Count yourself lucky if no one has tried to steal your good name. Cyber crooks are becoming ever more organized and sophisticated.
To stay safe, it's not enough these days to ignore e-mails from widows of African dictators and those alerts that your eBay account (or your bank account) has been frozen. It's time to get serious about safeguarding your personal information.
||VIDEO: Protect Your Debit Card|
||VIDEO: How ID Thieves Target the Deceased|
||Fraud Alert vs. Credit Freeze|
||Protection You Don't Need|
Instead of just phishing, thieves are "spear phishing," gathering details to add credibility when they send you a bogus pitch. MySpace and Facebook are fertile fields. "Through social networking, criminals are getting very smart in doing research on individuals," says Ron Teixeira, of the National Cyber Security Alliance, which includes the Department of Homeland Security, the Federal Trade Commission and major Internet companies. The thieves' goal is to use one of your interests to lower your defenses.
Say you're job-hunting. Crooks posing as recruiters find your resume and send an e-mail asking for your Social Security number and other information, ostensibly for a background check. Then they open a credit-card account in your name and spend to the limit.
Or you're on the road and eager to pay some bills from your bank account so you don't miss a deadline. There's a free Internet hookup in your hotel, right beside the coffee and croissants. Don't use it. Thieves are known to load keystroke loggers on hotel computers so they can gather your access codes.
There's more. Fake IRS e-mails about tax refunds go out by the millions in an effort to grab your Social Security number. So do requests for donations from charities that look legitimate but just want to get your credit-card number. And now crooks are making the most of the electionsQsending e-mails requesting campaign donations, or setting up look-alike Web sites to collect credit-card numbers and other personal information. Thieves even steal health-insurance codes to get treatment at your expense.
And what about those e-mails and phone calls claiming to be from your bank, warning that your account has been compromised? That's a ploy to get you to call a number that turns out to be the crooks' phone bank.
Computers, credit reports, bank accounts, your wallet and your home are all potential security leaks. We'll tell you how to plug each of them.
This is one of the easiest targets to secure. Three types of programs make a big difference, and you may already have some or all of them. The first is antivirus software. Next is a firewall to guard the stream of information that flows through your Internet connection. Then there's anti-spyware software, which scans for surveillance programs that monitor your keystrokes.
Make sure you keep the software current. Many security programs now update automatically, but check about once a week, especially if you aren't online very often. (For more information on defensive software, go to www.staysafeonline.org, or read "Protect Your PC," July 2007.)
When you're replying or posting to a site, don't use a link that's included in an e-mail, which can easily be faked. Instead, type the correct address yourself. Make sure that "https://" appears in the URL before you send credit-card numbers. "It isn't foolproof, but the bad guys generally don't go through the pain and suffering of getting a security certificate," says Bill Rosenkrantz, of Symantec, which makes Norton security software.
If you're suspicious of an e-mail or phone call from your bank or credit-card company, call the customer-service number on the back of your card or bill. That's safer than clicking on a link or calling a number that you've been given.
And be careful about providing details about yourself on a social-networking site. "Don't disclose your date of birth or other information that could lead someone to piece together enough information to impersonate you," says Susan Grant, of the Consumer Federation of America.
Avoid accessing bank or investment accounts in public. "You shouldn't be logging in to sensitive stuff at a public Wi-Fi hot spot," says Rosenkrantz. "Crooks can hijack that network and replace some of the entries," he says, sending your information to criminals.