26 Jan Being Safe On-line
On-Line Security for All Ages
This cyber safety and security page will be updated frequently with alerts and advice. If you have comments or questions and/or suggestions to contribute to this mission, please use this convenient on-line form to submit them. We will get back to you promptly.
Increasingly, community safety and security is coming to include being safe on-line as well as in the more traditional venues and ways we have all thought about safe communities. Computers are excellent home invasion devices. They contain a lot of information someone else can use to take advantage of anyone, to steal information of value, to stalk a person, etc., and many of us are all too trusting and/or all too poorly informed of the risks and how to guard against them.
The Fearrington Community Watch program includes the responsibility to help village residents be more aware of such risks and how to “harden themselves” by being more aware, more cautious, and less willing to post and submit all kinds of very personal information into the cybersphere with scant concern. Anything posted cannot be retrieved, and you forfeit almost all control over what may be done with the information. Worst of all, the rise of powerful social aggregation sites has opened the door to invasion ever wider at the same time that it has made shopping and sharing so much with friends and others so easy to do. There is a downside to the upside.
Computer SCAM Still Circulating
Community Watch Reminder — This SCAM is still circulating: Someone may call you claiming to be from Microsoft, Apple, or a private tech support center. They are telling people there has been a security breech and they need to access your home computer to fix the problem. They tell people that if they don’t allow them to access computer to fix the breech, their private information will be compromised, or they may lose all their saved data. Sometimes they ask for money and some claim to be doing it on behalf of the software company for free.
Please advise anyone receiving such a call not to grant the caller any access to their computer and certainly not to provide a charge card number, or pay them anything. If you have any questions contact Chatham County Sheriff’s Detective Mike Copeland at firstname.lastname@example.org or 919-542-2911.
11 Simple Steps to Secure Your PC and On-Line Accounts
Data breaches, hacks, and vulnerable software makes it easier than ever for a hacker to get access to your data. These simple steps can help mitigate it happening in the first place. Read about them here.
Do You Rely On Your Smartphone To Keep Track Of Just About Everything in Your Life?
That’s convenient — but it leaves you vulnerable. Take a few minutes today and protect yourself by protecting your phone.
Smartphones (and tablets) hold access to a range of private data: information in contacts list, apps with saved passwords or credit card numbers, email with confidential discussions, and more.
Protect yourself. In a recent column in the University Times, Sean Sweeney, the University of Pittsburgh’s information security officer, outlined some simple steps you can take.
Here are a few of them:
- Lock it. If you do nothing else, use the passcode feature on your smartphone or tablet and set up the phone to lock after X minutes of inactivity. Yes, it’s one more step. It’s worth it.
- Update. Accept updates to operating systems and enable automatic updates; they include updated security features.
- SIM PIN. In addition to protecting your phone or tablet by locking it with a passcode, you should protect your SIM card with a PIN (personal identification number). While your locked smartphone cannot be used, its SIM card could be removed, placed in a different phone and your information exposed.
- Turn off Bluetooth. An open Bluetooth connection leaves you vulnerable to nearby hackers’ efforts. Turn it off when you’re not actively using the connection. (Bonus: Turning off Bluetooth saves your battery.)
- Open WiFi = vulnerable smartphone. Limit use of public hotspots, and never use public hotspots when accessing personal or sensitive information. Your local coffee shop is not a good place to do online banking or place an order with your credit card.
For more tips on how to keep information on your smartphone or tablet secure, see Sean Sweeney’s “Not If, But When.”
Has Your Gmail, Yahoo, or Hotmail/Outlook email Account(s) Ever Been Hacked?
Has your email account ever been used by some unauthorized or unknown person to send strange SPAM or phishing email to everyone in your email address book and you ended up having to either change your password to a stronger one (and cross your fingers it too would not be broken) or delete the account altogether and open a new one with a stronger password?
If you have any three of the email services listed at the beginning of this message AND if you have a cell phone that can accept text messages (SMS), then you might want to consider turning on Two-factor Authentication for your email accounts. From the Zone Alarm Security Blog, here is a complete step-by-step explanation of how to do that if you use Gmail, Yahoo, and/or Hotmail/Outlook for your email: http://goo.gl/pMBu50
What Apps Have Access to Your Facebook and Twitter?
When was the last time you have checked to see what apps have access to your Facebook and Twitter accounts? If you are like most Internet users, you are probably long overdue for a cleanup. From the Zone Alarm Security Blog, here is a complete step-by-step explanation of how <b>and why</b> to do an audit (how to check) and set those security setting for both services. An audit will let you review all the apps on your account and determine if they should still have access.
On-Line Information Aggregators: A Privacy and Security Threat
During his presentation on Fraud and Security at the FHA Open Board Meeting on January 19, 2012, Deputy White from the Chatham Count Sheriff’s Department talked about the privacy and security problems related to social network aggregator sites such as SPOKEO. These sites aggregate data from many online and offline sources (such as phone directories, social networks, photo albums, marketing surveys, mailing lists, government censuses, real estate listings, and business websites).
This aggregated data may include demographic data, social profiles, and estimated property and wealth values AND it is sold and shared with ANYONE who is willing to pay small fess (such as $30 – 40+, depending on what sort of data they are seeking). This can be a serious issue, and he encourages everyone to learn more about these aggregators and the serious personal security issue they generate.
We suggest that you read about such sites by visiting this link as a starting point. Then, if you are concerned about having so much intimate private details available on-line, consider the various ways to opt out as well as ways to keep your information more private. The best way to remain private is not to post much personal information on-line, especially in social networking sites such as Facebook (by far the site with the largest number of users). Start by reading here.
All the growing concern has spawned a new on-line industry devoted to protecting your privacy and reputation. One of the largest of these new businesses is Reputation.com. You may have heard their ads on NPR’s All Things Considered program. They offer a free service sweeping the Internet constantly to gather information about you and to report to you what they find. The report is free; however, if you want them to try to remove the information, they charge. Sometimes, you are able to act to get some of it removed yourself.
2012 – 2013 Predicted to See Huge Increases in Cyber Crimes and Scams
FBI ALERT: Issued January 06, 2012:
This is a bona fide, legitimate alert; not one of those we all often receive when someone passes along a cyber legacy urban legend, which they thought was real. Follow the links for the specific details.
A new variant of the notorious Zeus identity-theft Trojan is making the rounds and the Federal Bureau of Investigations (FBI) says it is capable of defeating common methods of user authentication employed by financial institutions.
The latest strain of the ID-theft malware, called Gameover, begins as a phishing scheme with spam e-mails — purportedly from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC) — that leads to malware infection and eventual access to the victim’s bank account. Learn how this Trojan could affect you.
For up-to-date information about cyber scams, go to the FBI website and sign up for e-mail alerts.
If you have received a scam e-mail, please notify the Internet Crime Complaint Center (IC3) by filing a complaint. This will help to track down cyber criminals.
For more information on e-scams, frauds, and phishing schemes, please visit the following FBI sites. They are excellent and valuable resources, and good starting points for digger deeper.
- FBI’s New E-Scams and Warnings Page (Updated frequently)
- FBI’s Common Frauds Victimizing Seniors Page
- FBI’s Common Fraud Schemes Page
- FBI Warning: Complicated New Phishing Scheme