Who’s Watching You Online? Sharing Information the Smart Way

April 25, 2017

By Mike DuBose and Blake DuBose

 

Over the past 15 years, the number of people around the world who use the Internet has risen from about 750 million to more than 3 billion, according to the International Telecommunication Union. Most of these people just want to enjoy entertainment, catch up on news, and communicate with family and friends. However, others have a darker aim: to use the Internet to perpetrate scams intended to gain information, power, or funds belonging to others!

There are many types of cyberattacks out there, but one of the most popular type is called “spear phishing.” In this scenario, scammers send e-mails purporting to be from places like Google, FedEx, and Apple that look and sound legitimate. They mimic the same colors, text, and layout of the real companies’ e-mails to convince you to send them information like your passwords and usernames, which allows them to access your accounts. They may also direct you to a website where you’re prompted to enter login information or even your Social Security number, which is collected and used to steal your identity.

A related scam is “spoofing,” where criminals also create e-mails made to look as if they originate from real companies—or even people close to you. John Morelock, head of Carolina Business Equipment’s Managed Network Services, calls spoofing “similar to phishing, but trickier,” noting that the fake e-mails can appear to come from “someone you know, like your clergy, your boss, or even your mom.” The goal is to get you to click on a link that downloads a malicious program to your computer, then spreads throughout your network, infecting friends and colleagues, too.

As time passes, scammers will doubtless discover many new ways to trick honest people into giving up their information and money. However, there are many steps that individuals can take to prevent cyberattacks from being successful. Based on our research, experience, and advice from tech professionals at Carolina Business Equipment and DuBose Web Group, here are our recommendations for a safer Internet experience for all:

Look at e-mails with a cautious eye. If you receive a message from a place where you have an account, but you don’t know of a reason to be receiving the e-mail, be wary. If you haven’t done something that would prompt the organization to contact you (such as messaging them or requesting a change to your account), the e-mail may be phony, even if it looks startlingly realistic.

When you receive a suspicious e-mail, don’t click on any links or open any files attached to it. Instead, call the company it’s supposedly from (go to the official website to find the number rather than using any in the suspicious e-mail—these may be fake as well). Telephone representatives should be able to tell you if the organization really needs to talk to you, and you can give them any necessary information over the telephone. If most legitimate organizations need to contact you, they will call you, so be suspicious of e-mails supposedly originating from your bank, credit card company, or other high-security vendors. When it comes to e-mails from friends, business contacts, or family, Morelock recommended, “If you’re not expecting something or you’re not sure, call the person who sent you this message to check validity.”

Examine every e-mail you receive for common “red flags” that often mark fraudulent communications. Start by looking for slight misspellings in the e-mail address that sent the message—hackers may have “spoofed” it to appear to originate from a credible company, but were off by just a letter or two. Another tip: try hovering over links included in e-mails. If the web address that pops up looks different than what you were expecting, don’t click on it! Also, don’t open any e-mails with attachments ending in “.exe,” “.scr,” “.zip” or “.bat”—that’s a good indicator that they could contain harmful programs.

Above all else, use common sense. If you get an e-mail wanting you to enter credit card information or download an app to obtain a deal that seems too good to be true, it probably is. According to a November 2016 USATODAY article by Susan Tompor, “Industry experts are warning of apps that impersonate well-known retailers, such as Payless ShoeSource, Torrid, and Dillard’s.” These apps promise deep discounts if downloaded onto your phone—but they’re really just a way for con artists to steal your information. One indicator that an app is not legitimate, according to Tompor, is that it has no reviews. That means it’s only been up temporarily, which would be odd in the case of established businesses. (Fortunately, they are usually not up for long—Apple removes the fake apps once they are reported fraudulent.)

Dangerous links aren’t just limited to those found in e-mails, either. Look out for them on websites, pop-up ads, and social media posts as well. As the National Cyber Security Alliance explains, “Links in email, tweets, posts, and online advertising are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.” If the suspicious material is in the form of a link, don’t click on it, even if you are curious!

Limit what you share on social media. It may seem tempting to talk about an upcoming trip out of the country on Facebook—but what if potential thieves see your post? They now know that you’ll be out of town, leaving your home and valuables vulnerable! Sharing pictures and memories afterward is a safer bet. Consider longer-term dangers as well, such as identity theft. Allowing people to see where you were born, how old you are, and other personal details may allow them to impersonate you and access or open accounts in your name.

