How to Avoid Being Scammed

Steve Weisman

It’s difficult to totally avoid being scammed or becoming a victim of identity theft. But there are some things that you can do to lessen your chances of becoming a victim. Some of these things are simple, while some require a little bit of work on your part. Many people are lazy and don’t want to take these steps to protect their own security. These are the people that the scammers are counting on, because they’re the easiest victims.

Do you really want to receive those unsolicited offers of credit cards and insurance that not only clutter your mailbox, but also provide ample opportunities for identity thieves to open credit in your name by either stealing your mail or stealing your trash if you merely throw out the solicitations without shredding them? And while we’re on the subject, mere tearing of the solicitation or even straight shredding is not enough to protect you. Identity thieves often hire methamphetamine addicts with a predisposition to meticulous boring work to piece together your trash to provide a usable credit card offer.

You can avoid the entire problem by merely contacting the major credit reporting bureaus to have your name taken off the lists used to generate those offers. You can either call 888-567-8688 or go online at www.optoutprescreen.com to be removed from what the three credit reporting agencies—Experian, Equifax, and TransUnion—refer to as their prescreened offer lists. Your security will improve. If you’ve been procrastinating taking yourself off the prescreened offer lists, a good time to act is when you apply for a mortgage. Once you apply for a mortgage, your name will be put on a “trigger list” maintained by the credit reporting bureaus that they sell to other mortgage lenders, and you’ll soon be flooded with communications from other lenders. Of course, particularly after reading this book, you may be nervous about having your name removed from the prescreened offer lists, because when you call or go online to do so, you’ll be asked for identifying information including your Social Security number. But the good news is that it’s safe (or at least as safe as you can be) to give this information for the purpose of removing your name from these lists.

Keeping Your Computer Secure

It seems that everyone does Windows, at least when it comes to a computer operating system. A key to avoiding fraud online is to keep your Windows software up-to-date with all the latest security updates. You’ll be notified when new updates to your Windows operating system become available. Don’t put off installing Windows security updates. In addition to the updates of your Windows software, you should have a firewall and antivirus and antispyware software installed on your computer. Firewalls prevent outside computers from gaining access to your computer, although they’re far from foolproof. However, like the lawyer joke about what do you call a hundred lawyers at the bottom of the sea: “It is a good start.” There are many firewalls you can choose from. You can find out about free firewalls at www.free-firewall.org. Protect your computer with antivirus software such as Norton AntiVirus or McAfee VirusScan. Keep your subscription to whatever software you choose up-to-date. Your antivirus software is worthless unless it’s constantly updated to prevent the latest attacks. Getting automatic updates is a good choice. Install antispyware software such as Lavasoft’s Ad-Aware, which can be found at www.adawareresource.com, or Spybot Search and Destroy 1.4, which can be found at www.safer-networking.org. Both of these are free, but once again be aware of proper spelling. There are phony versions of these programs that are spelled just slightly differently that are actually the very spyware that you’re trying to avoid. Installing one of the phony software programs would only infect your computer rather than protect it. It sure is dangerous out there in cyberspace.

Some other choices include Zone Labs’ Zone Alarm Internet Security Suite, which combines antivirus, antispyware, and antispam protection.

Some good antispyware that is not free, but reasonably priced and worth the money, include F-Secure’s Anti-Spyware and Lavasoft’s Ad-Aware SW Plus 1.06.

TIP Scammers gain access to your computer to implant keystroke logging programs and other malware. Downloading “free” computer games, screensavers, or music is a quick way to compromise your computer, affect your security, and increase your susceptibility to identity theft. Even downloading what you may think are free software programs to protect your computer from hackers may jeopardize you because you may be downloading the very malware you’re trying to avoid. Always be sure of the source of anything that you download online.

Zombies

Anyone who ever saw the Night of the Living Dead movies, particularly the first one, knows that zombies are pretty scary creatures. But as scary as they are, chances are pretty good that you’ll not be attacked by one of those kinds of zombies. However, the chances of your being attacked over the Internet and having your computer turned into a zombie computer is a very real threat to anyone who goes online.

Scammers who want to avoid detection send out viruses to the computers of unwary victims that turn their computers into zombies. Through your computer and those of other victims, a network is formed known as a botnet. The scammer then can use your computer to send out malware that may take the form of spam, Trojan horse keystroke logging programs, or even major denial-of-service attacks. Denial-of-service attacks occur when your computer and other zombies in the botnet flood a target Web site with data requests that it can’t handle. The targeted Web site is effectively shut down as a result of such an attack. Threats of denial-of-service attacks have been used to extort money from major online businesses. At one time, it took some significant computer skills to create a zombie virus botnet, but now the technology has been dumbed down and sells for as little as $20 to criminals looking for a new opportunity to scam the public. Sometimes it’s difficult to know that your computer has been turned into a zombie. Some possible clues may be difficulty sending emails or using the Internet or blood seeping out of the keyboard. Okay, I was just kidding about the blood and the keyboard. You may even notice emails that are returned to you as being undelivered that you didn’t send. If you have any concern that your computer is a zombie, have your computer scanned thoroughly by an expert to learn if it has been turned into part of a botnet and to remove the infection.

