A couple of years ago, my personal credit card account number was compromised.
Did this stop me from continuing online transactions? No way.
The media in general have fed the paranoia levels of the online consumer
community regarding online transactions. Yes, credit card numbers are stolen and yes, there are victims who suffer financial loss. But submitting your credit card details online is no different to handing your card to a shop assistant that you don't know or a waiter you have never met before. There is very little stopping merchants we carry out transactions with on a face to face basis from gathering detailed lists of account numbers to be sold off on the black market.
In fact, according to the 2005
Identity Fraud Survey Report, under 12 percent of ID fraud incidents
If you have ever collected a welfare payment, taken out an insurance policy or registered a vehicle - congratulations! You are now part of the World Wide Web, like it or not. You can now emerge from your
privacy fortress as resistance is futile. That's the reality of our modern lives.
Identity theft and credit card fraud is not uncommon, such is the nature of an online world.
How do we as netizens and webmasters protect ourselves and our clients as best as possible? It boils down to a number of simple guidelines.
Passwords - Know that little window that pops up and politely asks you if you want your computer to remember certain user names and passwords? Don't tick it! Most passwords are stored in a special file on a Windows
95/98/ME system and every half-baked pimply would-be hacker knows what it is. If you are not using a firewall, it is pretty easy for these people to snatch your password file and then crack it at their leisure using freely available programs.
Web masters, if you are keeping user information on your web server, ensure it is stored encrypted in the proper directory with the proper permissions. Better still, wherever possible, store minimum client information on your server.
Even better, ensure that all sensitive details that your visitors may submit occur over an SSL connection. A web server is the equivalent of a 7/11 store - open all hours for valid and non-valid customers. There is NO 100% guaranteed safe system.
A personal firewall is now a necessity, not a luxury. The script kiddie problem is increasing. A script kiddie is someone who fancies themselves as a hacker and
utilizes freely available programs to compromise your system via the Internet. Script Kiddies have caused major problems over recent years and have been known to post up credit card numbers for all to see. Why? Bragging rights, a great deal of the time. There are over 60 000 points of entry on your PC. You can read more about the issue and gain an overview of personal firewalls by reading the articles:
Beware of phishing scams
Phishing is a strategy used to fool people into revealing passwords and other sensitive information by posing as a legitimate source. A common example is email sent by a party claiming to be a bank stating that the addressee must take action immediately to prevent problems with their account. The email usually has a link an online form that is branded to like the organization web site. The form will usually ask for sensitive details such as passwords, tax numbers etc.
Phishing scammers are becoming increasingly skilled in mimicking style and language of communications. They use lists of millions of email addresses to send their notes out to, in the hope of snagging even a very small percentage of addressees.
As these scams can be hard to discern from legitimate communications, the rule of thumb is that if the email has a link that leads to an account login page; don't use that link. Go to the site via another means and login, or call the company to verify the authenticity of the email.
Who are you? - Before you click the submit button for that gadget or service that you really gotta have; how much information are you having to give away? A name and email address should be all that's needed in most cases. Even if you aren't having to submit credit card numbers, you are still giving away information that enables people to build profiles on you which then make it easier for identity theft to occur.
It's amazing how much information you can access just knowing somebody's date of birth. If a service provider is asking you for more than your name and email address; I strongly advise checking them out before submitting.
In the clear = danger - When you are asked to submit sensitive details such as credit card numbers, check your browser address bar. Does the address begin with https:? If it doesn't, you will be submitting details "in the clear" - unprotected. The https signifies a secure line of communications using inbuilt browser encryption, these days it is about as secure as you can hope for.
Check your accounts regularly
If you have the ability to bank online; it's probably wise to log in every couple of days to review transactions. The major banks, while quick to sniff out fraudulent activities these days, don't always pick up on fraudulent transactions.
If you do see something that looks suspicious in your transaction history, don't panic, but immediately contact your bank who may freeze your account while they investigate. In the majority of cases, you won't be liable for the invalid transactions. But I will say that having your account compromised is very frustrating as it can take a week or two to reissue cards. And if, like me, you utilize online services frequently you'll find it a time consuming ordeal while contacting your suppliers to tell them of the changes.
More on identity theft
Why steal another persons credit card numbers when you can get your own under an assumed identity? I watched a disturbing report a couple of years ago concerning the head of a security firm; who incidentally refused to have an Internet connection at home, or carry out any personal transactions online. He challenged workers within the organization to see how much information they could collate regarding him; using only the Internet as a tool.
The pile of documentation that was gathered within a couple of weeks was frightening. The file he was presented with was over two inches thick and contained amongst other things a certified copy of his birth certificate. With that type of information, a person could obtain a credit card, a drivers license, etc. etc. and happily build up huge bills under his name. There are many documented cases of identity theft and it has ruined innocent people's lives.
If you should start receiving strange bills for items you didn't order from companies you have never heard of, don't disregard them as billing mistakes. You may be the victim of identity theft. Contact your bank manager and law enforcement authorities immediately; it's better to be safe than sorry.
paid cash taking online surveys - free to join online
In Loving Memory - Mignon Ann Bloch
copyright (c) 1999-2011 Taming the Beast Adelaide - South Australia