Cybercrime Prevention Tips

note: The following information is provided as general information
and is not intended as an endorsement of any particular commercial product or service

Cybercrime prevention can be straightforward. When you're armed with a little technical advice and common sense, you can avoid many attacks. Remember that online criminals are trying to make their money as quickly and easily as possible. The more difficult you make their job, the more likely they are to leave you alone and move on to an easier target. The tips below provide basic information on how you can keep your computer and your identity safe.

Keep your computer current with the latest patches and updates.
Make sure your computer is configured securely.
Choose strong passwords and keep them safe.
Protect your computer with security software.
Shield your personal information.
Online offers that look too good to be true usually are.
Review bank and credit card statements regularly.

Keep your computer current with the latest patches and updates.
One of the best ways to keep cyber attackers away from your computer is to apply patches and other software fixes when they become available. By regularly updating your computer, you block attackers from being able to take advantage of software flaws (vulnerabilities) that they could otherwise use to break into your system.

While keeping your computer up to date will not protect you from all attacks, it makes it much more difficult for hackers to gain access to your system, blocks many basic and automated attacks completely, and might be enough to discourage a less-determined attacker to look for a more vulnerable computer elsewhere.

Most companies release software that can be configured to download and apply updates automatically so that you do not have to remember to check for the latest software. Taking advantage of "auto-update" features in your software is a great start toward keeping yourself safe online.

Make sure your computer is configured securely.
Keep in mind that a newly purchased computer may not have the right level of security for you. When you are installing your computer at home, pay attention not just to making your new system function, but also to making it work securely.

Configuring popular Internet applications such as your Web browser and email software is one of the most important areas to focus on. For example, settings in your Web browser will determine what happens when you visit websites on the Internet. The strongest security settings will give you the most control over what happens online but may also frustrate you with many questions ("This may not be safe, are you sure you want do this?") or the inability to do what you want to do.

Choosing the right level of security and privacy depends on the individual using the computer. Oftentimes security and privacy settings can be properly configured without any sort of special expertise by simply using the "Help" feature of your software or reading the vendor's website. If you are uncomfortable configuring your computer yourself, consult someone you know and trust for assistance or contact the vendor directly.

Choose strong passwords and keep them safe.
Passwords are a fact of life on the Internet today. We use them for everything from ordering flowers and banking online to logging into our favorite airline website to see how many miles we have accumulated. The following tips can help make your online experiences secure:

  • Select a password that cannot be easily guessed to keep your passwords secure and away from the wrong hands. Strong passwords have eight characters or more and use a combination of letters, numbers, and symbols (e.g., # $ % ! ?).
  • Avoid using any of the following as your password: your login name, anything based on personal information such as your last name, and words that can be found in the dictionary. Try to select especially strong, unique passwords for protecting activities like online banking.
  • Keep your passwords in a safe place and try not to use the same password for every service you use online.
  • Change passwords on a regular basis, at least every 90 days. This can limit the damage caused by someone who has already gained access to your account. If you notice something suspicious with one of your online accounts, one of the first steps you can take is to change your password.

Protect your computer with security software.
Several types of security software are necessary for basic online security. Security software essentials include firewall and antivirus programs. A firewall is usually your computer's first line of defense--it controls who and what can communicate with your computer online. You could think of a firewall as a sort of "traffic cop" that watches all the data attempting to flow in and out of your computer on the Internet, allowing communications that it knows are safe and blocking "bad" traffic, such as attacks, from ever reaching your computer.

The next line of defense is your antivirus software, which monitors all online activities and protects your computer from viruses, worms, Trojan horses, and other types of malicious programs. More recent versions of antivirus programs, such as Norton AntiVirus, also protect from spyware and potentially unwanted programs such as adware. Having security software that gives you control over software you may not want and protects you from online threats is essential to staying safe on the Internet. Your antivirus and antispyware software should be configured to update itself, and it should do so every time you connect to the Internet.

Integrated security suites combine firewall, antivirus, and antispyware features with others like antispam and parental controls. Many people find using a security suite an attractive alternative to installing and configuring several different types of security software as well as keeping them all up to date.

Shield your personal information.
Exercise caution when sharing personal information such as your name, home address, phone number, and email address online. To take advantage of many online services, you will inevitably have to provide personal information in order to handle billing and shipping of purchased goods. Since not divulging any personal information is rarely possible, the following list contains some advice for how to share personal information safely online:

  • Keep an eye out for phony email messages. Messages may be fraudulent if they contain misspellings, poor grammar, odd phrasings, URLs with strange extensions or that consist entirely of numbers, and anything else out of the ordinary. Additionally, phishing messages will often tell you that you have to act quickly to keep your account open, update your security, or urge you to provide information immediately or else something bad will happen. Don't take the bait.
  • Don't respond to email messages that ask for personal information. Legitimate companies will not use email messages to ask for your personal information. When in doubt, contact the company by phone or by typing in the company Web address into your browser. Don't click on the links in these messages as they make take you to a fraudulent, malicious websites.
  • Steer clear of fraudulent websites used to steal personal information. When visiting a website, type the URL directly into the Web browser rather than follow a link within an email or instant message. Fraudsters often forge these links to make them look convincing. A shopping, banking, or any other website that requires your sensitive information should begin with "https:" (i.e. https://www.yourbank.com, not http://www.yourbank.com)/. The "s" stands for secure and should appear when you are in an area requesting you to login or provide other sensitive data. Another sign that you have a secure connection is the small lock icon in the bottom of your Web browser (usually the right-hand corner).
  • Pay attention to privacy policies on websites and in software. It is important to understand how an organization might collect and use your personal information before you share it with them.
  • Guard your email address. Spammers and phishers sometimes send millions of messages to email addresses that may or may not exist in hopes of finding a potential victim. Responding to these messages ensures you will be added to their lists for more of the same messages in the future. Also be careful when posting your email address in newsgroups, blogs, or online communities.

Online offers that look too good to be true usually are.
The old saying "there's no such thing as a free lunch" still rings true today. Supposedly "free" software such as screensavers or smileys, secret investment tricks sure to make you untold fortunes, and contests that you've surprisingly won without entering are the enticing hooks used by companies to grab your attention.

While you may not directly pay for the software or service with money, the free software or service you asked for may have been bundled with advertising software ("adware") that tracks your behavior and displays unwanted advertisements. You may have to divulge personal information or purchase something else in order to claim your supposed contest winnings. If an offer looks so good it's hard to believe, ask for someone else's opinion, read the fine print, or even better, simply ignore it.

Review bank and credit card statements regularly.
The impact of identity theft and online crimes can be greatly reduced if you can catch it shortly after your data is stolen or when the first use of your information is attempted. One of the easiest ways to get the tip-off that something has gone wrong is by reviewing the monthly statements provided by your bank and credit card companies for anything out of the ordinary.

Additionally, many banks and services use fraud prevention systems that call out unusual purchasing behavior (e.g., if you live in Texas and all of a sudden start buying refrigerators in Budapest). In order to confirm these out of the ordinary purchases, they might call you and ask you to confirm them. Don't take these calls lightly--this is your hint that something bad may have happened and you should take action.