How to keep your computer from being hacked

October 22, 2014 15:25 by Consumer Ed

Dear Consumer Ed:

My husband keeps clicking on every pop-up ad that comes up on the Internet.  As a result, he has downloaded malware, which has slowed down the computer and created unwanted toolbars, coupon services and even an unwanted security software program.  Short of barring him from the computer entirely, what is the best way to protect our computer from being hacked?

Consumer Ed says: 

With hackers and identity thieves frequently finding new ways to attack your computer, there are some basic security steps that you can take to protect your computer and your personal information.  Malware (the nickname for “malicious software”) includes viruses and spyware that can be remotely installed on your computer when you download programs on the Internet to play games, listen to music, and other activities.  It may be used to send consumers pop-up ads, redirect their computers to unwanted websites, monitor their Internet usage, or record their keystrokes, which, in turn, could lead to identity theft.  Here are some ways to protect your computer from malware:

  • Install Reputable Security Software. At a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. Viruses can be planted in emails or attachments to emails, in programs or files that you download, and even in Web sites that you visit. These viruses have the potential to wipe out your computer files.  Anti-virus software scans everything that enters your computer, looking for these viruses. Spyware is software that tracks your computer activity, gathering information without your knowledge. Anti-spyware software blocks or removes spyware. You may obtain the anti-virus and anti-spyware software separately or as a package. For lists of security tools from legitimate security vendors, visit staysafeonline.org or security.getnetwise.org/tools/search.
  • Use a Firewall. A firewall is a virtual barrier between your computer and the Internet. Everything coming into or leaving your computer must go through the firewall, which blocks anything that doesn’t meet specific security criteria. Before purchasing separate firewall hardware or software, check your operating system to see if there is a built-in firewall and whether it is turned on.
  • Update System and Software Frequently. Computer and software companies frequently update their programs to include protection against new security threats. Simply updating your operating system and software whenever new versions become available gives you an added measure of security. If available, activate automatic security updates so you will be alerted when updates are issued.
  • Avoid “Free” Security Scans. Be suspicious of an offer of a “free security scan,” especially when faced with an unexpected pop-up, email, or an ad that claims “malicious software” has been found on your computer. Though the “alerts” look like they’re being generated by your computer, they actually are created by a scammer and sent through your Internet browser. If you suspect a problem, shut down your browser. Don’t click “No” or “Cancel,” or even the “x” at the top right corner of the screen. Some of these scams are designed so that any of those buttons can activate the program. If you use Windows, press Ctrl + Alt + Delete to open your Task Manager, and click “End Task.” If you use a Mac, press Command + Option + Q + Esc to “Force Quit.” Complete a separate search of the program to determine if it is legitimate.
  • Download Carefully. Don’t download programs from Web sites you don’t know and trust. Don’t download or share music or movie files with strangers— the file you receive could contain a virus, spyware or inappropriate content. (And, unauthorized file sharing of copyrighted material is illegal.)
  • Create and Protect Strong Passwords. Create strong email passwords and protect them with the following tips:
  • The longer the password, the tougher it is to crack.  Use at least 10 characters.
  • Mix letters, numbers, and special characters.  Try to be random – don’t use your name, birthdate, or common words.
  • Don’t use the same password for different accounts.  If it’s stolen from you, it can be used to take over all your accounts.
  • Don’t share passwords on the phone, in texts or by email.  Legitimate companies will not send you messages asking for your password. 
  • Keep your passwords in a secure place, out of plain sight.
  • Use a Pop-up Blocker. Don't click on links or open attachments in emails unless you know what they are, even if the emails seem to be from friends or family.
  • Use the Spam Filter. Utilize your email program’s automatic spam filter, which reduces the number of unwelcome email messages that make it to your inbox. Delete, without opening, any spam or “junk mail” that gets through the filter.
  • Backup Important Data. No system is completely secure. Copy important files onto a removable disc or an external hard drive, and store it in a safe place. If your computer is compromised, you’ll still have access to your files.
  • Report Possible Fraud. Report possible fraud online at www.ftc.gov/complaint or by phone at 1-877-FTC-HELP.

 

If you enjoyed this post, make sure you subscribe to my RSS feed!

Rate This


Up-front processing fees for loan may indicate scam

November 26, 2012 22:37 by Consumer Ed

Dear Consumer Ed: 

I applied for a loan online. I then received a call from business reps from an out-of-state bank telling me that my loan had been approved but that I had to pay a $120 processing fee via Green Dot MoneyPak card. I got the card and gave the number to the business rep, who then asked for $300 for another processing fee. I bought another card and gave them the number.  They then asked me to pay another fee, and I realized I was being scammed.  Is there any way I can get my money back?

Consumer Ed says: 

It is a violation of Georgia’s Fair Business Practices Act for someone engaged in telemarketing to employ a scheme to defraud another person or to commit theft.  If the bank violated the telemarketing laws when they called you about the loan, you may want to consult a lawyer to learn about potential legal claims against the company.  You should also report your situation to the Attorney General’s Office and the Department of Banking & Finance in the State in which the bank is headquartered. They may be able to take action if the bank engaged in illegal activities. 

