Surfing the Web Safely
A Quick How-To On Going Online Without Losing Your Money, Your Software Stability Or Your Mind!
I have a relatively elderly friend who has never been online. He knows what the Internet is, in its most basic terms, but has never really grasped its true advantages, leading him to believe – just like flares and the mullet – that it was just a passing craze – a fad soon to fade to the murky depths of obscurity and insignificance.
To him, and many others, letting them loose on the Internet is like doing the Tango on a minefield. Something bad is going to happen; it really is just a matter of when. There are so many dangers out there that teaching my friend to stay completely safe online would mean writing a volume of thick heavy books on the subject – a 2000 word article would hardly suffice, but I will try my best to cover the main reasons so many people are left shouting at their computer screens in frustration and anger. This article is for my elderly friend, but we will cover points that many other more experienced users can find useful as well.
You see the Internet is a virtual world, where a user can hop from one side of the world to the other with a click of a button. You all know this, which is why you are here. Like the real world the Internet is full of amazing things you can see and experience. Like the real world it is jam packed with advertising, gossip, creativity and so much more. However, unlike the real world, danger can be disguised so much better than ever before, and many people do not have the experience or knowledge to determine what is real and what is fake when presented with a certain scam, even though they would have no problem recognising its real world analogy. For example imagine you were walking down the street and a scruffy looking fellow walks up to you saying he was from your bank, and the only form of proof he shows you is your banks logo on a piece of paper. He then asks you for your bank details to make sure your account is all fine and dandy. What would you do? You would tell him where to go. Common sense right? Yet literally millions of people every year giveaway their bank details to scammers because an email with the logo of their bank lands on their email inbox doorstep asking for them.
This leads us nicely to our first example of Internet fraud – phishing. It is pronounced the same as fishing and the term exists simply because the phishing scams work very similar to fishing normally! Like fishing, the scammer uses bait, but in this case, instead of a juicy worm, they will often use a fake email asking for bank details that will link to an equally fake website. The scammers will make the bait look nice and official, ensuring your bank logo and design are present to fool the victim into biting. And that’s what they do, they send as many of their digital bait out into cyberspace as possible, then just sit back and see how many unwitting victims bite. How do they know who my bank is – you ask. They don’t. They spam as many emails as possible, and inevitably at some point the bank and customer will align. The bank details scam we talked about just one of the popular examples of phishing, though by all means there are more types of this scam than just posing as banks. Other popular variants include asking for your EBay or Paypal details or businesses like that where it is likely you have associated with it your banking details. So basically phishing is posing as a reliable organisation, in order to get sensitive and personal data from you. If you receive an email like this, no matter how official it looks, if it is asking you to enter data, do not respond to it. Banks and businesses like Ebay have their own websites where you can find contact details for them, if you are in any doubt.
There is another version of this type of fraud that is best described as a spin off of phishing and that is fake antivirus programs. Email versions of these however are rare – you’ll most likely encounter one if you venture to a website sitting on the dark side of the Internet. They will most likely be presented to the victim in the form of a popup window, or you will be directed to the website. What tends to happen is the user will see a “virus scan” occurring in the browser window. After is completes the scan will report that your system is infected with viruses and recommends you download the sponsored antivirus software to cure the infection, only problem being is that the software the user then duly downloads is usually dangerous and will only cause your computer more problems. It is another perfect example of a successful type of scam, and the real world equivalent would be something like this – you are walking down a street and a man comes up to you and says you look ill and offers to sell you random pills. Would you buy them? Of course you wouldn’t, but people don’t have this inhibition when online. How does the man know you are ill? He doesn’t. How does the “antivirus” software know you are infected with viruses? They don’t. They don’t because web pages don’t have access to your computer files for security reasons, just like this man doesn’t have access to your medical records, so when the page pops up and says your system is infected, it is nothing short of a lie. The only way you can do a genuine virus check is with antivirus software that has already been installed on to your computer.
The example we just talked out is half phishing because the scammers are posing as antivirus software companies, though it would be more accurate to describe this example as Internet malware. Malware for those not in the know is malicious software that downloads itself onto your computer through illicit means, and one way or another, causes damage to your computer. It’s often referred to as spyware. Sometimes malware will download itself to your computer and it can be very hard to spot because the malware is posing as what is normally a legitimate file, and this is what is referred to as a Trojan Horse, named after the Trojan Horse left at the gates of Troy in Greek mythology, only the Horse, posing as a victory trophy, contained unwelcome surprises – Greek warriors. The term malware is intrinsically linked to the term “virus”, though many people refer to computer viruses as a specific type of malware.
