StopSign Internet Security Blog

If you or someone you know is becomes the victim of online fraud or any other type of cybercrime (or even just an attempt at it), you need to contact the authorities as soon as possible. Keeping it to yourself can lead to repeated attacks, as well as continued spread of Internet fraud, crime, and even increased distribution of viruses and spyware through crime networks that try to set up shop on your computer.

Depending on what level of fraud and/or cybercrime you’re dealing with, you may have to notify multiple agencies. But regardless of how many places you have to contact, doing so will be the first step to stopping the crooks in their tracks. Please use the list below as a starting point to report any incident:

• An Important First Step:

  If the fraud you’re reporting reporting is, or becomes, aggressive or threatening in any manner, contact your local authorities. The police in your community should be made aware of any potential threats to you, your family, your home, etc.

• Get Into The System:

  Head to IC3.gov, the “Internet Crime Complaint Center”. This site is a partnership between several government agencies, including the FBI. The IC3 has an online complaint submission form that you can use to report online fraud and other Internet-related scams.

• If It’s International…:

  If you feel you’re the victim of an international scam operation, contact econsumer.gov, a coalition of about 2 dozen countries who want to help stop cross-border cybercrime. You may also want to contact a US Secret Service field office to let them know, too.

• Contact Credit Reporting Companies:

  If you think you’ve been the victim of identity theft, contact any one of the big 3 credit reporting companies. They’ll get your information disseminated to all three. Their contact info is as follows:

  • Equifax

    equifax.com; 1 (800) 525-6285

  • Experian

    experian.com; 1 (888) EXPERIAN

  • TransUnion

    transunion.com; 1 (800) 680-7289

Don’t just be a victim of online fraud and cybercrime. Contact the appropriate authorities and government agencies and stop Internet-related crime before it stops you.

There’s a threat lurking on your computer right now. A presence so fraught with security holes that to expose it to any malicious element on the Internet would likely result in things such as identity theft, spyware, hacked accounts, and worse. What’s this problem? The problem, my friend, is you.

“Only amateurs attack machines; professionals target people.” Bruce Schneier (computer security expert)

So you’re a danger to yourself and others around you when it comes to Internet security… don’t feel bad. We’re all guilty of it. As humans, we’re notoriously good at being bad: we forget to pick up the milk even though our significant other reminded us, we skip a meal and eat way too much later that night, and we certainly get complacent when it comes to Internet security. And that last thing, that’s what we’re talking about. You can deal with your SO and your doctor on those first two. :)

We’ve talked about social engineering before, which is an easy way for hackers and phishers to get information out of you. Instead of breaking into your computer they attempt to break into you, using emails, instant messages, and in some cases even phones or talking to you in real life (both of which are much more rare, but still possible). Once they have gained your trust they begin to break down walls and get at what they really want: your sensitive information. Passwords, account numbers, access codes… anything they can get their hands on that might prove valuable.

In order to stop these people from breaking into your life, you have to train yourself to jog your brain out of complacency when it comes to Internet security. Three of the easiest ways to lock out the bad guys are:

1. Strong passwords:

   Maybe we’re sounding like a broken record here, but a good password is one of the easiest, and best, deterrents to attacks ranging from account privacy to identity theft. Build yourself a better password.

2. Trust but verify:

   We’re not suggesting that you live your Internet life in a bubble, just use the same precautions you’d use in the real world. Use some of the tips we wrote in our blog post “5 Simple Tips to Staying Secure Online” and that should cover your bases.

3. Lock down accounts:

   Your privacy is one of your most important assets online. For every service you use, from your bank to Facebook, make sure that you understand how their security and privacy policies affect you and lock down information such as your physical address and home phone number so that only people you want contacting you can do so.

Reducing the amount of information publicly available about you and keeping up with a few easy Internet security tips will go a long way to keeping you safe… from yourself. :)

Keep on the lookout for a scam regarding the Verified by Visa program; a legitimate security layer set up to provide increased protection for your data for online purchases. Internet scam artists are sending out spam linking to fake versions of the program that do nothing to protect you.

The Verified by Visa program is part of the 3-D Secure protocol (developed by Visa), with similar programs adopted by Mastercard (SecureCode) and JCB (J/Secure). These programs provide an additional authentication step (i.e. a password request) for your online purchases through participating Internet retailers. This added step is set up to help ensure your identity at the time of purchase. Here’s the official word from Visa:

In addition to our other ways of preventing, detecting, and resolving fraud, we offer Verified by Visa, a free, simple-to-use service that confirms your identity with an extra password when you make an online transaction.

Phishers are casting their lines and looking for new victims. The bait they’re using is usually an email that looks like the real deal, but ultimately leads to a scam website that tries to get you to submit your credit card number and other information under the guise of the Verified by Visa program. Luckily we’ve got three suggestions for you to protect yourself from getting caught by this scam:

1. Scrutinize your email:

   Most phishing attempts start with an official-looking email that requests you to join. However, Visa isn’t sending out emails to customers in order to get them to sign up. The usual way you’d get the Verified by Visa sign up option is through a participating retailer as you begin the checkout process on their website. If you receive one of these emails, call your Visa provider and ask them to verify if the email is legit. Chances are it’s not.

