If you’ve clicked on a link flashing within an unsolicited email promising you a big money, or have given away your Internet banking PIN or password or credit card number to an unknown caller, or have even shared tidbits like your birth date, birthplace, etc, on social networking sites, chances are that you opened a Pandora's box of risks.
Call it the holy grail of cyber crooks. Cyberspace has now become the favourite den of online scammers, hackers, and fraudsters who are always on the prowl to steal identity and swindle people.
Although phishing is one of the most common e-mail frauds aimed at stealing your online identity and your personal data like credit/debit card numbers, bank account details, and other sensitive financial data, there are scores of other ways online fraudsters and hackers use to entice Internet users and cheat them.
But don’t fret! Whilst it’s difficult to stop receiving spam emails in your mailbox, one could best avoid the trapdoors that usually come along with spam emails.
So how to guard yourself from online fraudsters?
The thumb rule, experts believe, is to never reply an unsolicited email and never click on an unknown link given inside an unsolicited email.
“Prevention is better than cure,” advises Kratika Sangal, Marketing and PR Manager, Norton, the Internet security firm, Dubai.
“Even if an email comes from a trusted source, be wary. It’s also important not to divulge your confidential information over email. If your bank sends you an email asking you to update your details, first check with your bank rather than just revealing or giving out your login details,” she added.
Being in the cyberspace is very much about making smart choice when giving out personal information, believe experts.
“One should also check privacy settings on most of social networks that do allow people to hide certain parts of their information or make sure that it is visible only to a select number of people in their network,” Sangal said, adding: “One has to be cyber-savvy and smart enough take enough precautions when online. Avoid sharing information like your birth date. When it comes to password, be a little more creative about it. Make it alpha-numeric and don’t include obvious information like the name of your pet, your birth date, your children’s names etc.”
Experts add there are different methods to overcome online fraudsters -- some of them relate to the technological part and some to the human behaviour.
“On the technical side, one of the important things for online protection against fraud is to make sure that the user has installed the latest version of the Internet browser. Secondly, the user must use a reliable and updated anti-virus and Internet security software to get protection against fraud,” Tarek Kuzbari, Managing Director, Kaspersky Lab Middle East told Emirates 247.com.
Thirdly, he said, the user should use virtual keyboard especially when trying to insert confidential information (such as login id) on a website in order to protect the information from malware such as Keylogers.
Further, a user should frequently change his password for login especially when he is using websites like ebay or Amazon, etc that require users to login and enter password.
On the human behaviour side, Kuzbari said, one important point to remember to get online protection is not to reply to any suspicious emails that usually ask about sensitive data. Also, if a user is doing online shopping, he should make sure that the dealer is trustworthy. Users should also be aware of fraudulent emails and make sure they do not fall victims to such emails.
Clicking on an unsolicited link is another mistake many Internet users do, say experts.
“We definitely do not recommend a user to open a link given in an email unless it is sent from a trusted or known sender. The aim of most of such emails is to get confidential information from the user. If a user clicks on such links and reveals his login id and password the cyber criminal is able to collect it and could misuse it. Clicking an unknown link may also download a Trojan onto the victim's computer system and could provide access to the cyber criminal. This technique is very popular on the social networking sites.
"For example on Twitter, spammers may post a fraudulent link, which could spread malware on users' computer systems. Users should therefore check whether the organisation posting the link is genuine and should avoid clicking link from anyone they don't know,” Kuzbari added.
He goes on to say that users should also make sure the authenticity of the email sender by checking the email sender's details or the complete email id in the 'from' section of the email. Spammers usually pretend to be genuine senders and imitate genuine email id in order to bypass anti-spam applications.
For instance, usually a letter or two of the spammers' email remains capitalised. Further, in many cases the words are distorted. For instance, instead of writing 'you won' spams or phishing emails write 'youwon' as a single word. It may also be the case that the link given in a spam email closely resembles that of the official website of an original organisation in an attempt to trick the user into opening the link.
For instance, he said, instead of writing <http://www.facebook.com>, the fraudsters may choose to give the name <http://www.fasebook.com>. Very often, spammers may also use fear factor as a weapon to trick the user into revealing his confidential information. For instance, they may send an email saying 'if you don't change your user name and password right now, you could risk closing your account or have to pay a hefty penalty.' Users should simply ignore such emails, Kuzbari said.
Mac and PC users equally prone to fraud
Online fraud has nothing to do with what operating system is in use on your computer, say experts.
“The technical security measures are applicable to any system since online frauds don't have any relationships with a computer's operating systems. Mac users often have a fake feeling of safety. But in reality, Mac operating systems are not 100 per cent safe,” Kuzbari said.
“I consider [Mac users considering themselves safer from online fraud than PC users] is a myth. If your PC or Mac is not connected to the Internet, it’s safe. The moment you go online, there’s always a threat lurking on or for you. There’ve cases of virus attacks on Mac as well as PCs. So one needs to make sure one has compatible security software for a Mac,” added Sangal.