Prevent Crime and Stay Safe Online

Hardly a day seems to pass lately without there being a breaking story about social media slip ups or scandals, the latest of which being the revelation that personal details of 100 million Facebook users have been harvested and are being shared on the internet in one handy downloadable file.

The official Facebook response of course is that all of this information was publicly available in the first place, and so there is no need for any concern. Although this harvesting of information is not Facebook’s fault, their response glosses over some rather pertinent points:

  • This comes on the back of recent furor where Facebook changed the level of information publicly available;
  • Although Facebook subsequently backed down somewhat over this, do people understand their true privacy settings?
  • Of the people who do understand their settings, how many of them bothered to change them thinking it was of little consequence?

More than ever, people should be aware of the information they give out online and why they are doing it.

The power of aggregation

Although all the information that has been harvested was indeed already publicly available on Facebook (and let us ignore, for now, whether or not people did actually want their information to be publicly available) let’s consider just a few aspects of the actual act of aggregating all this together.

Criminals are magpies. Ever wondered why people would go rooting through rubbish? Because there’s money in it! When pieced together, information from disparate sources could reveal enough to perpetrate all kinds of criminality against the person, from bank fraud by finding out your mother’s maiden name, to simply knowing when you are most likely to be out of your home for robbery purposes. A handy consolidated file of personal information on 100 million people, for free? Yes please! But don’t go blaming the ‘security experts’ that did this just yet, as you’d be naive to think that organised criminals hadn’t done this sort of thing 100 times over already.

Prospective employers are nosey. Whether it’s right or wrong, checking out people’s online presence has become a regular part of recruitment. The publicity surrounding the existence of this file is bound to get a few technical minds whirring too, as they consider the potential for creating searchable databases geared up to crunch your data through all kinds of criteria. [UPDATE: Major corporations already are.]

Think you’re in control? Publicly available information is just that. And it’s copied onto servers around the world in seconds. What’s more, if you’re one of the 100 million users who have had their details put into this file, you can change your privacy settings all you want – it’s in the file, and in the file it is now staying. The information is out there forever, and you have no control over who accesses it.

What can you do to protect yourself?

If you’re among the 100 million? Not much to get back what you’ve already given out, but there are some common sense things you can do to stay safer online:

  • Only input personal details into a website where it is essential for the provision of a service. Be suspicious of why a social media site wants your details, and be stingy!
  • Make sure you know how your information is going to be used and how it is going to be shared.
  • Make sure you are on top of any privacy settings. On Facebook, only share some information (including Wall posts) with friends. Don’t share your email with anyone. Do people really find you through school and work listings? No? Delete them then!
  • Do you work for a bank or an insurance company? Make sure this is not mentioned anywhere in public forum – or you could be targeted by criminals who are on the look out for a stooge.
  • Never disclose your home or work address or telephone number on a social networking website.
  • Don’t use the same security information for social media sites as you do for your banking.
  • Give false (but memorable) answers to ‘reminder questions’ – who’d guess your mum’s maiden name is DennisHealy6?
  • If you are unhappy with the service or privacy, change your details on it and delete the account.

Remember, social media companies are businesses. It’s not in their interest to convince you to give less information about yourself, rather the reverse. Information is money! Also, don’t be fooled into thinking that these issues apply exclusively to Facebook users.

This is by no means the case, but simply – with 500 million users – Facebook gets more interest. This could happen on any social media site, and being sorry after the fact won’t make any difference.

As with most things, the answer lies in the application of common sense, and waking up to that a site’s privacy rules can change. When you share information on a social media website, just make sure it’s information you’d be happy to lose control of.

Further reading

The Guardian story

How to Stay Safe Online With Your Personal Information

For many it’s a concern that they can use the internet but stay safe at the same time. Rarely is one’s physical safety threatened. Generally it’s your personal information that can get out that could lead to financial problems if people take advantage of that. Other times it’s taking your name and password and making online decisions that you could be responsible for.

Keeping a malware or spyware scanner on and running at all times will be a huge help. This will ensure that the programs that log you keystrokes or try to take your information will be caught before getting onto your computer. Generally this is the biggest source of your information getting out so put a scanner on your computer today.

Another huge problem area is email. Many times a spam email will look like it is from the real company. This happens with a PayPal look-a-like email. It looks like an official email stating there is a problem with your account. It gives you a link to log in. This link and log in is fake. They are just stealing your name and password. If you ever are asked to log in to your account, don’t click the links in email. Go to your browser and manually type the website in.

If you want to keep private, especially if you are into chatting with new people that you meet online, be sure to do so with an account that doesn’t have all your personal information. Many times people will use an obscure user name, but once that is added to an MSN or Yahoo messenger system, your first and last name show up since you put that into your account information. It’s likely nothing would ever happen, but this is an extra step of security of your person and information.

Proven Security Tips, Tools, and Tactics To Stay Safe Online (Part 1 of 2)

The Internet serves as an incredible tool for educators and students to communicate, research information, and learn. The widespread availability of computers and connections to the Internet provides everyone around-the-clock access to information, credit and financial services, and shopping.

