Phishing, Viruses and Website Security: What to Do

Print Page

Resize

- Email to a friend

+ Bookmark in your browser

AL: We hear a lot about the dangers of phishing on the Internet. What is phishing?

Wong: Phishing is when crooks use a fake website or e-mail to obtain personal information so they can steal your money. Most commonly, you will receive a random e-mail from what looks like a well-known company, like a bank. The e-mail will state that there is a problem or that the company needs additional information from you. 

The e-mail usually contains a link to what looks like a legitimate site, but really is a clever lookalike. Once you get to the site, you are asked to enter confidential information which the crooks can then use.
 
So to avoid being taken by a phishing e-mail, be careful if you receive an e-mail that even looks legitimate. If you are in doubt, call the company to see if there is a problem. Look up the phone number using your own statements or telephone book. Also, take a look at the ‘from’ address. It will either have a name that is completely different from the company you think it’s coming from, or a similar name but with some extra letters or numbers.
 
Since this is a common problem, software companies have built-in protection in browsers, e-mail programs and security suites programs. Make sure you have a security suite installed on your computer and that it is up to date with a valid update subscription. Roadrunner and other services provide free software, so check there first.

AL: What types of websites should we avoid to reduce chances of phishing?

Wong: The most common websites that are used for phishing are banking or other financial sites. However, that doesn’t mean you should stop banking online.

Phishing sites usually get you by getting you to open a link to the phishing site. If you receive an e-mail, don’t open the link included in the e-mail — open your browser and type the bank’s website address yourself, so you know you’re going to the real website.

AL: How much info can a site get from a personal computer? What kind of info?

Wong: Usually, phishing sites want your logon information—your username and password. Then the crooks can log on as you and then send your funds to themselves.

Other personal information, like your Social Security number, can be used to open a new account which belongs to you, but which the crooks can charge to.

AL: Sites that start with https or show a lock in the URL bar: What do these mean, exactly?

Wong: HTTPS and the lock mean that the information you type is being encrypted between your computer and the website you are talking to. If the data is encrypted, no one can read the data unless they know how to un-encrypt it. This is important when you are entering information such as credit card information or your Social Security number.

AL: How can my computer get infected by a virus, even if I've installed a virus protection program? Should I change the settings?

Wong: First thing to know is that no virus checker is perfect. They will usually stop a high  percentage of viruses, but there is always a small chance that one will get through.

Also, because there are new viruses being created every day, you need a virus checker that updates itself with the latest definitions of viruses discovered. If you don’t have a subscription to update your virus checker, the chances of getting a virus increases the longer you don’t update the virus checker program.

AL: If I’m traveling or at the library and use a different computer to access my email, bank account or other sensitive info, how can I make sure no one else can access it when I’m done?

Wong: On older versions of the browser (for example Internet Explorer 6 or earlier), you can clear the browser’s cache and then close the browser down when you are done using it. This usually can be done by using a command in the Tools menu.

On new browsers like Internet Explorer 8 or Firefox 3.5, there is something called a Private Browsing mode where nothing is cached on the computer and once closed, there will be no trace of what you did. Again, look in the Tools menu for this option.