How To: Keep Your Identity Safe Online

We live in a time when using computers for purchases, bill paying, and banking are becoming more and more the norm. Broadband and constant, fast connectivity are the accepted standards. Given justhow much computers are a part of our daily lives, you should find a couple of recent pieces of news very disturbing. A government survey in the U.K. found that 12% of respondents had sufferedfrom online fraud in 2006, yet fewer than half of the respondents believed they should be responsible for protecting their personal information online. The other item was a story in theNew York Times that stated thousands of Social Security numbers are posted online by states and counties. Of course, along with them you often findaddresses, dates of birth, and maiden names. It’s like offering someone’s identity on a platter to thieves. This pair might be unrelated, but taken together they highlight the growing problemof keeping yourself secure online. In spite of those survey results, protecting personal information should be a vital issue for anyone using a computer. Criminals are becoming more sophisticated,which means the defenses have to be constantly improving. We assume we’re doing everything possible to safeguard ourselves and our identities, but as these stories show, a significant part ofthe online population is doing no such thing. So, perhaps it’s worthwhile to start by recapping the most obvious precautions. The Basics of Online Security Make sureyou have a firewall and that’s it’s properly configured. There are manyavailable, both free and paid, stand-alone or part of a package with anti-virus software. Use anti-virus software (again, paid or free, like Trend Micro PC-Cillian Internet Security); updateand run full scans regularly. You should also have anti-spyware installed on your computer, and, once again, check it often. Make sure you don’t use the same password for all accounts. Createyour passwords from a mix of letters and numbers, which makes them far less easy to hack. Do you use a Wi-Fi network at home? Then you’d better set it up properly, with both a firewall and a password, or anyone sitting outside in a car can enter it and hackinto your system. Use the spam filters in your e-mail client (also worth considering is a filter called Mailwasher, where you can preview your incoming mail and delete items you don’t want tobother with). If you receive obvious spam, don’t open it, and never open attachments that you’re not expecting, even from people you know and trust; their computers might have been hijacked. Oh, and if you use a Mac, don’t look so smug. You might be largely safe from virus attacks, but malware and adware can still get you, so take all the appropriate steps. If you believe yourbank account – or any account – has been used without authorization, report it to the bank immediately. The Biggest Threat Possibly thebiggest threats to keeping your identity secure are phishing e-mails and pharming. Phishing mails look like e-mails from PayPal, eBay, or a bank. They’re becoming more and more sophisticated, running variations on the basic theme, which is to get you to part with your personal information so thecrooks can access your accounts. These days they’re very well done, having moved from the obvious to such things as reporting a transaction you know you’ve never made, hoping to panic you intoclicking on the website link and giving your account access details. Do that and your account will either be sold or drained, and probably the first you’ll know about it is when you discover you haveno money. Pharming is a more insidious beast, and harder to detect. In essence, when you type in a URL, you’re redirected to a fake (but convincing-looking) site. This is done throughrewriting local host files on your computer with a virus like the Banker Trojan, or DNS server poisoning, which can send a lot of people to the fake site without them knowing. Althoughfirewalls and security suites can blockunauthorized transfers of data, believe it or not, your PC browser can act as phishing protection. Firefox 2 comes with a default phishing filter, which blocksdata from going to known phishing sites. However, as the database is static, you need to check with Google’s constantly updated list (Tools > Options >Security > Check By Asking Google About Each Site I Visit), which should help keep you safer – although you’ll have to accept the agreement first.
FireFox Screenshot If you’re one of those who’ve moved to Internet Explorer 7, you’re also in luck.In fact, as you install it, it asks if you want to install the phishing filter. If you haven’t already, you can get in running by clicking Tools > Phishing Filter> Turn On Automatic Website Checking > OK. The new Opera browser, 9.1,will include a similar feature. Toolbars These days, it’s not only eBay that has a free toolbar to help protect you fromphishing. Earthlink and AOL are also among those who provide them. They verify every URL you type or web link you click andinform you if the real address is different. You might balk at the thought of adding yet another toolbar, but it’s a worthwhile addition. Software Inevitably, there’ssoftware you can buy to store passwords and logins securely, such as Evidence Blaster or My Security Vault. The latter includes a toolbar plug-in and a number of other bells and whistles to make it seem attractive.Whether you want to invest in the software is a personal decision, of course. While it does offer certain advantages (you don’t need to remember all your logins and passwords, for instance), you dohave to pay for it.
