Written By: Jen Pieson
Identity theft and internet fraud can be huge risk exposures. When you consider how fast technology advances, it’s easy to see that these risks (the way thieves and fraudsters use your information) are constantly changing. Fortunately, there are a few ways to lessen your exposure to online hazards.
Look Yourself Up
It is important to check your online presence once in a while because you might be surprised by the amount of information that is available about you in the internet. Whether you have actively allowed it (having a public Facebook page, for example) or not (whitepages.com auto generates phone numbers, ages, address history), it’s crucial to see what information is out there.
Alternatively, you can hire a company to do this for you. See www.reputation.com or www.safesheperd.com for details. These sites are worth checking out even if you do not intend to use them; they have some great data privacy tips.
Use Caution with WiFi Connections
Technology makes our lives easier, but it also puts us at some risk. Many public places offer free WiFi service so you can connect to the internet with your mobile device (phone, laptop, tablet). Certainly this is a convenience, but it’s also something to be smart about. Following are some tips for using free wireless networks safely.
– Evaluate the security of the WiFi network. Note whether or not a password is required. If there are multiple networks with similar names, inquire as to which network is the correct one.
– Beware of “Man in the Middle” Attacks. These are false internet access points created by hackers. Here’s how they work: A hacker goes to a public place and creates a free WiFi network with a name very similar to the legitimate network (for example, you may see both StarbucksWiFi and StarbucksGuest as available networks, and both may use the same password). However, one of those networks feeds your activity to the hacker, the “Man in the Middle,” and while you are on his network he can see what you’re typing and what sites you are on and he can collect information about you. In short, this is eavesdropping with malicious intent. If you see more than one network with similar names, ask an employee for the correct network name before signing on.
– Consider using a personal Virtual Private Network (VPN) for a secure connection. Per Wikipedia: “VPN technology is…used by individual Internet users to secure their wireless transactions, to circumvent geo restrictions and censorship, and to connect to proxy servers for the purpose of protecting personal identity and location.” You can do this by buying a card that allows you to create a hotspot for yourself, or you can use a communication company like AT&T or Verizon.
– If you need to connect to a public computer, change your password(s) when you get home. For example: You’re at a hotel and you have to check your email on a public computer in order to get a confirmation number. As soon as is convenient, access your email from your personal computer (laptop or home) on a secure connection and change your password.
Email Fraud (Spear-Phishing)
Per Wikipedia, Phishing is: “An attempt to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication.”
Spear-Phishing is a carefully thought-out attack against a specific individual, and it is “by far, the most successful on the internet today, accounting for 91% of attacks.” Spear-Phishing Fraudsters can be very patient; an attack can occur after the victim has been monitored for four or five months. How this works: A Fraudster obtains access to your details, such as your email account and password (either through an unsecure internet connection or a virus on your computer). He observes your interactions and communication style. After several weeks or months, he knows who you speak to and how, where you do your banking and your account numbers, and details about your likes and personality. Then he launches his attack, either from your email account or (so you can’t see the messages in your “sent” folder) one he made up that is very similar – maybe with a lowercase L or a number 1 instead of an uppercase I, so no one notices the difference – and he writes to your financial advisor or a relative to ask for money to be forwarded. These attacks are so personalized that often they raise no red flags; the Fraudster writes like the victim, requests money for something the victim would need, and patiently waits for the money to be transferred.
What can you do about it? Keep your virus software up to date on all of your devices, and run it on a regular basis. Change your passwords whenever you’ve been on an unsecured network, especially if you’ve been in an internet café or overseas. If you contact JPP to initiate a transfer of money on your behalf, please give us a call on the phone instead of sending an email.
Technology improves our lives in so many ways, but it’s important to keep current on the ways it presents risks to us. A little safety can go a long way! We will continue to keep an eye on the ways to stay safe online, especially where your finances are concerned. As always, please contact your financial strategist with any questions.