Make Yourself Identity Theft-Proof (at least over e-mail)
Phishing is on the rise, apparently.
A common scam now is for a person to steal an eBay account using this method of identity theft and use it to lure buyers into a false sense of security (as the account targeted for theft will usually have a really nice seller's rating) and then selling them big-ticket items (such as televisions, stereo equipment, or computers) that they never plan on shipping out. By the time the complaints show up the scammer is long gone.
How do they steal the account? They log on using the target's username and password, and then promptly change the password. This is easy to do in just about any online service from Paypal to your local bank's website, so long as they have your username and, well, password. But how do they get such privious information?
Simple : They ask for it.
It's a very simple method you've probably seen in action. You check your inbox, and poof, there's an email "from Paypal" telling you that your account has been terminated due to some technical mishap, and ask you to log into your account to rectify the problem. Only the link in the email will take you to a place far, far away from any computer actually owned by Paypal. However, the website the link leads to has been meticulously designed to perfectly resemble the site you're expecting to go to. Some newer phishing sites even fake the URL box that some people might double-check to be certain. Others look for easy-to-make typos that people going to legitimate financially-oriented institutions might make, and establishing a phish site to resemble said institution's page. This practice has escelated to the point where everyone from Mozilla to Microsoft is looking to implement features in their software to limit the capability of these scam sites.
However, phishing is nowhere near as dangerous as it might possibly seem to a remotely educated computer user. Or to the very least, someone with "the guide". And with that, I present you :
How to make yourself phish-proof (in a few easy steps) :
1. Check your bills.
Look at all of your credit card bills. Each one should have a website listed on it. Type it into your web browser. Double, triple, and quadruple check each address, to make sure you have typed it in perfectly. Now bookmark it. This is because most bank's have really long, easy-to-mistype addresses. Overstocked 'n Amazon don't have this problem. =3
If you know how to, move the bookmarks to a folder called "Credit Cards" for easy access.
2. NEVER click a link in any emails you get. If it's a technical problem and they need account verification, delete the e-mail and go to their site on your own.
I'm not talking about e-mails you get from frends, like cute animated postcards and the like. I'm talking about (of course!) anything you get from a site you do any sort of business with. Anything involving money, really. Any time you get an email from a site like this, asking you to check up on your account, delete the email, immediately.
Now simply go to that business's website. Log in. If there are any real problems, you should see t hem immediately. No company lets you log in and do business if your account's been disabled. Can you navigate the site with no problems? Congratulations! You've just avoided a phishing e-mail! If your account was actually disabled, instructions should be there on how to fix things.
3. Rule number 2 also applies to phone calls.
Simple as can be. If your bank or credit card company ever calls you and needs you to verify some information, tell them you're busy at the moment. Call them back , NOT using your Caller ID, but the number on your bank statement, bank card, or checkbook. Tell them that you're returning their call. They don't recognize said call? There's no problem with your account? Report the number that called you if you have Caller ID.
4. Shred anything with important information that you're throwing away. Bills and the like.
This is partly paranoia, partly common sense, and already pretty common practice. Anytime you get a credit card offer or are tossing a bill or any other confidential information, put it through
a paper shredder. Cross-cut shredders are pretty cheep nowadays, and will take care of said information pretty cleanly.
Hopefully this helps SOME people.
A common scam now is for a person to steal an eBay account using this method of identity theft and use it to lure buyers into a false sense of security (as the account targeted for theft will usually have a really nice seller's rating) and then selling them big-ticket items (such as televisions, stereo equipment, or computers) that they never plan on shipping out. By the time the complaints show up the scammer is long gone.
How do they steal the account? They log on using the target's username and password, and then promptly change the password. This is easy to do in just about any online service from Paypal to your local bank's website, so long as they have your username and, well, password. But how do they get such privious information?
Simple : They ask for it.
It's a very simple method you've probably seen in action. You check your inbox, and poof, there's an email "from Paypal" telling you that your account has been terminated due to some technical mishap, and ask you to log into your account to rectify the problem. Only the link in the email will take you to a place far, far away from any computer actually owned by Paypal. However, the website the link leads to has been meticulously designed to perfectly resemble the site you're expecting to go to. Some newer phishing sites even fake the URL box that some people might double-check to be certain. Others look for easy-to-make typos that people going to legitimate financially-oriented institutions might make, and establishing a phish site to resemble said institution's page. This practice has escelated to the point where everyone from Mozilla to Microsoft is looking to implement features in their software to limit the capability of these scam sites.
However, phishing is nowhere near as dangerous as it might possibly seem to a remotely educated computer user. Or to the very least, someone with "the guide". And with that, I present you :
How to make yourself phish-proof (in a few easy steps) :
1. Check your bills.
Look at all of your credit card bills. Each one should have a website listed on it. Type it into your web browser. Double, triple, and quadruple check each address, to make sure you have typed it in perfectly. Now bookmark it. This is because most bank's have really long, easy-to-mistype addresses. Overstocked 'n Amazon don't have this problem. =3
If you know how to, move the bookmarks to a folder called "Credit Cards" for easy access.
2. NEVER click a link in any emails you get. If it's a technical problem and they need account verification, delete the e-mail and go to their site on your own.
I'm not talking about e-mails you get from frends, like cute animated postcards and the like. I'm talking about (of course!) anything you get from a site you do any sort of business with. Anything involving money, really. Any time you get an email from a site like this, asking you to check up on your account, delete the email, immediately.
Now simply go to that business's website. Log in. If there are any real problems, you should see t hem immediately. No company lets you log in and do business if your account's been disabled. Can you navigate the site with no problems? Congratulations! You've just avoided a phishing e-mail! If your account was actually disabled, instructions should be there on how to fix things.
3. Rule number 2 also applies to phone calls.
Simple as can be. If your bank or credit card company ever calls you and needs you to verify some information, tell them you're busy at the moment. Call them back , NOT using your Caller ID, but the number on your bank statement, bank card, or checkbook. Tell them that you're returning their call. They don't recognize said call? There's no problem with your account? Report the number that called you if you have Caller ID.
4. Shred anything with important information that you're throwing away. Bills and the like.
This is partly paranoia, partly common sense, and already pretty common practice. Anytime you get a credit card offer or are tossing a bill or any other confidential information, put it through
a paper shredder. Cross-cut shredders are pretty cheep nowadays, and will take care of said information pretty cleanly.
Hopefully this helps SOME people.
posted by Muki Key Oot at
10:57 AM
0 Comments
