7 Online Blunders That Threaten Your Identity
These 7 mistakes can ruin your computer or invite identity theft:
1. Assuming Your Security Software Is Protecting You
Security software is fully effective only when activated and frequently updated. (Most products can update automatically.) To update most commercial software products, you must pay an annual fee.
What you can do: Renew the subscription when the software prompts you. Make sure your security software is active when you’re online and that it has been updated within the past week or so. Be sure that its automatic updating feature is enabled. If it isn’t, that’s the problem; enable it, then update manually.
2. Accessing an Account Through an Email Link
No matter how official an e-mail message looks, trying to access a financial account by clicking on embedded Web links is risky. If the e-mail message is fraudulent, a cybercriminal could use the account number and password you enter to steal your identity or empty your bank account.
What you can do: If an e-mail message asks you to update your password, account number, or other information, don’t take the bait. Access an online account only by using your existing browser bookmark or typing in the institution’s Web address.
3. Using a Single Password for All Online Accounts
9% of home Internet users who responded to our survey said they used a single password for all their accounts. Bad idea.
What you can do: Using different passwords need not be burdensome. Do what 15 percent of the respondents to our survey do: Use variations on one password. A well-crafted password uses a combination of at least eight letters, numbers, or punctuation symbols.
Steve’s note: Don’t use “newone” (as in “pick a new password”…) for your password.
4. Downloading Free Software
You couldn’t resist that neat, free utility. Or your teenager couldn’t resist those fish-tank screen savers and smiley faces. Now your computer runs more slowly than ever. That’s because spyware was probably packaged with the freebies.
What you can do: Download freeware only from reputable sites. Eliminate most spyware by downloading the free Microsoft Windows Defender and scanning your PC. If you use Windows Vista, there should already be a copy of Defender on your computer.
5. Thinking Your Mac Shields You From All Risks
According to this year’s State of the Net survey, Mac users fall prey to phishing scams at about the same rate as Windows users, yet far fewer of them protect themselves with an anti-phishing toolbar. To make matters worse, the browser of choice for most Mac users, Apple’s Safari, has no phishing protection. We think it should.
What you can do: Until Apple beefs up Safari, use a browser with phishing protection, such as the latest version of Firefox (shown at right) or Opera.
6. Clicking on a Pop-up Ad That Says Your PC Is Insecure
15% of respondents to our survey who saw pop-up ads clicked on them. But that’s never a good idea. Even if you know such pop-ups are phonies, they’re still dangerous. It’s easy to click inside the ad by mistake and be transferred to a spyware site or, worse, have malware automatically downloaded onto your computer.
What you can do: When closing a pop-up (shown at left), carefully click on the X on the upper left or right corner, not within the window. To avoid pop-ups altogether, enable your browser’s pop-up blocker.
7. Shopping Online the Same Way You Do in Stores
Online shopping requires special precautions because the risks are different than in a walk-in store: You can’t always be sure who you’re doing business with. You must disclose more personal information, such as your address, to the online retailer. Thieves can sneak in undetected between you and the retail site.
What you can do: Use a separate credit card just for your Internet shopping, as did 7 percent of respondents to our survey. Don’t use a debit card. Sites that display “https” before their address when you’re entering sensitive information and those displaying certification symbols are usually safe, but there are no guarantees. When in doubt, get a virtual account number from your credit-card company. It’s good for only one purchase from a specific vendor.