Internet malware is a broad subject, and the methods where it can breach your computer are diverse, to which the example above is just one. To avoid malware on the Internet follows most of the rules you would adhere to if you want to avoid getting mugged. Malware tends to lurk on what many refer to as the Dark Side of the Internet, which I guess would be the equivalent to dark alleyways and car parks at night time, the kind of places where muggings are more prolific. The dark side consists usually of pornographic sites, or sites that sell or distribute hacked software, or hoax sites. Staying clear of these types of sites dramatically decreases your chances of inheriting something you really don’t want.
That is not to say the only way you can catch malware is from a website. Far from it I’m afraid to say. Another popular way of distributing malware, such as computer viruses, is through email attachments or emails that contain links to websites. Email attachments are files that the sender has included with the email. There is some confusion about email attachments that has surfaced mainly because of fake virus warnings that are often circulated around the globe. I will try to clear it up now – email attachments can be and often are dangerous – BUT – they do not open automatically when opening an email to read it. This means that just opening an email is not dangerous at all. Many fake virus warnings will claim that a virus will destroy your hard drive (amongst other things) just by opening the email to read it. This really is not possible. It would be considered a pretty large security risk it is was the case. Downloading or saving an attachment is equally risk free, though not recommended. It is only when the attachment is executed (ran) when things become a different story. This is where is can be dangerous and can cause your computer problems no end! It brings us to the age old rule which we imagine should be drummed into everybody by now – never open an email attachment from an unknown sender. Unknown senders include names you have never heard of before, or even companies link your bank. Remember it is not hard to fabricate the From: field you see when you receive an email, so just because an emails From: field state Natwest is the sender, it does not mean this is necessarily true. The same applies to clicking links on these emails, which can be equally as dangerous. Installing a good email filtering system is one effective way of stopping most of these emails.
Malware can also be included in games or other software applications, not just from the Internet, but from external storage devices, like CDs, DVDs or external USB sticks. If you even run software from external storage devices, ensure they have come from a trusted source.
We will finish with malware here as this covers the most basic principles on the subject, and we will concentrate on specific yet common scams, the first being what is referred to by many as Advanced Fee 419 Fraud. This scam is typically initiated via email, like many phishing scams. Only this email will claim you have somehow inherited money. The reasons why vary – some emails don’t explain, others say its being transferred to you to avoid being detected by a foreign government, others say you have won the money. It doesn’t really matter however, as the same principle is true, you are on the receiving end of a bucket load of money, just as soon as you reply to the email. Well of course it doesn’t quite work like this. For those that do reply to the email in time, they will slowly be conned into paying money for security fees and other charges, only to never see the big sum of money that was promised. Variants of these also use the same ploy to steal your bank details. It is called the Advanced Fee 419 because 419 is the Nigerian criminal code associated with this particular type of crime, and many of these crimes appear to start, or somehow involve Nigeria.
Other popular types of scams are Get Rich Quick scams. If someone came to you and said “give me 20quid and I will give you this briefcase full of well kept secrets explaining how you can get rich quick for next to no work” you’d probably just keep on walking, yet curiously the same pitch online seems to have a much higher success rate. People are more willing to believe something is legitimate when it is online, when we’d say the opposite is probably truer. The sad fact of life is very is no easy way to get rich quick on the Internet. If there was everybody would do it. How many people do you know that have made a fortune on the Internet? Exactly. The Internet can be extremely profitable, but only for those willing to put in a lot of hard work. Ploys that get you to pay for starter kits to start you on your way to online success are dubious at best. We have heard from many people who fell for these scams, and these starter kits that are sold typically consist of basic to advanced marketing information that usually can be found freely on the Internet anyway, and are definitely not a secret sure fire recipe to success. The same principles apply to the schemes saying you can earn a fortune posting links on the Internet, it is untrue.
Another type of scam is the ones that go on sales and auction sites like EBay and the Gumtree sites, where PayPal is a common method of payment. The victim receives the payment via PayPal, duly sends the item being sold, only for the PayPal payments to be reversed. Always wait until the final confirmation has been approved and it cannot be reversed before sending the item.
We could go on for much, much longer talking about specific scams, but we don’t have time. If you want a much more in-depth look at the subject, there are many brilliant books that cover Internet Security in a lot more detail, or you could try browsing other articles on this site. But to summarise, there is no 100% effective way of staying completely safe online, even the more experienced of us are still liable at some points to be duped. All we can do is recommend you follow the advice pointed out in this article to lower your chance of getting scammed on the Internet. Remember all it takes in a criminal mind, Photoshop, your email address and a little computer know-how to create official looking scams that fool millions. The last piece of advice we will give out is if you ever find yourself in any doubt, ask an expert! You can contact us if you have any questions.
Craig
ThatsNonsense.com
