Protecting Against Online Fraud
Online thieves are as active as ever, but you can take some simple steps to avoid them stealing your personal information or even your money, people discovered during a recent workshop by the San Leandro Parks & Recreation Department.
Even people offering to help with widely publicized security breaches may be actually trying to victimize you further. A recent security breach involving many AT&T accounts has drawn legitimate help offers from the real AT&T and considerable interest from scammers pretending to be AT&T, a workshop participant pointed out.
“If it is in the news, so many people know about it, it's an opportunity for them to capitalize,” workshop moderator Adhvaidh Sunny said. He heads the organization Cyber Wisdom, which tracks the latest online scams and security threats.
He said that much of the information used to defraud computer users is given to scammers by their victims, who often believe they are dealing with someone else.
That could be a company, a relative, or even a friend, especially one you’re not in close touch with. Computer fraud, known as phishing, tries to get your secret information or data, usually with malicious intent. Hackers want to get your money or your identity, looking for account numbers, passwords, bank routing numbers, and, above all, your Social Security number.
“If the real company calls you, it’s unlikely they need additional information from you,” Sunny said. "They'd already have it.”
The very first thing to do if someone calls you and asks for such information is not to give it to them, he said. Then call that company's real customer relations number to see if anything is amiss with your account. That number is most likely on your most recent bill or statement.
Beware of calling or being transferred to a customer service number if that is offered by someone who calls you. It could very well take you right back to a scammer, pretending to be the real company, Sunny said.
There are two DO’s and two DON’Ts to protect your money and privacy while visiting online sites, Sunny said.
One DO is to bookmark favorite sites on your web browser such as Chrome or Safari. It may not be hard to type “Google,” for example, but even the occasional typing error could take you instead to a malicious site only pretending to be Google, Sunny said. Bookmarks ensure it is entered accurately.
Another DO is to log out from programs or websites you’re visiting on public computers, such as those at a coffee shop or at the library. The next user might be able to pretend they’re you on any website or program you had left open.
Sharing personal information, especially financial information, online is a DON’T, Sunny said.
“You can share moments. Like, today was my birthday, I did this,” he said. “But sharing stuff like, ‘Okay, I left for Hawaii for 4 days. The key is under my floor mat on the front’ is extremely dangerous to share online to people”.
Also, Sunny said DON’T click on pop-up ads or downloads from unknown sources. This can give a bad actor some information about you right away and also let them download spyware that will reveal more information to them later.
He said that when looking at a website, particularly when interacting with it, you should check its URL or website address for security. Most websites now begin with an “https” (rather than just “http”), indicating the connection is encoded and can’t be broken into. A lock logo also will appear in this case.
Sunny said scams are also common in emails, often by getting you to click on a link. To find out if a link is legitimate, a good start is to hover the cursor over it without clicking. This will show its URL, where it actually connects to, in the lower left-hand part of your computer screen.
He advised that if the email text claims it’s a special offer from Safeway and the URL doesn't look like Safeway, don’t click on it.