My Security Vault Pro Screenshot SecurID There are a number of alternatives beginning to circulate that help protect your online security,although at present they don’t have wide circulation. SecurID is a code device that looks like the remote opening device for your car, except itshows a different six-digit number each minute. When you log into a system protected by SecurID, you enter your usual login, password, and thenumber on the device. If they match, then bingo, you’re given access. Of course, it’s a system with problems, not the least of which is cost and having to synchronize the code device andserver (can you enter your number in time?). Because of the expense, it’s currently not much of a consumer option (although AOL has offered it as a paid option). There are some othercontenders, like Grid Guard or Entrust, but to date, no system has emerged as truly viable for mass use. Pharming Prevention There’s no single, simple solution toprevent pharming short of purchasing software, such as Norton Confidential or Websense. But the best safeguards are the oldest ones – check the URL of any site asking for your information. If it’s supposed to be secure, make sure it hashttps:// on it. Be certain before you give any information away that the site is exactly what you typed, and that it has a certificate (in IE and some other browsers, click File >Properties, or simply right click with the cursor anywhere on the webpage and select Properties). Spam Yes, you need spam filters enabled tohelp keep your computer safe and help reduce or eliminate the possibilities of viruses arriving in e-mails. One excellent filter is Mailwasher. It works with your mail server, just the same as Outlook, Eudora, or whateveryou use. However, you can delete a message, bounce it back (so it appears your address doesn’t exist), and get information on the mail – all without downloading it. You can even preview themail without having to download it. You can use it on all Windows systems, and there’s a Linux version, although it’s only for POP3 mail accounts, not web-based mail – at least not inthe free version. Mailwasher Pro, which you have to pay for, supports web mail.You can even set it up to check your mail at pre-defined intervals.
Mailwasher Free You should also have spam filters set up in your e-mail program. With Outlook, click on Tools > Options, then the JunkE-Mail button, from which you can set the level for junk mail. Other tabs allow you to list safe senders and recipients, as well as block specific senders by e-mail address. It’s not perfect, byany means, but the filters are updated regularly (check online). There’s also spam filtering software you can buy. For most people, however, it’s probably not necessary to go to such lengthsif you enable spam filters properly and are careful with your mail. Never open an attachment without knowing exactly what it is. Keeping Your Social Security NumberSecure If you’re not worried that your Social Security number might be floating around in cyberspace, then you should be. It’s one of the core parts of your identity, and you give itwhenever you apply for credit, or to open a bank account or account of any kind. Although they’re slowly disappearing, there are still many, many Social Security numbers out there. There’s aspecial search engine you can use, StolenIDSearch.com, which you can use to see if your Social Security number is out there and available for many to see.It’s a fairly new site, but in its first three weeks of operation, almost a quarter of a million people used it. That’s hardly surprising, giving how important a signifier the number is. Crooks regularly sell and trade them on the internet just like credit card numbers, and in many ways, they’re far more accessible. Of course, if you discover your number is out there, you’ll findthere’s no easy way to have it removed. But at least you’ll know where you stand. Conclusion The only certainty is that the battle to keep your identity safe will benever ending. The crooks and scammers continue to become slicker and more inventive, so the solutions have to be more high-tech. Yet, at the heart of it all, you can do a lot simply by usingyour common sense. Distrust everything until you know otherwise. Use a lot of caution whenever you’re online. It’s an open environment, but as much as that’s a joy, it also means it can be dangerous.Keep all that in mind, take all the precautions, and you should be as safe as anyone can be.

Editors' Recommendations