Personal Security and the Internet

Personal Security and the Internet

Internet technology has brought with it a veritable revolution in communication and worldwide contact with a wide variety of cultures and viewpoints. This has also brought about a wide array of possibilities and changes for the way in which people conduct business. Personal and collective wealth has seen industry-wide changes in terms of entrepreneurship and job creation. With all these positive effects, however, there have also been significant negative side-effects. Technological "terrorists," for example, have created harmful programs such as viruses and malware designed specifically to harm the computers and systems it infects. Others have gone as far as committing fraud and identity theft by means of phishing scams or simply using the information users have unknowingly entered on public domains such as social networking sites. For these reasons, today's Internet user has to be especially vigilant when using the online environment for any reason. This is especially the case when entering personal information into web sites. Users can take precautions against being victimized by online scams and information theft by means of available software such as anti-virus and anti-spyware products, as well as being aware of online safety precautions and scams such as phishing.

Anti-Virus Products

According to the Bukisa (2010) Website, it is vital that computer users install and use a high-quality reputable anti-virus program. This software functions best when it downloads the latest virus definitions and scans the computer at least weekly. Viruses change shape regularly, which makes it vital for anti-virus software to make regular updates.

Another manifestation of anti-virus software is firewalls, which can be installed and used to ward off direct attempts to enter a computer via a DSL-connected home computer. McCandlish (2002) notes that home computers that are connected via DSL, broadband or other 24-hour Internet connection are very vulnerable to attacks of this kind. Computer criminals then search for such vulnerabilities and can invade DSL-connected home computers to search for information such as credit card numbers or other sensitive data. Such criminals can even take over a computer and use it to attack other computers to cover their tracks by misleading authorities.

Firewall hardware and software can protect the user against such attacks. Such products can be found at computer stores, while freeware and shareware versions can be found online. In order to make proper use of such software, it is vital that the user be aware of the possibility of these attacks, and what kind of connections are most vulnerable to these invasions.

Spyware

Spyware, as the name implies, is software that spies on a user's online habits and gathers personal details to report these back to a company whose software the user has installed. To accomplish this, companies offer applications such as games or utilities with spyware software attached. When the user installs the software, the spyware is installed with it and starts reporting back to the company. MS Windows users can use the Ad-aware program to disable and remove spyware from their computers.

According to McCandlish (2002), vulnerability to spyware can also be caused by Java, javascript and ActiveX. These scripting languages are often automatically enabled in a browser's configuration. These can be manually turned off by a user, and only turned on when a trusted site requires them. BrowserSpy is a handy tool to determine whether a browser supports these languages, as well as to ensure whether the settings are turned on or off.

A particularly insidious form of spyware is known as "webbugs." These are image files that are either invisible or barely visible that attach themselves to cookies and Javascripts. Their function is to track the user's Web usage and report them back to their parent companies. The reason for the particular difficulty in dealing with these webbugs is the fact that it is so difficult to distinguish between them and normal image files. There are Websites that provide hints to determine whether webbugs are an issue or not. When webbugs are identified, McCandlish (2002) suggests that pop-ups be closed immediately. Some webbugs work around this possibility by including Javascript solutions to keep the user from closing them. The user will then have to close all other browser windows in order to close the webbug application.

Webbugs can also appear in the form of cookies. The author notes that all cookies from sites other than the one the user is currently visiting are more likely than not to be webbugs. Hence, the user should reject all these to minimize the webbug problem.

Users of email and newsgroups sites should be particularly aware that webbugs can be attached to news emails. All cookie support from these applications should therefore be turned off.

Malware

According to Bickell (2011), malware is broadly used to include several forms of harmful computer components, including viruses, worms, Trojans, spyware, and adware. Specifically, these forms of computer crime can cause problems such as slow operation, data corruption, and a generally negative impact on the performance of the affected system. As for all forms of information crimes, users must be aware of the various manifestations of the problem and ways to protect themselves against this.

Bickell (2011) offers four ways in which users can protect their systems against possible infection. The first has already been mentioned, which is a good anti-virus software program. The author emphasizes that this should not be considered optional. Because of the wide variety of malware and the damage they can create, it is vital that users not only be aware of them, but also take all possible precautions to protect their systems. Certainly, the price of a good anti-virus system is hardly anything in the light of the price of the damage that could be done to an entire computer system.

