should
never click on a check box on any site that says Remember
Password. This is the number one mistake and is done mainly by
being lazy. If someone went on your PC without you knowing it
and you had it remember your password, you just gave them 100%
access. Would you give someone your PIN number for an ATM
machine. I think not.
There is a whole article on passwords and
how to select an effective one in my Ebook.
Security Updates and Patches
This is very important to keep up to date.
The majority of PCs that I visit have not been up to date, or
never updated at all. Again, exposure to your PC is
vulnerable. There is a 35 page article on this and how to do it
and when in my Ebook “Computers
101: The Questions You Were Afraid to Ask”
Disconnect from the Internet when not in use
If you connect using a dial up modem,
please make sure you are disconnected when you are not online.
If you use cable or DSL modems and you DO NOT have a hardware
and software firewall in place, then it is in your best interest
to turn the power off when you are not on line. The software
products that these individuals use to steal information can
detect thousands of computers in minutes. You do not want to be
one of them.
Other Questions You should ask
| When your PC is not being used, is it
locked? |
| Do you monitor your kid’s activities? |
| Have you tried searching for yourself
on line and what do you find? |
| Do you leave your password on your
monitor? |
| And many more. |
The main purpose of this article was to
make you aware of identity theft. There will be more articles
in the future. Some credit card companies also give you the
ability to use virtual numbers on line, fingerprints to access a
PC and Smart Cards to access your accounts. We will explore
these technologies in future articles. |
