Top 10 Tips to Avoid Phishing Scams and Identity Theft

Earlier this week, I posted on the subject of eBay and PayPal phishing email scams.  It is impossible to completely protect yourself from the bad actors, but I wanted to share with you my recommendations on how to protect yourself from these types of scams.  The following are my top 10 tips on how to avoid phishing scams and identity theft:

1) Never click on the hyperlinks in emails
The text you see as an email hyperlink may be cloaked or hidden.  The cloaked hyperlink could take you to a website that you weren’t planning to visit.  If you aren’t completely sure of the source of the email, you should simply retype the URL directly into your browser.  This is one of the best ways to avoid fake hyperlinks and the threats associated with phishing emails.

2) Use Anti-SPAM software
A huge percentage of email traffic is SPAM   (more than 75%), and unfortunately, much of that SPAM email is fraudulent.  SPAM filters can help cut down on the number of SPAM emails you receive, and by doing so, mitigate some of the risk to you of falling victim to phishing emails.

3) Use Anti-Spyware
Spyware and Adware are files that can be installed on your computer without you even knowing it.  This malicious software can enable companies to monitor your Internet surfing patterns and see what you purchase online.  Some of this software is legitimate, but some of it is malicious and all of it slows down your computer’s performance.  The software can also enable companies to inundate you with "pop-up" ads.  Bad actors can also leverage spyware to learn important information about you, your identity, and your surfing habits.  Typically, spyware will infect your computer after you download music, files, or documents.  Anti-spyware   software will help you detect and remove spyware and adware.

4) Use a Personal Firewall
A good personal firewall will monitor incoming and outgoing Internet traffic from your computer.  A firewall can block information traffic, and it can also warn you of unauthorized information traffic.  It is fairly easy for bad actors to hack into your computer and plant a virus on the harddrive, but firewalls can help stop this from happening. Firewalls can also block unauthorized programs from accessing the Internet, such as trojans, worms and spyware.  Microsoft XP comes with a personal firewall and I have found it to be quite good.  I have also used Norton Internet Security successfully.

5) Install Anti-Virus software
Anti-virus software   can detect and delete virus files before they can attack your computer. Virus programs, including trojans and worms, can search your computer for personally sensitive information and pass this information to fraudsters, and so it is important to install anti-virus software and to keep it updated at all times.

6) Keep ALL of your software updated
Obviously, you need to keep your anti-virus software, operating system, and browsers updated at all times, but recently, the bad guys have been targeting the defects and vulnerabilities in other common software products.  You need to update everything on a fairly regular basis, and most responsible software vendors will provide software updates when vulnerabilities are discovered.  Setting up the automatic update feature is a good idea.

7) Always look for "https" in the URL, and the SSL padlock icon in the footer of your browser on any site that requests personal information
The information you enter into Internet web pages can be intercepted by fraudsters. When submitting sensitive financial and personal information on the Internet, look for the locked SSL padlock icon on your Internet browser’s status bar and the “https://” at the start of the URL in the your Internet browser’s address bar. Websites that that leverage "https" actually encrypt your information in order to make it harder for fraudsters to read your private info. It is important to note that this does not ensure that you are on a legitimate website, but it does ensure that your private information is encrypted.  The absence of "https  " or the padlock indicates that the web site is definitely not secure.

8) Make online purchases from e-commerce retailers that you can trust
Limiting your purchases to merchants you can trust is an extremely good idea.  How do you know who you can trust?  If the merchant has a strong brand name, you should be fine.  Brands are built over time and with hard work.  Strong brands deserve your trust and your business. You can also use merchant or feedback ratings as decent signals, but these are imperfect trust signals, and you probably shouldn’t rely solely upon ratings to decide who to buy from.  There are literally hundreds of thousands of examples where feedback ratings failed buyers.

If the merchant doesn’t have a brand name you recognize, I believe you should look to see if there are any major third party companies willing to vouch for the merchant.  These third party endorsements are not all the same.  buySAFE provides the strongest third party endorsement on the Internet today via the buySAFE Seal, and buySAFE is willing to back up its endorsement with a bond guarantee of up to $25,000 if requested to do so.  The Better Business Bureau   also provides endorsements via their BBB Online   seal, but they are not willing to put their money where their mouth is.  Obviously, the BBB is better than nothing.

Legitimate, professional merchants are safe bets, and you can feel confident that these trusted merchants will safeguard your personal information.

9) Monitor your credit reports
If you have responded to a fraudulent email or if you believe you have visited a fake website, you may be at risk of identity theft. A virus could have been implanted within the email, which may find and pass on sensitive personal information about you to fraudsters.  Obviously, if you have provided fraudsters with any personal information, you may be at risk of identity theft, and so you will need to monitor your credit report.  One easy way to do this is to subscribe to a credit report monitoring service that will alert you if your personal information is used fraudulently.  I use a service from Equifax  , but there are a number of them out there that will alert you if your personal information is potentially used in an identity theft scam.

10) Stay up to date on the latest Internet scams
Internet fraud methods are evolving at a rapid rate, and you need stay up to date on what the latest scams are.  Fraudsters are persuasive, convincing and creative, and it is easy to believe you will be avoid these bad actors.  The reality is that the odds are against you never having a problem.  I will continue to update you on my blog regarding the latest trends and scams, and there are many other good blogs that you can leverage for information as well.  Stay up to date, and improve your chances of staying safe.

Other Online Fraud Information sites:
ScamBusters.org
Fraud, Phishing and Financial Misdeeds

Anti-Phishing Working Group 

One thought on “Top 10 Tips to Avoid Phishing Scams and Identity Theft

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s