computer identity theft

The U.S. alone has 220 million internet users, that’s a 130.9 % increase since the year 2000, more people are connecting to the internet every year to conduct business, shop, pay bills and seek friendship and pleasure. The internet is a broad and vast market place with something for everyone, including identity thieves, who prey upon the unknowing and often careless users who may have little or no concern for computer identity theft.

With the faster and always on internet connections available today, online identity scams abound and speed and convenience, not security, are the main focus of marketing efforts by most ISP (Internet Service Providers) companies.

Internet users often store their information on their computers and these computers do not always have the adequate protection needed to prevent viruses and spyware programs from infecting their systems. Some of the information that these programs are able to gather are your name, address, social security number, credit card numbers and whatever else you keep stored on your local drive. With this information it is very easy for an identity thief to commit credit card theft by visiting the website of any one credit card company to apply for credit with your information. This applies to everyone from working professionals to stay at home moms, to children, the elderly and even the deceased. If their information is stored on a hard disk and that system is unprotected they are at high risk.

There are millions of identity theft cases reported every year and the majority of them occur online. Internet users are constantly compromising the security of their identities and need to embrace the concept of identity theft prevention and computer security while working online.

What is spyware?

Spyware is the type of software that is typically installed on your system without your knowledge with the sole purpose of changing your computer’s safety feature configurations or collecting your identity information. This is one of the preferred methods for identity thieves to gain access to your personal information. Typically spyware is downloaded and installed on your system quietly when you visit websites that automatically send you this software or it can also be installed along with other applications that you get for free, particularly if they’re pirated.

What exactly does spyware do?

One of the many things spyware can do is provide the necessary information for online thieves to commit identity fraud. Spyware will run as a background process and in a very stealth mode so you don’t know what’s going on. The spyware may be in the form of a keylogger, which records any information you type on your keyboard especially when you’re online paying bills or accessing your bank account. It may also be a program that opens up your computer by disabling firewall and antivirus software, making it easier for a hacker to gain access to your computer.

How to recognize spyware

Because spyware has been around for a very long time, the authors of this type of software have a lot of experience particularly with windows systems which is what spyware software targets, so over the years the software has gotten more sophisticated and it is more difficult to identify on your computer system. But some of the symptoms your computer may begin to show are things like:

• Drastic slow down of your computer or high CPU usage by processes that are not associated with any applications installed on your system.
• The home page on your browser is changed to a website you may never have visited before.
• New program icons appear on your start menu, desktop or systray.
• Random errors pop up on your desktop while you’re running normal operations but the errors are bogus or have little or no explanation in the dialect.
• New toolbars appear on your browse window.
• You notice registry keys that contain URLs to sites you don’t recognize.
• Unexpected redirects to other websites when you click on your bookmarks or type a URL in the address window.
• Your program icons open up other programs that you know were not installed by you.

Protecting your computer system from spyware and identity fraud

The only sure way to battle spyware and protect your self from computer identity theft is to make use of reliable anti-spyware software. Anti-virus software does not take care of spyware, so a separate subscription to anti-spyware is necessary for adequate protection. Just like your virus software, spyware protection software must be updated with new signatures constantly for it to be effective.

Spyware is just another tool that puts your identity in danger and it’s basically another aspect you must address if you want to keep your identity from being stolen. Identity scams can easily happen even if you don’t visit suspicious websites or install pirated software. Using the proper tools to protect your computer system from these malicious programs is an important step in identity theft prevention.

Knowing how to create strong passwords is a security measure everyone should learn. A lot of people lack discipline in taking the responsibility to use strong and complex passwords on the accounts they own. It’s a bad habit, it’s laziness and it’s very dangerous to use a simple phrase or consecutive group of numbers that are easy to guess. Identity thieves are very keen to these habits and they know all the tricks for easily guessing and cracking these passwords.

Your identity has more exposure while you’re online, this is where you may sometimes do shopping, pay bills or transfer money on your bank’s online banking system. These are the opportunities that identity thieves take advantage of. Complex passwords are a good obstacle, they’re tougher to crack since there’s more guessing and it takes longer.