Unfortunately, there exist individuals who exploit the Internet through their criminal activities and other harmful acts. Cybercriminals use creative measures to gain unauthorized access to your computer and then use that access to steal your identity, commit fraud, or even launch cyber attacks against others.

Staying safe online is no longer a given, but a necessary extracurricular activity. Here are nine security measures you can employ immediate to protect yourself, your family, and your business. By following the recommended cyber security measures outlined here, you can limit the harm cyber criminals can do not only to your computer, but to everyone’s computer. However, keep in mind that there is no single cyber security measure or technological solution that will prevent their cybercrime. These recommended cyber security measures highlight that using a set of common-sense precautions that include Internet habits as well as technology solutions can make a difference.

The National Cyber Security Alliance recommends eight measures. To that, I have added an additional. They are practical steps, in no particular order, you can take to stay safe online and avoid becoming a victim of fraud, identity theft, or cyber crime.

1. Protect your children online. Implement parental control tools that are provided by some Internet Service Provider (ISPs) and available for purchase as separate software packages. Remember: No program is a substitute for parental supervision. Also check your browser to see if it would allow you to set some parental controls. (Internet Explorer allows you to restrict or allow certain web sites to be viewed on your computer, and you can protect these settings with a password. To find those options, click Tools on your menu bar, select Internet Options, choose the Content tab, and click the Enable button under Content Advisor.)

2. Back up important files regularly. No system is completely secure. If you have important files stored on your computer, copy them onto a removable disc, and store them in a secure place in a different building than your computer. If a different location isn’t practical, consider encryption software. Encryption software scrambles a message or a file in a way that can be reversed only with a specific password. Also, make sure you keep your original software start-up disks handy and accessible for use in the event of a system crash.

3. Protect your valuable personal and financial information. Don’t open unsolicited or unknown email messages. If you do get an email or pop-up message asking for personal information, don’t reply or click on the link in the message. To avoid opening such messages, you can turn off the “Preview Pane” functionality in email programs, and you can set your default options to view opened emails as plain text to avoid active links or pop-ups in the messages. Most importantly, do not respond to solicitations for your personal or financial information.

If you believe there may be a need for such information by a company with whom you have an account or placed an order, contact that company directly in a way you know to be genuine. Never send your personal information via email because email is not a secure transmission method.

4. Use strong passwords or strong authentication technology to help protect your personal information. To further increase the security of your online identity and to help protect you from account hi-jacking, take advantage of stronger authentication tools wherever available. This may take the form of two-factor authentication – the combination of a password or PIN number (something you know) with a token, smart card, or even a biometric device (something you have).

Stronger authentication can also come from a behind-the-scenes identity-verification process, which uses various data to establish whether or not a user is genuine. Ask your bank, your regular online retailers, and your Internet Service Provider (ISP) if they offer stronger authentication tools for more secure transactions.

5. Know who you’re dealing with online. Every day, millions of computer users share files online, either as email, documents, or photos. File-sharing can give people access to a wealth of information, including music, games, and software. You download special software that connects your computer to an informal network of other computers running the same software. Millions of users could be connected to each other through this software at one time. Often the software is free and easily accessible, but file-sharing can have a number of risks.

(a) If you don’t check the proper settings, you could allow access not just to the files you intend to share, but also to other information on your hard drive, like your tax returns, email messages, medical records, photos, or other personal documents.

(b)In addition, you may unwittingly download pornography labeled as something else. Or you may download material that is protected by the copyright laws, which would mean you could be breaking the law.

Therefore, downloading file-sharing software is not advisable and could place your personal information and computer at risk. If you do decide to use file-sharing software, set it up very carefully. Take the time to read the End User License Agreement to be sure that you’re sharing files legally and that you understand the potentially high risk of any free downloads. For example, some license agreements include an agreement to allow spyware to be installed on your machine.

Although the Internet basically provides a positive and productive experience, cyber-attacks against our personal privacy and security are reaching epidemic proportions. These attacks are occurring in our own homes and businesses. Our own computers are being used are being used as zombies to attack other people, businesses, and even our nation itself. As an average Internet user, you may not be aware of these threats nor have any idea about the dramatically increasing risks you face when connected to the Internet.

On a campaign for internet safety awareness and protection, my mission is to bring critical awareness to individuals, families, and small business owners, and to provide access to the necessary tools and ongoing expertise to secure your computer and help you stay protected.

I invite you to join the many thousands of others who have tested their computers, discovered these threats are real, and taken the necessary steps to protect themselves.

Now that you have become aware of these issues, I encourage you to share this vital information with your families, friends and communities. Together, we can reach many millions of people and inform them about the threats to their privacy and security, and help them get the protection they desperately need.

Remember: When you say “No!” to hackers and spyware, everyone wins! When you don’t, we all lose!© MMVII, Etienne A. Gibbs, MSW, Internet Safety Advocate and Educator