One big concern for all of us these days is online safety and protecting our personally identifiable information, and credit card information, data, and preventing criminals from accessing our financial accounts.
Clicking on a nefarious link in e-mail or a message on Facebook or Instagram can unleash a cyber-attack on your computer with bots rifling through all of your files. Other messages will link you to a scam website that looks like your financial institution’s website to get you to enter your username and password so they can then access your real account and drain it fast.
In addition to online scams, criminals are also calling people and asking for personal information and directing people to scam websites in hopes of them parting with passwords to sensitive websites.
Recently, an anonymous hacker who now writes a cyber security blog had these recommendations for individuals who want to protect themselves when online. Here’s his advice:
Check senders carefully
Cyber criminals will try to get you to click on a link in an e-mail by making it seem like it comes from an official source, like “auditor@irs.gov.” If in doubt, don’t click on any links and call the agency using information from 411 or other legitimate sources.
Don’t believe every caller
If you get a call from someone claiming to be from the IRS who tells you that you owe back taxes and face penalties that could involve asset forfeiture, you should know that the IRS doesn’t make phone calls. Hang up. If you are concerned, go to IRS.gov and call them yourself.
Beware of entering your passwords
If you receive an e-mail, text message, or message on Facebook or other social media site, be wary of following any links. If you do click on a link do not enter secure information like your username and password.
“If I want to raid your bank account, or do other harm, one way I can do it is to send you an official-looking e-mail with a link to your bank, asking you to log into your account for some reason,” the hacker writes. If you go to the criminal’s site, they will then obtain your login information and have access to your bank account.
Verify links before clicking:
Before you click on a link, verify that the visual link and the actual link match. For instance, let’s say the link is “PETA.org.” But if you move your cursor over the link without clicking, most browsers will then show you the real link, either near the cursor or at the lower-left corner of the window.
If you see something like “PETA.smurfit.org” or “PETA.ru,” or anything else that doesn’t exactly match, they’re likely trying to dupe you. Mark the e-mail as spam.
Beware of rogue apps:
Don’t automatically grant access to all apps. If you download a new game online and it asks you to enter the system manager password, you may be right to be suspicious as a game would not need system-level access.
If you are using a new site that requires a password, use a unique password, that uses a combination of capital and lowercase letters, numerals, and special characters. Only use the password for this site.
This way, if the site is compromised and they get your unique password, they won’t be able to access other online accounts of yours.
Give tricky security question answers:
When a website asks for security questions and answers, consider giving ridiculous answers.
For instance, if a site asks which high school you went to, don’t use the name of your real school. A dedicated hacker can find out where you went to high school. Instead, you might want to write something like “cuddly panda” or “fuchsia.” The key to this trick, though, is that you have to remember your bizarre answers.
Report spam e-mail:
You can often tell that an e-mail is spam before opening it. Look at the “From” address. If it says it’s from Elon Musk, it’s spam. Subject lines pitching financial services like getting your tax refund quickly are also dead giveaways. Finally, many elicit emails contain language with poor grammar and spelling. If you suspect an e-mail is spam, mark it as spam.
Don’t auto-load images:
Set your e-mail reader (like Gmail or Microsoft Explorer) so that it does not load images automatically or follow links automatically. For instance, if a scammer includes an image, allowing it to load can send the image ID to another server that may then gain access to your computer.
