by Merlin Benningfield, Managing Partner - Fast Rhino, LLC
In today's volatile world of digital hacks and data breaches,the chances of having your identity stolen is becoming more and more a certainty than just a possibility. So how do you protect yourself?
A common way in which criminals can ruin your life is by gaining access to enough personal information about you that they can then apply for credit under your identity. Your name, address, date of birth, and social security number can be enough information to apply for credit, perform tax refund fraud, medical services fraud, etc... and this information is quickly finding itself available to criminals on the dark web.
There are a host of companies now that promote credit monitoring services, which may sound like an effective and affordable solution, however, they only detect fraudulent use of your credit file after the fact. A better solution would be to implement a credit freeze. This helps lock down your credit record and prevents anyone from accessing it without you first "thawing" it.
The United States Public Interest Research Group (USPIRG) published a comprehensive document (PDF) discussing the importance of why you should consider placing a freeze on your credit report before your information is stolen. They also have some good advice regarding the recent Equifax breach and how you can protect yourself in that regard.
As I continue to say, the bad guys are using the Internet against us. The more we learn about their tactics, the less likely we are to become a statistic.
by Merlin Benningfield, Managing Partner - Fast Rhino, LLC
For more than a dozen years,
Fast Rhino has identified and removed thousands of threats from our client's
systems. It has since become a daily routine due to the alarming growth
rate of both the volume and type of infections we are encountering. We
cannot express how important it is to incorporate defensive computing skills
during your Internet travels. What we once knew as the "World Wide
Web" has quickly morphed into the "Wild Wild West".
The bad guys are rapidly
learning how to turn the Internet against us and use it as a tool to attack our
computers and mobile devices. Those of us who do not adapt and educate
ourselves will quickly become targets and eventually statistics of their online
crime.
If you were to attend a defensive
driving class, you would learn to follow some basic rules when behind the
wheel, such as looking both ways before proceeding through an intersection,
keeping a good eye on your blind spots and using your turn signals before
turning. These are just a few of the actions that could help you avoid an
unwanted accident out on the road. Defensive computing also requires you
to implement some basic rules designed to help prevent your system from getting
infected in this new Wild Wild West.
One of the most common ways
we see systems getting infected is via the browser. We all use our web browsers
to search for various information over the Internet. Some of us may feel
that since we only visit "mainstream" web sites, we are safe from any
sort of threat. This is a compete misconception. If you believe that you are immune from
malicious software simply because you only visit a few select web sites and you
have a name brand anti-virus program, you are mistaken. Times have changed and so has the Internet.
Just like in the real world,
if you were to go downtown, there may be dark alleys, red light districts or
gambling halls that you might avoid to stay out of harm's way. We've all been programmed to believe the same
is true when traveling over the Internet.
This programming is false. You
can now get "mugged" in broad daylight visiting popular destinations
that you thought were safe to visit.
Using defensive computing skills can help you protect yourself even if
you decide to stroll down a questionable path.
So what are some elements of
defensive computing? The list is ongoing
but here are just a few:
Use
a Script Blocker: If you only do one thing on this list, this
is probably the most important. Blocking potentially dangerous scripts is one
of the most effective ways to defend against common web-based infections. When used properly, a script blocker protects
your web browser from contracting infections from tainted web sites. This type
of attack is growing exponentially because so many people don’t yet know about
the dangers of scripting language and how it being used against us. If you are using a web browser without a
script blocker, you are simply asking for trouble. Learn more about script blocking for Firefox here and for Chrome here.
Avoid
Links and Attachments in Email:
People tell me on a daily basis that they don’t open or click on associated
links/attachments of emails sent by strangers.
That's a good start, but they should seriously question the emails from
people they do know, as well. Infectious
email links and attachments commonly spread via circles of association such as through
address books. This means the odds weigh more on you getting infected by
opening an attachment or clicking on a link within an email that is from
someone you know.
Question
Everything: Just
because something you see online seems legitimate, does not make it so. The
Internet is full of scams and compelling imitations designed to take you for a
ride. You are playing it safe by not
clicking, downloading, installing, etc.. when prompted by something with which
you do not have 100% confidence.
Keep
Your Security Products Up To Date:
Having a comprehensive anti-virus program and anti-malware program are good
preventatives, however, if they are not updated regularly, they can lose their
effectiveness against newly distributed threats.
Never
Allow a Stranger Remote Access:
Regardless of whether they initiate the conversation or you do, it is unwise to
allow anyone with whom you do not have a personal relationship to remotely
access your computer. This is by far one of the most common tactics used by
criminal organizations to extract money from willing participants.
Use
Different Email Addresses for Specific Purposes:
A large number of our clients only have one email address. This is simply inviting spam over to harass
you. We all at one time or another are asked for our email address by someone
or some entity who we don't necessarily know or trust. This process puts our email address at risk
of being sold to spammers and increases our exposure to receiving infected
emails. Anyone can create free email
accounts today (ie.. Outlook.com, Yahoo.com, Gmail.com, etc…) and use these
different accounts for specific reasons.
If you have a personal email address you check daily, you probably don’t
want it getting inundated with spam. So
the solution is to only give that email address out to people you trust. For other scenarios, use a different, free
email address. This way if you are purchasing something online or filling out
some web form that wants your email address, you can give them a different
email address, thereby cutting down on your personal email address' exposure.
In summary, these are just a
few defensive computing tips that can help keep you safer while navigating the
Wild Wild West. Stay tuned to our blog
for more!
