How to sidestep cyber crime
Here's has some tips for diagnosing and dodging common computer nasties.
What is it: A phishing attack is one designed to trick you into thinking you are dealing with a reputable person or organisation - usually through the use of a fake website - and disclosing your details.
A very common phishing scam is an email claiming to be from your bank asking you to click on a link to log in to your account. The link is actually to a fake site that looks identical to your bank's real one, and by entering your login details you are handing cyber criminals access to your bank account. By clicking on the link provided you can also unwittingly download a virus to your PC.
How to spot it:
❏ Most banks and other organisations, including Trade Me, will never send you emails with links asking you to provide personal information - so that's the first warning sign. There are some exceptions, though. Google has begun prompting people to change Gmail passwords if it believes they have been compromised.
❏ A good way to spot a phishing scam is to hover your mouse over the website link. You should see the address of the website the link goes to. If the website address looks different or only vaguely similar - with strange numbers and words thrown in - to the proper address of your bank or organisation, then it's probably a malicious site. Be wary of short URLs or web addresses, these could be hiding the identity of a bad, fake website.
❏ Phishing emails or instant messages are also generally not personalised - addressing you as "Dear Customer" or something similar - and often contain threats - for example, warning your account has been hacked or that you will be shut out if you don't change your password.
❏ Cyber criminals are also not known for their spelling, grammar and punctuation, so if the email or message is riddled with errors, then that could be a sign it's a scam.
What to dodge:
❏ If you suspect it's a phishing attack, do not click on the link, flick it to the trash bin. Don't reply, that will only confirm for the cyber criminal that your email address is valid.
❏ Always type in the website address when going to your legitimate online accounts, don't use shortcut links in emails or websites.
❏ Use security software as this can often alert you if a website is suspicious.
VIRUSES AND SPYWARE
What are they: A virus is self-replicating malicious software with a particular function - such as installing other types of malware such as spyware, or damaging your computer files.
Viruses are designed to spread from one computer to another under their own steam, for example, by attaching themselves to your emails. They can spread through trojan files that look like normal files such as ecards, photos, movies and audio files.
Spyware records your computer activity, such as what websites you visit, so cyber criminals can see what you've been up to. Keylogger software is a really nasty variant - it records your keystrokes in order to steal your logins, passwords and even credit-card details.
You can pick up spyware pretty much anywhere online, but it is commonly contracted through free online games, screen savers, email attachments - which look legitimate but are actually malicious - and infected websites
How to diagnose:
A computer with a virus can display a range of symptoms, including:
❏ Sluggish speeds, freezing often and/or crashing regularly
❏ Applications that don't work properly
❏ Inaccessible disk drives
❏ Repeated error messages
❏ Refusing to open certain websites, including security software sites
❏ Refusing to print properly
In some cases your computer may not show any signs of a spyware infection, but there are a few common symptoms:
❏ The appearance of new toolbars, links or favourites in your web browser not added by you
❏ A sudden change to your home page, mouse pointer or search program
❏ You are redirected to a different website when browsing or searching
❏ Pop-up ads are appearing, even when you're not online
❏ Your computer is slower than usual, is taking longer to boot up, or crashes
How to dodge:
❏ Don't open email attachments if you don't know what they are or who they're from. An attachment might appear to be harmless and cute but harbour something nasty.
❏ Don't download anything online from dodgy or unknown sources. If you're unsure about a website or an organisation, do some research online to find out if they've been flagged as dangerous.
❏ Keep your operating system and other software you use, such as Adobe, updated. Software companies regularly tweak their products to protect you from threats.
❏ Use up-to-date security software with virus detection and removal features. If you can't install the software because you already have a virus, or if your software is unable to remove the virus, you may need to call in the professionals.
❏ Most major and relatively recent operating systems have a firewall, which protects your system from unauthorised access, built in. Make sure this is turned on. If your system doesn't have a firewall you need to install one.
❏ Don't click on pop-up windows you don't trust, and don't be tempted by offers of free games or entertainment as these programs could contain malware.
❏ Read free computer security advice from cyber watchdog netsafe at securitycentral.org.nz
❏ Report computer attacks and scams at theorb.org.nz
❏ Read up on known scams and get advice on avoiding and dealing with them at consumeraffairs.govt.nz/scams
Sources: Tech Republic, Microsoft, PC Whiz, Cnet, Symantec, Netsafe, Consumer Affairs Ministry, Sydney Morning Herald.