by Dave Moore, CISSP
11/27/2022
Every year about this time I have to reassess the Internet Christmas shopping situation. This year is again unique; even though Covid still plods along, hitting around 66 Oklahomans a day, we have pretty much decided we’re done with Covid restrictions. Even so, the world has changed the way it does business. The “new normal” is we’re never going back to the way things were done in the “before times.”
One thing has stayed the same, though: the Internet bad guys are still busy, working on new ways to steal your money.
The criticality of having safe backups of your files has never been more urgent. That means you have separate copies of all your important family photos, financial documents, medical records, spreadsheets, tax returns, etc., kept on separate devices like external hard drives and online backup services like Carbonite.
That’s the only defense you have against “ransomware” attacks, where the Internet bad guys encrypt your files and hold them hostage for ransom. Have you been following the ransomware debacle at Norman High School? You don’t want the same thing happening to you. Your files are gone, and there’s no way to fix them. Back them up now, while you can.
Bogus scam phone calls are increasing at an accelerated rate. I get at least 10 calls a day now, on my business cell phone, from scammers pitching everything from free Medicare to reduced credit card interest rates. Some scammers try to terrify me into worrying that my Windows license has expired, or that the local sheriff is coming to arrest me because my Social Security number “has been expired,” and I haven’t paid its renewal fee.
Other scammers claim to be from Amazon, inquiring about the $950 iPhone I just purchased. Of course, I made no such purchase, I tell them. “Oh, it must have been scammers!” they say. If I will only give them my login and password, they will set things right, and I will have no more worries. Shocking numbers of people fall for this one.
Fake shopping apps are becoming a problem, too, as more people mindlessly move their online shopping from semi-secure desktop and laptop computers to completely insecure “smart” phones. The only “smart” thing about these phones is that they help smart online crooks trick honest folks into installing bogus “help you shop” apps, thereby moving money from your account to theirs in a very smart way.
Watch out for scams on social networking sites like Facebook. Bogus “work from home to make extra holiday money” scams are turning up everywhere. Look out for fake “gift cards” and phony “gift exchange” scams that are also infesting all the social networking websites, not just Facebook.
As always, Internet safety is your responsibility. Keep your computer updated and patched. Use current, updated antivirus software. Beware of where you click. Research companies with which you wish to do business. Never answer or click on links found in unsolicited emails. Don’t believe emails claiming that UPS, the USPS or FedEx are trying to deliver a package to you, need you to pay your bill, or owe you a refund. Remember that your bank, as well as eBay, PayPal, Amazon and your Internet service provider will never send you an email saying, “You need to visit our website and update your personal information.”
Use strong passwords, and keep them secret. Use multi-factor authentication (MFA) on every account you have. Use a Web browser (the program you use to visit websites) that complies with Internet security standards, and that lets you easily access its safety settings, such as Mozilla’s Firefox. Don’t pay for online purchases using checks, money orders or bank debit cards. Instead, use PayPal or credit cards which offer anti-fraud protection; at least those purchases are protected by the Fair Credit Billing Act.
If you pay bills or send any personal information using U.S. Mail, deposit that mail in collection boxes, rather than in the mailbox in front of your house. The lady who brings the U.S. Mail to my neighborhood actually stopped once and asked me if I had seen any suspicious people in the neighborhood. Turns out a gang of crooks had been raiding local mailboxes, stealing checks and bills, which can lead crooks to accounts and cash.
Finally, keep printed records of all of your purchases. Play it safe, and have a happy Internet shopping holiday.
Dave Moore, CISSP, has been fixing computers in Oklahoma since 1984. Founder of the non-profit Internet Safety Group Ltd., he also teaches Internet safety community training workshops. He can be reached at 405-919-9901 or www.internetsafetygroup.org