However, it is important to realize that the representative who called you may not have actually worked for the bank, and that, unfortunately, you may have been the victim of a scam.  In that case, you are very unlikely to recover your lost money since the representative who called you will not be easily traceable.  Regardless of whether or not this was a scam, you should also report your situation to the following government agencies in order to attempt to recover your money and to spread the word about the possibility of a scam:


Another avenue worth exploring is attempting to recover your money from Green Dot MoneyPak.  As the seller of prepaid cards, Green Dot MoneyPak is required to include the terms of use in the packaging that accompanies the cards at the time of purchase, as well as making such terms available upon request.  Green Dot MoneyPak features the following disclosure on its website, moneypak.com:  “Green Dot is not responsible for paying you back. Your MoneyPak is not a bank account. The funds are not insured against loss.”  MoneyPak suggests that its customers treat the money on the MoneyPak like cash—once the MoneyPak is lost, there is no way to trace and recover the money.  If Green Dot did not display the required disclosures clearly and conspicuously, then it may have violated the law.  If the required disclosures accompanied the card at the time you purchased it, then you will likely not be able to recover your money from Green Dot MoneyPak.  You may want to consult an attorney for legal advice. 

While this will not assist you in retrieving your money in this instance, you should take the following steps in the future when attempting to obtain a loan:

  • Don’t pay up front.  Legitimate offers of credit generally do not require an up-front fee. Any fees are taken from the amount borrowed after the loan is approved. 
  • Don’t fall for promises that you’ll get a loan regardless of your credit record.  If you have poor credit or haven’t established a good credit record yet, it’s unlikely that a reputable company will lend you money. 
  • Do business with licensed companies.  Ask Georgia’s Department of Banking and Financing (http://dbf.georgia.gov/general-information) if the lender operating in Georgia has complied with the licensing requirements.  If it has not, then you should not do business with that company.
  • If you can’t get a loan yourself, get a co-signer.  Having a co-signer may allow you to obtain a loan from a reputable lender when you would ordinarily not be able to.  A co-signer, usually a friend or relative, is someone willing to apply with you for a loan.  You and the co-signer would both be equally responsible for the loan payments. 
  • Get all the costs and other details before you decide.  Shop around for the best loan rates and fees.  Research several lenders, and look for consumers’ reviews of the different lenders.
  • Have proof of what you were promised.  Make sure to get the loan agreement in writing or in an electronic form that you can use to document the deal.  You want the deal in writing so you know the precise terms of the agreement and so the lender cannot change the terms after you enter into the loan agreement.

 

If you enjoyed this post, make sure you subscribe to my RSS feed!

Rate This


How do I know if a website is secure?

August 24, 2012 20:10 by Consumer Ed

Dear Consumer Ed:  

When I started shopping online and banking online, I was told that if I saw a closed padlock symbol on the screen that the site was safe for me to use because it is encrypted. Is that still true with all the stories I read about online hacking?

Consumer Ed says: 

Because online fraud cases have increased substantially from year to year, anytime a web page asks you for sensitive information, you do need to be able to identify whether the page is secure.  The padlock symbol is one of several ways of knowing if a page is secure. 

Here are a few tips to help you determine whether a page is safe. First, while all web page addresses (URLs) begin with the letters “http”, the address displayed over a secure connection should begin with “https”—note the “s” at the end.  This indicates that the data you enter is encrypted for security, meaning it is scrambled before being sent to the remote site and then decrypted so it can be used.  The same process occurs when the remote site has to send information back to you.  That way, if an unauthorized person intercepts the data, it is unreadable. 

The home page of a site will probably just have a regular “http” URL, such as http://www.Amazon.com.  But if you go to a page within the site that asks you to enter your email address, account number, password, credit card information or other sensitive information, the URL should change to one that has “https” at the beginning.  If it doesn’t, do not enter your information.

Second, when you are on a secure site, your web browser will usually show a “padlock” icon somewhere on the edge of the browser window (but NOT in the web page display area).  For example, Microsoft Internet Explorer displays the lock icon near the right end of the address bar.  The lock icon is not just a picture:  you can click on it to see details of a site’s security.  This is important to know because some fraudulent web sites are built with a bar at the bottom of the web page to imitate the lock icon of your browser.  Before you can know that the lock icon is genuine, you should test its functionality by clicking on it to see whether it actually takes you to the company’s security policies. 

Third, if you arrive at a website from a link in an email message, verify that the website is legitimate before you provide any information to the site – even if you received the email from someone you trust.  Phishing websites can sometimes send email messages that mimic, or spoof, legitimate email addresses.  Phishing is an email scam in which the sender tricks the recipient into revealing personal or confidential information, which the scammer then uses for illicit purposes, such as to commit identity theft or to make unauthorized financial charges.

A good example of this type of scam is a phony Bank of America email that has been circulating recently.  The subject of the email says: “Bank of America Alert: Your Online Statement Is Ready”.  The message appears to be legitimate (especially if you actually are a Bank of America customer), however it is actually a bogus email intended to get you to divulge your banking credentials.  If you ever receive any email messages from an institution with which you have an account, it is always safest to go directly to their main website in order to access your account. 

If you are suspicious about an email, you can determine whether a website link is legitimate by first placing your mouse pointer over the link WITHOUT ACTUALLY CLICKING ON IT. This allows you to notice what web address is displayed in the little window that comes up.  If it displays anything other than the legitimate web address of the financial institution, then it is probably bogus. In the Bank of America email mentioned, there is a link that says “View your statement online today.”  However, when you place you pointer over that link the address that is revealed is very clearly NOT a Bank of America address.

If you are visiting a retail website, check the site for a phone number or street address.  If the site only provides an email address, send a message to the address to request additional contact information. Do not provide personal information to a website that has no contact information.

All this aside, if you are still reluctant to put your financial information out there, you can almost always contact the company via telephone to place your order.

If you enjoyed this post, make sure you subscribe to my RSS feed!

Rate This


Credit/Debt
nav_cap