Monday, May 11, 2009

Internet risk

The new Consumer Reports is out and has several pages on the risks posed by the internet, including what can happen when your resume is posted on one of the job boards (Monster, Dice, Craigslist, etc). Some of the numbers are pretty scary: 13% of the Facebook users have been “abused”, 25% of job board users have been subject to phishing attacks, etc. When I read about this stuff, it seems so scary! My 84 year old Aunt is sure that someone is going to come through her computer and steal her credit cards. It’s also easy to think that we’re powerless to stop it.

Most of the fear is hype. We personally need to be prudent and we need to be skeptical, but we do not need to be especially frightened by this. We live in a capitalist country and world, and one of the first rules of capitalism is “Caveat emptor”…. Let the buyer beware. If it seems to be too good to be true, then it is. Many of the scams floating around the net are just about as old as the net. We have all been offered opportunities by “African Generals” to make lots of money if we just send them quite a bit of money now. I first saw this scam in the early 90’s and while it’s changed from country to country and I recall it as an Asian prince and a South American family, it’s always been the same offer, send X dollars now and it will allow us to withdraw our fortune from some bank and we will pay you 10X dollars back in 6 months. What I have never heard of is someone actually getting 10X dollars, or even X dollars returned. Then of course there are offers to refinance your mortgage and jobs that will pay you 6 figures for 3 hours a day at home and….

The key to all of these is that we need to respond. Don’t respond and you are not at risk. Phishing is a bit more subtle, but has the same defense: Your “bank” asks you to “confirm” your credit card number or social security number or something else, just so they can verify their records. Don’t respond. Companies you have a relationship with (your bank, your credit card company, etc ) already have the information they need. They do not now, never have and never will send you an email asking you to “confirm”.

Years ago, I was IT Director at a company and there was a virus being sent out in a picture of a popular tennis star. One of the Department heads in this company opened it and it took roughly 200 staff hours to un-infect all of the computers that it impacted. This “picture” came to him from an unknown email address, to his business email. If it wasn’t infected, it would have been inappropriate, and clearly unsafe. In fact he knew better. He was very publicly humiliated and he put his company and job at risk because his fingers moved faster than his brain. He wasn’t safe because he didn’t apply “let the buyer beware”. This is a man that would never buy a used car without having it checked out first, he just didn’t think it applied on the internet. It does.

Of course there are still risks, so keep your anti-virus software current, use the firewall(s) that you have. When you set up Facebook, set your privacy settings to only allow established “friends & family” to have full view, same thing with Linkedin. On Monster you can set it up similarly, although I’ve forgotten what they call these settings. Think of all of these services as parts of your house. We are all more than happy to allow others to see the outside of our house, we are very selective about who we invite in.

No comments:

Post a Comment