Security patches—The proverbial ounce of prevention is worth a pound of cure has never been more accurate than in dealing with an infected computer that has been turned into a zombie. It is much easier to prevent the problem than to clean up the mess after the fact. Prowling cyberspace are worms looking for computers that have security flaws and holes to exploit. Windows software is the most commonly used computer operating system. Like all systems, it has flaws. Microsoft does a good job of constantly updating its system with security patches, and it notifies people to install these security patches. Far too many people don’t. Don’t be one of those people. Update your software with security patches as soon as you’re notified.

Unsolicited emails and downloads—Most malware, spyware, and zombie viruses attack your computer through unsolicited emails. Don’t open any email if you’re at all uncomfortable with it. And never download attachments from someone whom you’re not totally confident is legitimate. It’s in these attachments that many of these viruses come in. Also, many viruses and other malware come from sharing files with people you’re not familiar with. Sharing music or games is a risky business even with people you know, because you don’t know where their computer has been. They may be passing on not just their music but also an infection.

Change your browser—You may even want to indulge in a little overkill protection by considering using a browser other than Internet Explorer, which is, at the moment, the browser of choice of scammers sending zombie viruses. Alternative browsers such as Firefox are a good choice.

Wi-Fi

Free Wi-Fi hot spots are computer networks made available as a free accommodation by restaurants, coffee shops, malls, and airports; however, rarely are they very secure.

And even if a legitimate Wi-Fi hot spot were secure, you would still run the danger of using a Wi-Fi hot spot that is operated by an identity thief through a peer-to-peer network set up by a nearby computer hacker who is plugged into the Internet. This hacker’s network permits you to connect to the Internet through his connection rather than independently connecting to the Internet on your own. Because you’re connected to the hacker’s laptop, he sees everything you do online and may even be able to access your files through file sharing. He also is now able to install a Trojan horse keystroke logging program on your computer without your being aware of it. So what can you do to protect yourself? To avoid the hacker and phony Wi-Fi connection, you should disconnect your computer’s ad hoc mode, which enables your computer to connect without wires to another computer, before you use Wi-Fi. You should also turn off your file-sharing capabilities before using a Wi-Fi hot spot.

If you use the new Microsoft Vista operating system, you should turn off the Network Discovery feature that alerts other network users of your availability for connection. You should also use software that encrypts your email so that anyone who is able to intercept it will be unable to read it.

It’s a good policy not to keep any sensitive private data on the hard drive of your laptop. Judging by the many stories of laptops full of unencrypted, sensitive information being stolen, this policy is not being followed enough by many people in business and government. Use a USB flash drive to hold the programs you need and your personal data in an encrypted form. When you boot up at a Wi-Fi hotspot, use the USB drive so that even if someone were able to get through your firewall and other security programs, he would be unable to obtain any useable information from your laptop computer.

Due Diligence

Before investing in anything, you should always do your homework.

To assist in evaluating the broker or salesman looking to sell you an investment, go to the BrokerCheck service of the National Association of Securities Dealers (NASD), a private regulatory organization at www.nasd.com/index.htm, or call them at 800-289-9999 to confirm that the salesperson is licensed to sell investments. You can also check at that Web site to learn whether there are any complaints against the broker as well as any disciplinary proceedings or criminal convictions. In addition, you can check on whether the investment itself is registered. Follow this up with a look into these same issues with your own state securities regulators and the Securities and Exchange Commission (SEC).

For business opportunities, contact the Better Business Bureau to see if there are any relevant complaints by going to its Web site at www.bbb.org. Also check with the Federal Trade Commission at www.ftc.gov and the consumer protection division of your state’s Attorney General.

Finally, when in doubt—and you should always have a little doubt—do what you always do when you need some information. Google it. Check out the investment and particularly the person pitching it to you on Google and other search engines. Don’t forget to try a search with the salesman’s name and the word scam. It might save you some money.

Some Final Words

Knowledge is the key to making ourselves safe from scams—knowledge of ourselves and our own weaknesses as well as knowledge of the dangers that lurk in so many places.

Some people are overwhelmed by a fear of being scammed, but this kind of paralyzing fear serves no useful purpose. It’s better to heed the words of James Thurber, who said, “Let us not look back in anger or forward in fear, but around in awareness.” Be aware, and you’ll be all right.