Stay Safe Out There
Sandra Braathen, an associate professor in the UND College of Business and Public Administration, received an e-mail that appeared to be from her bank and seemed legitimate.
It included the bank’s official logo and a correct toll-free phone number. The e-mail’s subject — regarding a financial transaction she’d made earlier — added an air of legitimacy. But rather than clicking on the link provided in the e-mail, Braathen called her bank.
“I wanted to verify it because I’d heard that I should never respond to a banking e-mail,” she recalled. “It was a hoax. The bank told me that I’d never be contacted by e-mail.”
Braathen, who teaches information systems and business education, narrowly avoided becoming the victim of a “phishing” scam, a technique used to get people to provide private information that can be used to steal their identity.
“When it comes to e-mails or trusting a Web site, a good rule of thumb is the same thing I tell my 12-year-old about making decisions,” she said. “If it feels wrong, it probably is.
“If something in an e-mail just doesn’t feel right, don’t trust it,” she continued. “Make that phone call and find out. Otherwise, it could become a costly mistake. Billions of dollars are lost every year to simple phishing scams.”
People are using computers at home, at work and in public locations. More and more, they access the Internet wirelessly. Online computing provides ease and convenience, but it also creates opportunities for scammers, hackers and others.
Yanjun (Frank) Zuo, assistant professor of information systems, noted that when it comes to Internet security, most people fall into one of two categories: either they’re overly optimistic about their level of protection or they see danger lurking everywhere.
“People think that if they get a new computer, install the latest antivirus software and antispyware, turn on their firewall and back up their files regularly, they’re really secure,” Zuo said.
“They are relatively secure,” he explained. “But there is no such thing as 100 percent perfect security.” That doesn’t mean that there are threats lurking around every corner of the Internet.
“Some people feel that the Internet is a black box and it’s too dangerous,” Zuo said. “There’s really nothing to be afraid of. As long as you keep your computer patched and install the necessary, required security mechanisms, you’re relatively safe.”
Braathen and Zuo offered some helpful advice.
Take basic security steps — “Installing antivirus software is your first line of defense and is absolutely one of the easiest things that you can do,” Braathen said. “You’re just asking for a virus if you don’t.” While these programs can’t guarantee total security, they provide a high degree of protection from viruses and other threats that come through e-mail and via the Web. Check to make certain that the operating system’s firewall is on (usually enabled by default).
Automatically update, patch and scan — Allow antivirus and antispyware programs to automatically update. Set the system and often-used applications to automatically install security patches. The patches plug security holes that viruses and hackers can exploit. Routinely scan your computer to detect viruses and remove spyware.
Create strong passwords — Braathen noted that an eight-character, all-lower-case password can be cracked in two seconds. Longer passwords containing upper and lower case letters, numbers and special characters are much more difficult to crack. Don’t use passwords containing information that’s easy to discover, such as names of children, birth dates or pets. Zuo suggests using made-up words not found in the dictionary. Also, don’t use the same password for everything. For those who have trouble remembering passwords, Braathen recommends using a root word and then creating variations of it. Be sure to change passwords regularly.
Secure home wireless networks — Don’t place a wireless router near a window because it allows the signal to transmit farther. Use the router’s security settings to enable encryption (WPA2 is strongest, WEP is weakest). Change the router’s default settings, especially the log-on password. Rename the network (known as the SSID or service set identifier) and don’t broadcast the SSID. Use the router’s address filtering feature to limit network access to specific computers. buy viagra online Also enable the wireless router’s firewall to limit the potential of unwanted cyber intruders.
Safeguard unattended computers and log out on public computers — If you leave your computer unattended at times, set the operating system to automatically log off after a few minutes of inactivity. Require a password to log back on, which will discourage unauthorized use. “If you’re entering private information on a public computer or a network, make sure that you log out when you finish,” Braathen warned. “If you’re not logged out, people can go back on the Internet and find information that you’ve entered.”
Online shopping — Zuo urges people to minimize online shopping. Always buy from trusted Web retailers with solid reputations. “If you’re entering credit card numbers or anything like that, you absolutely want to make sure that it’s a secure site,” said Braathen. When making purchases, make certain the site is using a secure protocol that encrypts (scrambles) the information you send and receive. There are two ways to check this. The easiest it to look for a small padlock icon displayed near the
bottom of the browser’s window. The other is to check the Web address or URL of the site. Site addresses beginning with “https” are using a secure protocol.
Don’t fall for phishing scams — “Never click on a particular hyperlink provided by a third party,” Zuo said. E-mails that look official may direct you to a Web site that asks you to provide information that can be used for identity theft or redirect you to a site from which personal information can be stolen off your computer.
Clean up and back up — Deleting unwanted and unneeded temporary Internet files off your computer not only helps it run better, but keeps it more secure. Zuo suggests deleting “cookies” too, which sometimes contain confidential information that can be stolen. “In my classes, I always highlight the importance of backup,” he said. “Some information, you just can’t lose. Ideally, Zuo said, files should be backed up to a computer at another location. If that option isn’t available, Braathen suggests using an external hard drive.
Be wary of free software offers — “Are they really free?” Zuo asked. “Many times, it turns out they’re not because there’s a hidden cost.” Wallpaper, screen savers, music-sharing programs, browser tool bars, and other free applications that display information on your computer’s desktop can not only slow your computer, but also jeopardize its security.
Create different e-mail accounts for different purposes — With the prevalence of free e-mail accounts, Braathen recommends using separate e-mail accounts for specific purposes. For example, use a business e-mail address for business only and another account for online shopping. Create a personal account strictly for personal correspondence. An e-mail from a financial institution addressed to your personal correspondence account is surely a phishing scam.
Braathen and Zuo agree that vulnerability to online threats sometime depends on what you’re doing online. Someone who surfs the Web and corresponds by e-mail will be of less interest to hackers and thieves than someone with passwords, credit card numbers and other sensitive information stored on their computer.
“A company can have a lot invested in the latest hardware and software security,” Zuo noted. “But all it takes is a person making a phone call to trick someone into giving him all the information he needs to defeat the system. You’re only as strong as your weakest link.”
Too often, the weakest links are computer users who fail to protect themselves.
“Unfortunately, we learn more through the school of hard knocks,” Braathen said. “Some people have to experience it before they believe it. We can tell them the horror stories, but they don’t always listen.”