WASHINGTON
(Reuters) - While the big news is about hacks into the CIA's and
Senate's public websites, Citigroup and Lockheed Martin, tens of
thousands of people are victimized by cyber criminals each year,
sometimes with devastating effect.
The FBI, which has a special
Internet fraud center, received more than 25,000 complaints a month last
year from people who were defrauded over the Internet by fake companies
which offered to sell goods that never arrived, by people whose
identities were stolen and by victims scammed by someone who claimed to
be an FBI agent.
Victims lost hundreds of millions of dollars, according to the FBI's Internet fraud report for 2010.
The conventional view of
hackers as pimply faced, isolated young men out to harmlessly joyride
some big company's servers is out of date, despite the presence of
groups such as Anonymous and Lulz Security, which strike for fun and
political reasons.
The more worrisome hackers are crime rings in Asia and Eastern Europe
or elsewhere beyond the easy reach of the law, where hackers may use a
wireless connection in a Russian library to avoid detection.
These are the individuals who
steal personal information, like names, addresses, dates of birth and
email addresses. They then sell that information to thieves in Internet
chat rooms. Those thieves often round out what they know about victims
from Facebook pages -- maybe a birthplace from a Facebook quiz -- or
other social media.
Maybe they'll send a phishing
email, pretending to know the victims. Or maybe they'll send them
something they might like because they have found out, for example, that
they have a Sony PlayStation and were born in 1943.
But that game download for a
grandchild could include key-logging software that secretly tells
thieves what victims type. Perhaps they'll use that to find out which
banks they use, and their user names and passwords.
Some advice:
_ Limit information on Facebook
and other social media. "Citizens need to start recognizing the value
of their own personal data and not put out any data that isn't
necessary," said U.S. Representative Jim Langevin, a co-founder of the
Congressional Cyber Security Caucus.
_ Have solid Internet computer
security software and update it monthly. Word to the wise: porn sites
are notoriously loaded with viruses.
"Don't click on links in spam
messages and be extra suspicious of messages that piggyback on recent
hot news items or events such as holidays," says Joris Evers, a
spokesman for McAfee Inc.
_ Some security experts advise against clicking in links in any email, no matter what the source.
_ Use strong passwords, which
means a password that is long and has a mix of letters, numbers and
symbols. A strong password is especially important for financial
transactions.
Jim Lewis, a cyber expert with
the Center for Strategic and International Studies, said he does
frequent sweeps of his computer using different security software.
"I do not use computers that my
children use for my financial transactions," said Lewis. "I change
passwords and user names very frequently, not that that's perfect."
There are efforts to combat spam and phishing attacks.
Many Internet service providers
identify and stop spam -- estimated to be 90 percent of Internet
traffic -- before it reaches an inbox. But they only get a percentage.
Comcast, a major Internet
service provider, reaches out to customers who have been contacted by
potential criminals to warn them, said Jay Opperman, Comcast's senior
director of security and privacy.
"Our customers are very happy
with the fact that we're proactive," he said. "Overwhelmingly, they're
like 'Wow, I didn't know. Thanks for letting me know.'"
Source: Reuters via Yahoo Technology News
No comments:
Post a Comment