How to Avoid Getting

By David Coursey  |  Posted 2005-05-06 Print this article Print

Phished"> For the eSeminar, Norman prepared the following list of things users should do to prevent becoming a victim of online crime. Ive added a few of my own items to Normans list, reproduced here:
  • Be wary of e-mail! Never click on any link to a bank, eBay, or other merchants. Instead, open a browser (not just a new window) and type in the URL yourself. When in doubt, call the institution using the number listed in the phone book, not one provided in the e-mail or link.
  • Nobody needs to verify your passwords. Ever.
  • Practice good computer hygiene. Dont click on attachments. Run both anti-virus and anti-spyware applications. Firewall and privacy protection software are also a good idea. Update this software, as well as your operating system, on a regular basis.
  • If asked to call someone, use the listed telephone number and ask for that persons extension. Criminals often give scam telephone numbers to intended victims.
  • Consider the single-use credit cards available from Visa, American Express and other institutions.
  • Only provide personal information when you initiate the transaction and never when someone requests it, whether online or over the telephone.
  • If a resident of Texas or California, consider a credit freeze.
  • Order credit reports yearly and review them carefully. (These are often available for free. Visit for information.)
  • Watch credit card and bank statements for small withdrawals. These are sometimes used to take small amounts of money that customers dont consider to be worth reporting. But 10 cents a month from 100,000 accounts really adds up.
  • Encrypt it or shred it. Use a cross-cut shredder (makes confetti, not long strips which are too easily reassembled) or burn documents containing personal information. Do not store PINs on your computer; lock them up or encrypt them.
  • Dont provide (or offer) unnecessary information. Ask yourself, "Why do these people need my information?"
  • Lying is OK. At least, in some circumstances, such as questionnaires which require an answer. Make something up. (A friend of mine has both a real birthday and a fake one that she usually gives out.) If you follow these tips, you will avoid many of the scams and traps that criminals create to gather personal information which they then turn into cash. You will also help protect yourself against the accidental release of information, as well as against unscrupulous marketers and other lower life forms. To read about AOLs attempts to combat phishing, click here. In thinking about online crime, its useful to remember the Internets Cold War roots. Designed to survive a nuclear attack that took out portions of the network infrastructure, the Internet was not designed to prevent hacking and identity theft. When access to the Internet was limited, crime wasnt a problem. But when the network was opened to literally the entire world, it also took on the worlds problems, including criminal activities which the network was ill-prepared to thwart. Meanwhile, the criminals are becoming ever more sophisticated. And this is where it may be that no amount of user education will help. In a "worst nightmare" scenario, criminals hijack the Internets name servers or users desktops and redirect users to faked sites when they type in correct Internet addresses for banks or other institutions. Such attacks could be difficult or impossible for victims to recognize and will require technological solutions, both at the Internet-client and infrastructure level. If this type of undetectable—until too late—attack were to become widespread, the potential damage to electronic commerce might mirror what the attacks of September 11 did to other parts of the world economy. This potential damage is whats driving the global search for Internet weaknesses that can be fixed before its too late. Here are some links you may find useful:
  • Federal Trade Commission Identity Theft Web site:
  • Credit freeze and ID theft information for California (most states have similar sites run by the state attorney general):
  • Our eSeminar on Phishing and Identity Theft can be found at,2290,1788725,00.asp There are many other security-related Web seminars on our site as well. Visit to sign up or view previous eSeminars. Contributing editor David Coursey has spent two decades writing about hardware, software and communications for business customers. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.

    One of technology's most recognized bylines, David Coursey is Special Correspondent for, where he writes a daily Blog ( and twice-weekly column. He is also Editor/Publisher of the Technology Insights newsletter and President of DCC, Inc., a professional services and consulting firm.

    Former Executive Editor of ZDNet AnchorDesk, Coursey has also been Executive Producer of a number of industry conferences, including DEMO, Showcase, and Digital Living Room. Coursey's columns have been quoted by both Bill Gates and Steve Jobs and he has appeared on ABC News Nightline, CNN, CBS News, and other broadcasts as an expert on computing and the Internet. He has also written for InfoWorld, USA Today, PC World, Computerworld, and a number of other publications. His Web site is

    Submit a Comment

    Loading Comments...
    Manage your Newsletters: Login   Register My Newsletters

    Rocket Fuel