The World Wide Web has revolutionized communications, changing the way we share, access, and utilize information, as well as creating all sorts of possibilities for communities and collaboration. However, these same technologies are being leveraged by criminals greatly increasing the risk of on-line fraud.
There are two major threats that you should be aware of: fraudulent requests for information, and illicit sites that exploit vulnerabilities in web browsers to install malicious code.
The first instance can be avoided if you keep in mind that ALL unsolicited requests for financial information are fraudulent. No legitimate business will ask you to confirm your financial account information in an email.
The second instance can be defended against by:
- Avoiding suspicious web sites
- Using alternative browsers (e.g., Mozilla Firefox)
- Keeping your browser software patched and up-to-date.
Microsoft's Internet Explorer (IE) browser poses additional risks because it is so tightly integrated into the Windows operating system. As a result, it is capable of running code that installs malware on your computer without your approval or knowledge. Some examples can be found in the next section.
Do not click on unfamiliar links:
Since merely clicking on a link can result in something being installed on your computer, you should verify the link. Clicking before checking is like opening the door before looking through the 'peep-hole'. Many forms of spyware are installed when viewing web pages that exploit IE's ability to execute code. Likewise, many forms of IRC bots distributed in emails or instant messages take advantage of this vulnerability. By clicking on a link, you are not just opening a web site. You may be installing malware on your PC.
Don't automatically click "OK":
Many malware applications hide themselves as pop-ups that look like system messages or urgent warnings. However, clicking OK on these will often install the malware. Depending on the wording of the message, your clicking OK may constitute a legal agreement to install the software. ALWAYS read the messages that pop-up. NEVER click OK by default. Read the message; then decide. Beware of confusing or misleading text. Using double negatives and other linguistic devices are not unlikely nor never unheard of before. These are tip offs that whatever you are agreeing to is a bad deal.
Do they really need to know that?
Many online scams look legitimate, but ask for some questionable information. For example, you may sign up for an account and be asked for personal information. Whenever this occurs, you need to carefully evaluate the trustworthiness of the website, as well as whether there is a legitimate reason for them to collect this data. For example, an online bank may need your SSN, but signing up for an e-mail address should not require it. If in doubt, read the privacy policy on the web site. If you cannot find one, steer clear.
