Cyber crime often hurts because people don’t do everything that they can to protect themselves. Many computers that I’ve come across lack even basic protection. Antivirus software alone no longer cuts the mustard, so to speak.
I can’t count how many times I’ve seen computers infected with loads of malware despite the antivirus running with up-to-date definitions. These issues generally stem from opening unknown email attachments, clicking on pop-ups, calling the numbers attached to those popups, or downloading and installing unverified software.
In nearly every malware case that I’ve ever seen the malware can be traced back to one of those aforementioned triggers. You may have downloaded a game for free, but didn’t know about the nasty payload that was attached to it.
Maybe “Fed-Ex” sent you an email telling you that your package was ready for pick-up and you needed to open an attachment to claim it. Did you get a pop-up explaining that your computer was infected? Did it ask you to call a number to get it fixed? It happens to everyone. So what can you do?
Watch out for malware. Your computer can be infected in many different ways. Be mindful of pop-ups or advertisements when you are surfing the web. Just as in real life, if something seems too good to be true, it generally is.
Never entrust the data and health of your computer to a stranger. If a pop-up tells you that your computer is infected, do not call the number presented to you. Take your computer to a trusted technician that can quickly and easily check for infections for you. Most places will not charge for a check-up; they’ll only charge for the clean-up if anything is found. Maybe that technician will teach you how to scan for malware yourself to save you from visiting them during any future suspicions of attack.
Be wary of “free” software. There are many free screensavers, music, videos, and applications available on the Internet. What you aren’t seeing is the adware, spyware and other malware that may accompany the software. Adware and spyware can sit on your computer silently in the background, and collect data for the perpetrator. You may never know it is there and yet it could be logging keystrokes, bank account information or maybe even shopping preferences.
Often missed are the “add-ons” that come through the installation of programs. Too often people tell me that they “have no idea how that toolbar got there.” And 10 times out of 10, it was installed by another program and while the user was installing it, they merely clicked “OK” in every window while unbeknownst to them, one of those windows gave the installer permission to place that toolbar in your browser.
Keep an eye out for that spam. Most spam is effectively put in the dumpster before it arrives to you but no system is perfect and one may get through. Be mindful of emails that offer low-cost drugs, contest entries, state that you have won money, or if they mention that you have some long-lost relative who absolutely needs your help to access money in his/her trust fund, there’s a good chance that it’s a scam.
Spammers and scammers have begun to bring their A-game. You may receive official looking emails that may seem to come from your bank, your Internet Service Provider, your credit card company, the IRS, Fed-Ex or UPS that state that you must click on a link or download a file to fix some sort of information for them. Many times they will ask for very sensitive information such as social security numbers or credit card/bank passwords.
Never fall for these. Personal information is something that should be very closely guarded and should never be placed into any document unless you are absolutely sure that the document legitimately belongs to the company that you do business with.
A good process to follow in these instances would be to delete the email and call the company that is “requesting” the information. This will allow you to verify the legitimacy of the request.
Recently, Ubiquiti, a large network hardware corporation, got duped out of over $30 million dollars because an executive of their company fell for a phishing scam such as those outlined above. Please don’t be the next victim!
Criminals can highjack websites and redirect you to others and they can also corrupt your web browsers to make them do whatever they desire. You may think that you are visiting one website but may end up on another. These types of tactics are generally used to trick you into providing the attacker with personal information as well. The same methods outlined for phishing scams will serve you well here. If you find that your computer is taking you to places you don’t want to go, do not hesitate to bring your computer to a technician to get it checked out. You may have a basic adware infection, but it could also be what is called a rootkit, which is a nasty piece of malware that can essentially take over your computer.
To many, this may seem overwhelming, and it is. This sense of being overwhelmed is exactly what the attackers are hoping for. Fear and confusion are their main tactics. Thankfully, there are steps that can be taken to ensure that you are as safe as you can be online. Below are some of the rules and standards that we follow at RSU 29 to keep our students and staff safe from technology based crime:
– Secure your computer before connecting it to the Internet. Use a strong anti-virus, anti-spyware and anti-spam suite with a strong personal firewall.
– Keep all security programs up-to-date. Merely having these programs will not help you if they aren’t updated regularly. Malware signatures are often updated by the hour.
– Use website rating services to ensure that your path on the Internet is a safe one. Google’s Chrome browser does this for you automatically.
– Avoid free software that hasn’t been approved by an IT professional. You can’t know what will accompany it.
– Keep your private info safe. Do not input it anywhere that you feel isn’t necessary.
– Keep a “junk” email address for those times that you need to sign up for something. This will route any incidental spam to that address instead of your work or personal email address.
– Use complex usernames and passwords. Simple passwords are most often the first thing broken when an attack takes place.
– Always call on any suspect emails. Verify that the email is, in fact, from that provider. The IRS never emails taxpayers so if you ever see anything from them, you can be sure it’s a scam.
– Avoid pop-ups. They’re rarely useful. Adblock and AdBlock plus are browser add-ons that can block pop-ups automatically and will allow you to enable them if they’re needed.
– Keep an eye on your credit reports and credit card statements. Note anything suspicious and contact your bank/credit card company immediately.
– Be careful when shopping online. Look for “https” in the browser address bar. Also, look for trusted seals such as VeriSign or TRUSTe when browsing the site.
– Lock down your wireless network at home. NEVER buy the router and simply plug it in. It always needs to be configured with a wireless password and a router password.
– Parental controls are important. OpenDNS and other software is available to allow parents more control over what their kiddos are doing at home. If you need assistance with setting these up, please contact your local IT professional. It’s worth the investment.
– Regarding children, keep an eye on what and where they are posting online, especially in the case of social networking. Privacy settings can be altered in such a way that protects them. Do the same with any other site that they peruse, as well as any instant messaging programs that they may use.
RSU 29 provides some of our students with the ability to take devices home if they so choose and we want to do our best to extend the safe online learning environment into the homes of our students and community members. The RSU 29 school district would enjoy the opportunity to demonstrate proper “netiquette” and safety practices to the community. Please keep an eye out for any upcoming seminars and/or presentations regarding this topic and feel free to attend. If you have any questions or concerns relevant to this article, please feel free to email me at tim.levesque@rsu29.org.