Connecting people is part of the point of social media networks. However, this can easily allow strangers to see information that you’d rather keep private within your circle of friends and family. Make sure that only people you actually know and trust can see your social media activity by choosing strict privacy settings (and only accepting requests to connect from people you actually know). On Facebook, for example, you can go to “General Account Settings” and then select “Security” to limit who can see the photos and posts you share; other social media networks also offer customizable security settings as well.

If you have children, you should also limit the amount of information you post about them on social media, especially where they go to school or daycare. Predators may be looking for this information, and could use other knowledge gleaned from your page (relatives’ names, number of siblings, etc.) to try to convince your child that they know you. It’s a scary thought, but it’s better to err on the side of caution than have to worry about a potential child abduction! If you want to share photos and detailed information about your kids with friends and relatives, consider sending them privately in an individual e-mail. It takes a little longer, but it’s worth it for the peace of mind.

Browse in “private” or “incognito” mode. All major Internet browsers have options that allow you to browse in “private.” This mode deletes temporary files and browsing history after you close the window, blocking others from seeing the sites you have been viewing. Advertisers want this information so they can see what you’re interested in and try to sell you related things; scammers want to track your movements and see where you have accounts to try to hack into them. To avoid annoying targeted ads (and others gathering information on you for potentially more harmful reasons), always browse in private mode.

Exchange financial information on secure sites only. For many people, online shopping is simply more convenient than driving to a store, looking around, and waiting in line—but it also comes with inherent dangers. Sending any financial information over a connection that is not protected with SSL (“secure socket layer” encryption) means that it could be seen by others. Microsoft recommends, “Before you enter sensitive data, check for evidence that the site uses encryption, a security measure that scrambles data as it crosses the Internet. Good indicators that a site is encrypted include a web address with https (‘s’ stands for secure) and a closed padlock beside it.” The same thing goes with online banking sites: make sure the page you are accessing uses encryption before entering any passwords or other sensitive information.

Beware of using public Wi-Fi. Many public areas like airports, bars, shopping malls, and restaurants offer free Wi-Fi, and there are public computers in places like libraries that can be used to access the Internet as well. However, be very careful about the sites you visit and information you exchange over these networks. Hackers can use simple applications to monitor traffic going through public networks that will notify them when certain information appears, like usernames and passwords. Then, they simply collect the data and use it to access your accounts. Therefore, you never want to log into any accounts you wouldn’t want someone else to know the password to while on public Wi-Fi. As Jeff Hussey noted in an October 2016 Forbes article, “Financial transactions, work-related operations or anything else you consider sensitive should be conducted on devices and networks that you trust. Data can be easily obtained through public devices and networks.”

The bottom line: The Internet offers many fantastic ways of sharing information. Users can implement it to read breaking news from all over the planet, connect with long-lost friends, and stay close with family members who live far away—but they may also unwittingly be exposing their information to scammers. Practice our strategies for smart online communications to help protect yourself from cyberthieves!

 

About the Authors: Our corporate and personal purpose is to “create opportunities to improve lives” by sharing our knowledge, research, experiences, successes, and mistakes. You can e-mail us at [email protected].

Mike DuBose received his graduate degree from the University of South Carolina and is the author of The Art of Building a Great Business. He has been in business since 1981 and is the owner of Research Associates, The Evaluation Group, Columbia Conference Center, and DuBose Fitness Center. Visit his nonprofit website www.mikedubose.com for a free copy of his book and additional business, travel, and personal articles, as well as health articles written with Dr. Surb Guram, MD.

Blake DuBose graduated from Newberry College’s Schools of Business and Psychology and is president of DuBose Web Group (www.duboseweb.com).

Katie Beck serves as Director of Communications for the DuBose family of companies. She graduated from the USC School of Journalism and Honors College.

© Copyright 2017 by Mike DuBose—All Rights Reserved. You have permission and we encourage you to forward the full article to friends or colleagues and/or distribute it as part of personal or professional use, providing that the authors are credited. However, no part of this article may be altered or published in any other manner without the written consent of the authors. If you would like written approval to post this information on an appropriate website or to publish this information, please contact Katie Beck at [email protected] and briefly explain how the article will be used; we will respond promptly. Thank you for honoring our hard work!