2. Watch where you’re surfing:

   If you do happen to click on the link from your email, be careful. Phishers and other scam artists are great at copying real websites and making their scam version look legitimate. Check the URL, or web address, that you’re on to make sure you’re on the real site. See our blog post entitled “How to Spot a Fake Website” for more information.

   Download StopSign Internet Security software and become a member today. StopSign includes antivirus & antispyware, firewall, and more to help protect you online.
   
   
3. Go to the source:

   If you’re interested in signing up for the program or learning more about it, visit the official Verified by Visa FAQ.

As always, be wary of emails in your inbox asking you to sign up for anything or giving you a link to click on to enter any of your information.

If you live in the United States, you’ve probably already heard that the 2010 US Census is making its way across the country. What you may not know, however, is that with the Census comes a legion of fraudsters trying to pull a fast one on folks like you and I.

We’d like to remind everyone that the 2010 US Census will only arrive in a physical mail box, and not your email inbox or anywhere online! Scammers are already hard at work sending phishing emails and setting up fake web sites, trying to get people to reveal personal and/or financial information for the Census. Do not respond to these US Census scam emails and web sites! They’ll only lead to scams, phishing, and worse.

The US Census Bureau has a Fraudulent Activity and Scams web page that gives more information on how they’ll contact you:

• The Census Bureau does NOT conduct the 2010 Census via the Internet
• The Census Bureau does not send emails about participating in the 2010 Census
• The Census Bureau never:
  • Asks for your full social security number
  • Asks for money or a donation
  • Sends requests on behalf of a political party
  • Requests PIN codes, passwords or similar access information for credit cards, banks or other financial accounts.

For more details on official US Census policy, visit the US Census web site.

If you’re looking for a site that really puts the “social” in social media then look no further than Twitter. In our experience the majority of people on Twitter are super friendly, but every now and again you’ll run into a creep who feels it’s his or her mission in life to make you miserable, whether it’s harassing your or sending you spam. It’s usually enough to block unwanted Twitter followers, but some people step over a line and you might need to do more than just block them from your account.

We’ve come up with a list of 10 Twitter safety tips to help you avoid the less-than-scrupulous people and navigate around some of the other hassles that come with social media.

• Keep personal info personal.

  Don’t share any personal information like telephone, email address, the location of your home, etc. The more you give out, the more likely you’ll find yourself with a cyberstalker, and we feel that this is an especially important Twitter safety tip. Also, be careful with any geolocation service you use (even Twitter’s own), and never tweet your location from home!

• Careful who you follow.

  It’s not necessary to follow everyone who follows you. First off it’ll start to clog up your Twitter feed when you have hundreds or thousands of followers, but secondly you’ll open the door to people who are looking for an easy mark instead of a new friend. Follow, and be followed, with caution.

• Beware of phishing.

  Phishing attacks make their rounds through DMs (or “Direct Messages”) all the time. Before you respond to a DM, make sure it’s legit.

• Only use trusted Twitter apps.

  Limit which Twitter applications you use, and try to only use those which use the OAuth method of connecting to Twitter. And before you give a Twitter application a thumbs up to connect to your account, do some quick research and make sure that any app you use is reputable.

• Strong password, secure account.

  Change your password regularly and use a strong password. This is probably the easiest, as well as one of the most effective, Twitter safety tips we can give.

• What did you click on?

  Shortened URLs are great for keeping in the 140 characters, but that makes it harder to tell where the link takes you. Some Twitter clients, like TweetDeck, allow you to preview the destination URL before you click through. There are also several Firefox addons that will reveal the final destination of a shortened URL. And if worse comes to worse, you can always add a “+” to the end of any bit.ly URL to see its information page.

• Don’t believe everything you read.

  Mama always said there’s no such thing as a free lunch, and it goes doubly so on Twitter and other social media sites. Scammers and spammers abound, and they’d love to get their hooks on you, so be wary of any offers, contests, or messages that promise the world.

• Parental guidance suggested.

  Parents need to educate themselves about Twitter and pass that knowledge to their children. We recommend that parents set limits on when their children can use Twitter, as well as appropriate ages to use social media without parental supervision.

• Report threats and cyberbullying.

  If you receive a threatening message on Twitter, contact your local law enforcement agencies as well as Twitter support. Cyberbullying and harassment is a growing problem online, and there’s no good reason to stand for it.

• Don’t go it alone.

  A tweetup is a great way to meet local tweeps, but do it smart. Never arrange to meet someone alone in real life through Twitter. Always go with a friend, and in a public place.

Using these Twitter safety tips should help keep you less likely to be bothered with the down side of social media and enjoy the great things that Twitter has to offer.