Article

Fraud

Five Steps to Prevent Online ID Theft

By Jennifer Martinez

Identity theft is essentially an online con game. In this game, a specific breed of cybercriminal -- called "phishers" -- acts as tech-savvy con artists and identity thieves. They use spam, fake web sites and other Internet technologies to trick people into divulging sensitive financial information. Unfortunately, the incidence of phishing fraud is growing exponentially.

In a typical phishing scam, phishers send out mass emails, which appear to come from a legitimate online vendor or financial institution. Emails usually contain an urgent message, baiting you into submitting sensitive data. Often, the messages direct recipients to a fake web site where the phisher attempts to collect information.

Phishers have begun to use more sophisticated devices, such as pop-up windows containing misleading messages, fake URLs that simulate real web addresses and keystroke loggers that capture account names and passwords.

To protect yourself against online identity theft, follow these five basic guidelines:

  1. Don't give out financial information
    Be extremely wary of emails asking for confidential information -- especially of a financial nature. Financial institutions and other responsible companies do not request sensitive information via email. If you receive this kind of request, report it to the company.

  2. Don't provide sensitive information
    Phishers like to employ scare tactics. They may threaten to disable an account or delay services until you update certain information, but don't be fooled. Instead, contact the merchant directly to confirm the request's authenticity.

  3. Don't respond to impersonal emails
    Watch out for generic-looking requests for information. Fraudulent emails are often not personalized. Meanwhile, emails from your bank or Internet Service Provider often reference your business or your account. Again, confirm the authenticity of any suspicious request.

  4. Don't fill out email forms
    Never submit confidential information via forms embedded within email messages.

  5. Don't give out information via insecure sites
    If you need to submit corporate credit card numbers or other confidential information over the Internet, make sure the site is secure. To confirm that you are on a secure web server, check the web address. It should begin with "https://" rather than "http://".

To play it safe, also regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate. If anything is suspicious, contact your bank and credit card companies. Phishers do trick people into divulging sensitive financial information, but you can steer clear of them if you learn to spot a phishing attack.

Jennifer Martinez is a freelance writer specializing in family computer topics.

More Articles >
More Features
Symantec Security Check

Test your computer's exposure to online security threats and learn how to make your computer more secure.

Test
Symantec Tools
Norton Solutions

Protect your family computer from viruses and other threats.

Visit

Loading the Internet Threat Meter by Symantec

Internet Security Threat Report
Vol. XIV

This report offers analysis and discussion of threat activity over a six-month period.

Visit
Security Poll

Which of these is okay to do while driving?

Vote
Symantec Glossary

This week's tech term:

PDA

Definition View entire glossary