Every year about this time I have to reassess the Internet Christmas shopping situation. Billions of dollars in electronic form are flying down wires, through the air and across the Internet, more this time of year than any other. This keeps the Internet bad guys busy, too, working on newer ways to steal your money.
“Scareware” (software designed to scare you into doing something) is one of the biggest threats this season. There you are, merrily bouncing from one shopping website to the next, when, suddenly, a windows pops up telling you your computer has multiple viruses, or “registry errors” have been found, or the FBI has scanned your computer and is fining you for illegal activity. The bad guys are hoping these scams will scare you into paying them for phony repairs you don’t really need. To learn how to thwart scareware scams, read the column on my website titled, “Careful where you click,” from March, 2011.
Identity theft is another danger, and shoppers should move cautiously. However, it is possible to be too paranoid. A survey by Consumer Reports Webwatch shows that, due to concerns about identity theft, many people have stopped buying things online and even reduced their overall use of the Internet. While these paranoid measures are no doubt effective, they’re a bit like me avoiding getting mugged by never leaving the house.
To put things in perspective, many of the greatest dangers regarding identity theft have come, not from careless practices on the part of individual Internet users, but from lax security practices by major corporations. Bank of America, MCI, Choicepoint, TJ Maxx, Wachovia, Visa and American Express are only part of a huge list of organizations that have “accidentally” exposed the private financial information of millions of customers to criminals. However, these incidents, for the most part, had nothing to do with the Internet or scary hackers.
Once, when I was in a local doctor’s office, I couldn’t help but notice the countertop strewn with patient paperwork. There for anyone to see were the names, addresses and Social Security numbers of numerous patients, just waiting to be exploited. I’m much more concerned about my personal information being misused by a careless employee than I am by a creepy hacker breaking into my computer. My computer is locked down and secured. Those patient records were not.
Naturally, due diligence must be taken. Keep your computer updated and patched. Use current, updated antivirus software. Beware of where you click. Watch out for scams on social networking sites like Facebook. Research companies with which you wish to do business. Never answer or click on links found in unsolicited emails. Remember that your bank, as well as eBay, Paypal, Amazon and your Internet service provider will never send you an email saying, “You need to visit our website and update your personal information.”
Use secure passwords, and keep them secret. Use a secure Web browser (the program you use to visit websites) such as Mozilla’s Firefox that complies with Internet security standards. Don’t pay for online purchases using checks, money orders or bank debit cards. Instead, use PayPal or credit cards which offer anti-fraud protection; at least those purchases are protected by the Fair Credit Billing Act.
If you pay bills, or send any personal information using U.S. Mail, deposit that mail in collection boxes, rather than in the mailbox at your house. Finally, keep printed records of all of your purchases. Play it safe, and have a happy Internet shopping holiday.