Here’s the rub: in this era of heavy encryption and computer security, the easiest thing to crack in the chain of computer security isn’t the computer itself, but the human sitting in front of it. Yes, that’s right; you can have all of the anti-virus and anti-spyware and firewall software you want, but when it all comes down to it, you’re the weakest link in the chain of security for your computer.
So, that raises the question: what can you do about it? How can you, as the least secure element in your entire computing environment, improve your security IQ? For starters, here’s a quick Internet security quiz:
1. If you got an e-mail from someone promising nude pictures of Anna Kournikova, would you open it?
2. If your bank e-mails you and tells you to change your password, would you?
3. If you were asked to assist a prince in transferring large amounts of money from his bank account, would you?
4. If a Web site told you that your computer had a virus, and you just needed to install a free virus scanner, would you?
5. Do you automatically trust everything you receive in e-mail from your friends?
If you answered “yes” to any of those questions, you aren’t safe. Even if you answered “no” to all of them, I’ll be honest, I threw you a bunch of softballs. Seedier denizens of the Internet than I are constantly trying to find another way to pull one over on you.
Let’s start from the top: I ripped the first one from the headlines. Back in 2001, a cracker created the “Anna Kournikova” worm, promising nude pictures of the sexy Russian tennis player, but instead using your computer to perpetuate its own existence.
The second example is that of a classic “phishing” scam. Phishing is a form of social engineering in which the perpetrator tries to get you to reveal personal information so that he/she can steal your identity. So, the moral of the story? Even if a Web site looks like one you use, acts like one you use, and asks for your username, password, dog’s name, birthdate, and the sort of chia pet you look most like, it may not be the one you use. In fact, it probably isn’t.
Most companies, especially banks, have policies against asking you for your personal information. If you get an e-mail telling you to change your password, or confirm your identity, go to your nearest local branch and talk to a human. It may seem annoying, and totally “duh”-worthy, but it will save your hide someday.
For question number three, that’s an advance-fee fraud, better known as a Nigerian bank scam. In essence, a prince sends you an e-mail telling you that you can get a cut of his family’s massive fortune, if you just pay a small (in reality, not so small) fee for the transfer. Needless to say, you don’t actually get any money.
Question number four reveals one of the more insidious tricks on the Internet. A Web site tells you that your computer has problems, and that a piece of software can fix it. Unfortunately, more often than not, that piece of software is malware. Then, you have one more problem with your computer. Isn’t that swell?
Finally, there’s number five. This one’s a bit tricky. You see, it’s really easy to spoof someone’s e-mail address, and it’s also easy to trick people into giving out their e-mail login credentials. So just bear that in mind. If you get a suspicious e-mail, no matter who it’s from, be extra careful.
Hopefully, this has helped you out a bit in your quest to be a safer computer user. If you already know all of this, then stay sharp, because there are always people out there gunning for you.
