Tips to make sure love (and commonsense) conquers the Valentine's Day cyber-crooks
With Valentine’s Day right around the corner, love is in the air – but criminals are in the ether too. Cyber-criminals love a good scam, and they especially love events like Valentine’s Day when people let them in by opening their hearts – and their computer systems.
With the number of Internet users worldwide reaching the two billion mark, the need to keep the people who are out to steal more than your heart is greater than ever - whether you’re planning to go online to find a Valentine’s Day date, to buy flowers or chocolates for your sweetheart, or open a Valentine’s Day e-card from a mysterious secret admirer.
Lloyd Borrett, Security Evangelist for AVG (AU/NZ) Pty Ltd, says, “That surprise e-card could contain a whole load of heartache in the form of a hard drive hack designed to steal your identity. That online flower purchase might only deliver problems through credit card theft. And that guy or girl who seems so interested in you on the dating web site might really only have eyes for stealing your identity.
“While receiving an anonymous card from a Valentine can be exciting, opening an anonymous e-mail with ‘I Love You’ in the subject line could be courting disaster. Don’t let some nasty piece of malware worm its way into the heart of your computer.”
The rise of social networks opens another potential Valentine’s Day minefield. AVG research found while the majority of social networkers suffer web-borne security problems like malware, phishing and identity theft – less than one in three social networkers take action to protect themselves online.
Only a tiny percentage of e-greetings and links will contain a security threat but many PCs will be damaged or compromised, and documents, e-mails and photos lost. Compromised PCs often become unwitting distributors of spam, or their owners may become the target of identity theft.
Borrett says, “Some people on online aren’t looking for love – they’re looking for opportunities to cheat and scam. We want to make sure a happy day doesn’t turn into a heartbreaker, so here are some hints and tips to help you and your loved one stay safe.”
Online shopping - Don’t buy trouble when you buy online for your Valentine
• Use known, reputable sites & keep details to a minimum – if the site is asking for information that is not relevant to your purchase, don’t provide it. You don’t have to give out personal details simply because they ask for it – if they won’t go ahead with the transaction without it, leave the site.
• Choose strong passwords – something easy for you to remember, but hard for others to guess. A combination of letters, words and characters is best.
• Buy your chocolates, then clear your cookies – When you’ve finished buying your sweetheart a treat, clear the cookies on your compute r so you don’t leave a footprint for the crooks.
• Look for the lock before you unlock your heart (and wallet) – To make sure the site’s server is secure and your information will be encrypted before you buy, look for the locked padlock or key symbol.
Online dating - You want someone to steal your heart – not your identity
• Play it safe – Don’t reveal too much information. Leave out identifying information like your full name, where you work, your address, phone numbers, education and information about your family. Leave that until you know and can trust the person.
• Check them out – and we don’t just mean how they look in their online photo! Employers use Google, LinkedIn and Facebook to check on prospective employees. Why shouldn’t you do a little checking yourself to make sure the prospective love of your life is who they say they are too?
• Go Dutch – Be wary of sob stories and anyon e who asks for financial details or assistance – if you wouldn’t give your credit card details or money to a stranger in the real world, don’t do it online.
Social Networks – Spread the love, not the malware
• Don’t let a little Tweet become a big problem - Protect yourself from the online spammers now using Twitter for criminal activities this Valentine’s Day. Don’t let the size of the message fool you – the shortest Tweet or email message with the smallest link can lead to big problems if you click through to a malicious web page.
• Before you date, update - and we don’t just mean changing your Facebook status from single. Use the latest versions and keep the operating system software that runs the computer, the security software that protects your computer and the software you use to access the Internet up-to-date. The more regularly all your software is updated, the safer you are.
E-Cards – Think before you open
• Don’t open attachments - E-card companies don’t send cards as attachments. If you receive an e-card notification with an attachment, delete it immediately.
• Do I know you? - If you don’t recognise the e-card sender’s name, delete the message immediately. If the subject line says something generic and impersonal like “You've received an e-card from a secret admirer!”, chances are it is not safe to open.
• Don’t fall for an .exe - If the e-card notification contains a clickable link that includes “.exe” or an unfamiliar web site name – especially if an IP address appears if you hold your mouse cursor over the link – it’s not a legitimate card link.
To be safe, AVG (AU/NZ) recommends the following:
• Ask before you open - E-mail the sender and ask if you should have received an e-card from them and from which site. You’ll keep your computer safe – and get to talk to talk to your admirer too!
• Check the subject line - Make sure both the sender’s name and the name or URL of a legitimate e-card company’s web site are included in the subject line.
• Check the “From” address - to make sure you recognise it. Some e-card companies will also include the sender’s name and address in the body of the email notification itself.
• Check the web site - Legitimate e-card notifications should include a clickable link to the card on the card company’s web site as well as a URL you can copy and paste into a browser (it’s always safer to copy and paste a link from an email than to click directly).