Be an Internet Skeptic!
In the past, identity theft occurred when a criminal got access to your personal information by stealing your wallet, mail, or other documents. Although thieves still uses these old tricks, they also steal your private information by sending "phishing" emails to get access to your accounts, sending fraudulent messages that look like they came from legitimate sources (banks, IRS, PayPal and others), and sending vague messages that contain links or attachments with hidden malware to search out and retrieve personal information from your computer.
Phishing Spammers try to fool you with all sorts of fake email messages. They try to impersonate trusted organizations such as the Financial Aid Office as well as Banks, PayPal, the IRS, and other businesses and financial services with an e-presence. USU receives many phishing attacks per day, sometimes to may recipients here and sometimes to just a few. Over the past year, Internet Skeptics at USU have reported over 4000 different phish attacks. They want your credentials or your identity so that they can make money at your expense.
Thanks to the USU Basketball Team and BFA Theatre Arts Students for this reminder that keeping your computer updated is Your Own Best Defense.
Be an Internet Skeptic!
Your favorite professional organization probably produces a scholarly Journal. That Journal is under the direction of an editorial board composed of some of the big (or nearly big) names in the field. Before an article appears in their Journal, it is reviewed by board members and/or experts chosen by the board. Only the good, believable, defensible stuff gets printed in the Journal.
Not so for the internet. There is no editorial board. Anyone who can obtain access or a little space on a server can send an email message or put up a web page that proclaims anything. True or not. Confirmed or not. Safe or not. Written by the leading authority in the field, or written by a charlatan with a hidden agenda.
In the long continuum that ranges from "gullible" to "paranoid" each internet user must find in the middle a healthy skepticism.
Err on the side of gullibility and:
- You will become a victim of mischievous email attachments (the latest ones pretend to be American Express, FedEx, or your bank; threaten to close your email account; download keyloggers; or open backdoors to hackers).
- You will be inundated with spam (for everything from cell phone plans to pharmaceuticals).
- Your identity will be stolen.
- You will spread senseless chain letters.
- Your computer activities will be logged and reported by spyware.
- Your computer will be used by others to store and share files (music, movies, games, porn).
- Your computer will be used by others to forward spam.
- You won't even notice most of this happening until someone complains and your computer gets disabled.
Retreat into paranoia and:
- You will miss important email messages.
- You won't take advantage of the facts, discussions, and opinions on the internet.How do you join?
- You won't be informed and connected.
- You will miss legitimate opportunities.
- You won't be able to do your job.
So, how do you find that middle ground of healthy skepticism?
- If it's too good to be true, it probably isn't true. You didn't win a lottery that you didn't even enter.
- If it's "free" then you are probably paying in ways you don't realize (your email address and your personal information or the storage and bandwidth of your computer may be "payment" they want).
- Don't believe or pass on stories that you cannot confirm (unless they are consistent with your political leanings, of course).
- Check the credibility of authors and page owners.
- If you can't find the independent corroboration of facts, be doubtful.
- Learn to use some truth-checking tools:
- snopes.com - the urban legends homepage
- scambusters.org - the latest scams
- www.hoaxbusters.org/HoaxBusters.org - lists internet hoaxes
- cert.org - Computer Emergency Response Team
- us.mcafee.com/virusInfo - computer virus info
- gogoshopper.com - how online shoppers can avoid fraud and scams
- hostmerchantservices.com - online fraud preventioncomputer-security/be-an-internet-skeptic
- google.com - look for other sites with the same info
How do you join the team?
- When you get a suspicious or dangerous message, forward it to email@example.com with a brief message about your concerns.
- Forward any spammy message AS AN ATTACHMENT to firstname.lastname@example.org for automated processing to improve the filter.
Be On Guard Against Identity Theft
Identity theft occurs when an individual uses your identity to commit fraud or other crimes in your name or against your credit. In the past, identity theft occurred when a criminal got access to your personal information by stealing your wallet, mail, or other documents. Although thieves still uses these old tricks, they also benefit from advances in technology and use tactics like:
- sending "phishing" emails to get access to your accounts, or
- sending fraudulent messages that look like they came from legitimate sources (banks, IRS, PayPal and others)
- sending vague messages that contain links or attachments with hidden malware to search for and retrieve personal information from your computer.
Identity thieves don't just target individuals, but also groups or organizations who may have databases containing individual's personal information. USU IT Security is concerned about educating you on how to protect your personal information, but also how we can protect and secure USU student, faculty and staff information held within USU databases.
Identity Theft Prevention Tips
Don't carry your social security card or write your SSN on any documents you carry in your wallet or purse.
Lock your mailbox and stop mail if you will be unable to retrieve it for extended periods of time (like a vacation).
Shred documents containing your personal information before throwing them away.
Secure your computer and mobile devices with a password lock.
Protect your computer and mobile devices with a firewall, anti-virus software, or program that removes spyware.
Be skeptical of emails with unfamiliar transaction information from seemingly familiar senders, emails phishing for your personal information or unidentified links or attachments.