Don’t Be a Victim!

If you are not vigilant becoming a victim of computer crime is relatively easy.  In this article we point out two of the more pervasive types of computer crime, social engineering and phishing, and how you can protect yourself. 

Social engineering…..

In a social engineering attack, an attacker uses social skills to obtain information about you or your computer system (home or business).  An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to gain access to your network or computer.  If an attacker is not able to collect enough information from one person, they may contact others and rely on information from the first source to add to his or her credibility.

Phishing…..

Phishing is a form of social engineering. Phishing uses email or malicious websites to collect personal information by posing as a trusted person or organization.  For example, a phishing attack may use email from what seems to be a reputable bank or credit company that requests information, often suggesting that there is a problem with your account. When you respond with the requested information, the attacker uses it to gain access to your account.

Phishing attacks may also come from other types of organizations, such as charities. These criminals often use current events and times of the year or holidays to entice individuals into giving up critical information.  Examples of these types of events and occasions are;

  • natural disasters like Hurricane Sandy, earthquakes, tsunami etc.
  • epidemics and health scares
  • economic concerns such as IRS scams (the IRS never phones taxpayers)
  • major political elections
  • holidays
A helpful resource to check for possible fraud is the Federal Trade Commission site on Charity Scams  https://www.consumer.ftc.gov/features/feature-0011-charity-scams

Avoid being a victim
  • Install anti-virus and anti-malware software on PC’s, cell phones and tablets.
  • Keep your Operating System (Windows, OS-X) and anti-virus/malware programs up to date.
  • Be suspicious of unsolicited calls or email messages that ask for personal information.
  • If an individual claims to be from a legitimate organization, verify their identity directly with the company.
  • Do not provide personal information unless you are sure the person is authorized.
  • Do not put personal or financial information in an email
  • Always check web site security before entering personal information into it.
  • Check the URL (address) of any web site where personal information may be used.
  • If you are unsure an email request is legitimate, verify it by contacting the company directly using an alternate source for contact information.
Think you are a victim?
         
  • If you believe your financial accounts may be compromised, call your financial institution immediately.
  • Watch for any unexplained charges to your account.
  • Immediately change your passwords.
  • Do not use the same password for multiple accounts
  • Consider reporting the attack to the police, and file a report with the Federal Trade Commission (http://www.ftc.gov/).