|
|
|
Jewish World Review April 8, 2011 / 4 Nissan, 5771 Safe and secure, on multiple fronts By Mark Kellner
http://www.JewishWorldReview.com |
One of the essential things in computing is safety and security. That seems obvious, but as recent (and not-so-recent) events suggest, it's a lesson users get to relearn quite often.
Take the April 1 revelation - no fooling — that Epsilon, which bills itself as " the industry's leading marketing services firm," suffered a security breach.
According to an Epsilon statement: "On March 30th, an incident was detected where a subset of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk."
The affected group, the company said three days later, "are approximately 2 percent of total clients and are a subset of clients for which Epsilon provides email services." Which means you're OK - unless you do email-related business with, among other firms, Target, BestBuy, the HSN cable channel, TiVO, or Hilton Hotels' HHonors program. According to media reports, at least three major banks have also notified their customers of possible breaches.
Now, in and of themselves, your name and e-mail address are generally little more than a spammer's dream: ads for cut-rate "pharmaceuticals" of dubious origin and quality, bargain-basement imitation Rolex watches or "instant" MBA and doctorate degrees are the spam-sender's stock in trade.
However, more sophisticated criminals will try - and, sometimes, succeed - in convincing you they've sent a legitimate message from a firm with which you do business. The email will look genuine, right down to an image of the company's logo, and it'll offer a link that looks like the ones used by major firms to interact with customers. Once you get to what looks like a "login" screen or something else similar, you're asked to supply all sorts of personal information: passwords, account numbers, whatever. The most sophisticated of such schemes let you imagine you've actually logged on to your bank or credit card company, only to find you've really been duped.
On its own, your e-mail address may not be worth much to an Internet thief. But with your e-mail address, account login ID and password, that same thief can go to town.
What to do? Be careful, of course: if e-mail looks suspicious, if it's downright phony, avoid it. I received an email with some tips from Norton, a firm that makes Internet security software, and, frankly, those tips make sense.
Thir first tip: "Know the online policies of any provider you have an online account [with]," the firm advises. And, this is true: "Banks, credit providers and other services will never ask you to confirm your personal details via an email."
Compare the website address in the email with the actual Internet address of the firm where you're a customer. "For example," as the Norton statement said, "the website 'MyGoodBank.com' is not the same as 'My.Gud.Banke.ru.us/net.'" In my experience, hovering the mouse pointer over a link will often pop up a window showing the real Web address, which often is as far removed from an actual, genuine Web address as can be. The moral: Check links carefully.
Also, Norton advises, look out for spelling and grammatical errors that suggest someone who isn't a professional wrote the message. "Such traits are hallmarks of phishing emails," the firm said.
It's also a good idea not to just click on a link in an email, but retype it into your browser, the Norton statement advised.
The firm had a self-serving suggestion: make sure your security and online identity protection software is up to date. That, too, is fair: the latest software, often available online or at retailers at a discount, offers good, but not foolproof protection.
I'd also toss in the idea that an identity theft-protection service such as LifeLock.com is worth investigating. Yes, the service costs a few dollars a month, but the peace of mind is well worth it.
You've read the following here before, but it demands repetition: you are the best protection for your private online information and identity. Don't leave these areas to chance.
Every weekday JewishWorldReview.com publishes what many in the media and Washington consider "must-reading". Sign up for the daily JWR update. It's free. Just click here.
JWR contributor Mark Kellner has reported on technology for industry newspapers and magazines since 1983, and has been the computer columnist for The Washington Times since 1991.Comment by clicking here. © 2011, News World Communications, Inc. Reprinted with permission of The Washington Times. Visit the paper at http://www.washingtontimes.com |
Arnold Ahlert | |||||||||||