The second way to protect a system is by exercising extreme diligence when downloading from the Internet. Some sites will offer file or program downloads that the user was not consciously looking for. The author warns very strongly against downloading these without further thought or investigation. Indeed, it is by means of such software that users can be caught unawares. Before therefore downloading any software from the Internet, the user should be sure that it is not only from a legitimate site, but that it is in fact software that is required. Another good way to ensure the safety of any downloaded files is to run them through a scanning program, even if the files were required and the site is trusted.

Thirdly, attachments and links are an easy way for online criminals to add malware to a user's unsuspecting system. This is general done in the form of emails with attachments or links including tantalizing messages such as that mail or a greeting card has been received. Users are advised never to open attachments or links when the email containing them is not from a known contact. Senders of such emails have become even more clever, using names in a user's contact list to send the attachments. Experts therefore caution users to make sure of the legitimacy of an attachment or link even from known senders. As a rule of thumb, a good idea is for users to check whether their contacts have in fact sent the mail in question.

A fourth precaution concerns using file sharing sites. These have become increasingly popular for their free software, music and movie downloads. However, the likelihood of downloading malware instead of useful software or one's favorite films is very high. Experts therefore warn very strongly against using sites that share files like these.

As mentioned above, awareness is therefore the strongest counter for attacks that can harm one's computer from insidious sources. If user has indeed been caught unawares, the best remedy is a good anti-virus program.

McCandlish (2002) suggests that malware could take an even more directly threatening shape in the form of industrial espionage, government surveillance, and threats from former associates who hold a grudge. A good form of protection against these threats is offered by e-mail and file encryption software. This, according to the author, can be found free of charge from online sources. Such software can run on nearly all computers and integrate seamlessly with major e-mail software.

Encryption software functions on the basis of robust secret codes to protect the user's data. Specialized services in this regard are also available, which could include running connections through an encrypted tunnel, anonymous dialup, or anonymous Web publishing. While some of these services are offered free of charge, others come at a price. The user who is truly committed to protecting his or her system from malware attacks will actively seek out the most highly secure package or product for the protection of personal and sensitive data.

While one can philosophize on the sadness of a world that is both more connected than ever before and more dangerous than ever to enter, the reality is that systems need protection against online criminal activities. It is therefore encouraging that, for every new scam or form of malware that is created, there are also ways created to eliminate and disable these.

The responsibility to seek out and use the most appropriate form of protection for a particular system lies with its user. If a user does not regard these duties with the appropriate seriousness, the consequences could be dire indeed. Another very threatening form of computer crime is the phishing scam.

Phishing

Phishing involves email from an apparently legitimate source such as a bank or other place of business that requires the user to respond with personal information. Most commonly, banks are used as a front for these scams. The most common messages of this type is that a user's account has been disabled and will only be reinstated once the apparent company has received the specific requested data. When a user sends this data, the criminal can then use it for his or her own purposes, such as identity theft or credit card fraud.

According to WiredSafety.org (2011), phishing criminals target a very large amount of users with these types of e-mail, including a link to visit where the user must enter his or her personal data. Often, this will include a password. The Web site the user is required to visit is then also often created to appear legitimate, complete with company or bank logos. The information required then often includes credit card numbers, social security numbers, and bank account numbers. Obtaining this information then makes it extremely easy for the "phisher" to enter the victims personal finances to steal whatever he or she wishes.

Another phishing strategy is to use pop-ups that encourage users to enter sensitive information. The greatest threat associated with Phishing is the fact that these types of scams are extremely sophisticated. Users are therefore easily tricked into indeed "updating" their information as required. One very good way to combat this type of theft is an awareness of legitimate policies regarding users' personal and secure information. No legitimate bank or other company would ever ask for sensitive information by e-mail. Many of these institutions also combat spam by warning their clients regularly not to trust any requests for such information.

The WiredSafety.org (2011) site suggests several ways that users can use to identify phishing attempts from legitimate e-mail. Phishing e-mails can be identified by the type of information they request, as well as the message in the subject line. Typically, these e-mails claim that the user's account has come under review or is in danger of being cancelled or suspended. To prevent this, the user is encouraged to update his or her personal and account information. Phishing e-mails could contain spelling typos or oddly placed characters between words. These types of subject lines should be an immediate alarm that phishing is at issue.

The WiredSafety authors suggest that there are several ways to protect one's online data and to combat phishing. The first and most obvious step is not to reply to any e-mail asking for personal data. If there is any uncertainty regarding these types of e-mails, the user should contact the merchant in question to verify that the message is legitimate. This type of verification process is important from the merchant's point-of-view, who will become more aware of these phishing attempts on their customers.