Identity thieves use password cracking software to gain access to simple passwords like your birth date, last four of your social, your mother’s maiden name etc. These passwords are easy to guess for someone who knows a thing or two about you. Some of these programs are pretty sophisticated, having compiled millions of password combinations it’s not that hard to get access to an account that’s not properly protected with a strong password.

How to come up with complex passwords

You have to take the time to come up with a unique and strong password and not just set a password with the first thing that comes to mind. The proper way to create strong passwords is to use capital letters, numbers and whenever possible special characters and include as many characters as you can remember. Using combinations of uppercase, lowercase, numbers and special characters will increase the security of your accounts and keep the thieves guessing some place else.

If you’re not used to creating strong passwords because of the habit of simply using your last name or “11111″ or “12345″ for every account you own, the best thing to do is to think of something you like or something that you know not many people are aware of. Let’s take for example the phrase Id Lock Network, you could come up with many combinations of this phrase as a password if you include special characters, numbers and capital letters in the phrase, like this:

!dL0ckNetw0rk – notice here that there are zeros replacing the “o” and the exclamation point replacing the letter I, we also have capital letters in this password. However, there are other even safer variations that we can come up with and even extend the password a few more characters to make it even safer, here are some more examples:

• !dL0CKnetw0rk!
• !dL0ckNetw0rk4ever
• !dL0ckNetw0rk$!
• !dL0ckN@tw0rk$!

You get the idea! Some online interfaces will not allow special characters, so this is when you have to get even more creative and use capital letters and numbers in combinations that still qualify your phrase as a strong password, like so:

• IDL0ckNetw0rk2000
• 1DL0ckNetw0rk1000
• 1DL0cknetw0ks2008

Creating strong passwords should become a matter of habit and it is an important step in protecting your identity from online identity thieves. It gets easier the more you practice it. You don’t need to remember several different passwords, but have at least 3 different combinations of the same passwords with one or two extra characters and numbers and special characters in different orders.

Hopefully by now it is well understood that computer security at home is very important and with the availability of entertainment, banking and other financial services online today, it is in fact more probable that your identity may be in danger of being exposed. Other online destinations such as gaming sites, social sites and such can give online hackers an opportunity to phish and target you for your information. Following best practices for computer security at home and work can keep you out of trouble.

Protect your valuable personal information

For identity thieves, the personal information of others has an unspecified value, which basically presents an opportunity for potential gain at the cost of an unsuspecting victim. In many occasions people do not consider their information important enough to protect. They store sensitive information on their computer systems and forget about the dangers of identity theft.

I order to protect your information properly you want to begin by not volunteering your personal information online. This includes the social sites, games sites and any other entertainment portal where you may be inclined to use your true personal information such as your name and address. It’s a good practice to use anonymity while working online, instead of your real name use a nickname and don’t reveal your home address or specific details about your personal life or finances.

Never answer to solicitations from sources that claim to belong to financial organizations that you do business with. Normally phishing scams come from spammers who aimlessly address their emails to loads of recipients, the majority of whom will not open these emails, but it is those that do that are most likely to fall victim to identity theft via an email phishing scam. Financial and insurance institutions DO NOT ask for this information via email or phone, they already have it. So rather than follow any links on the emails or volunteer personal information over the phone, hang up and call your credit company or bank immediately and ask customer service directly if they tried to contact you.

Stop using file sharing software

A lot of people believe that file sharing is an easy way to get free software, music and movies, but forget about the security risks that these types of programs create for your computer system. File sharing is known for creating security holes and making files on your computer system available for others to pick and choose. A number of file sharing programs have come and gone since Napster, the originator of file sharing was taken out of commission due to copyright and legal issues. They are all based on the same technology which is a peer to peer (P2P) system where a file you download from someone else’s system can then be downloaded from your system by another user.

These programs are dangerous to the integrity of your system and therefore to the security of the personal information you store on your computer. Also consider that the applications you are downloading are often coded with spyware and viruses and this is where you can seriously jeopardize yourself.

Use security software that updates automatically

Whatever type of activity you’re going to do on your computer system it needs to be protected by antivirus, spyware and firewall software for maximum protection. It’s not good enough that the software be installed on your system it needs to be updated regularly. Most security software are updated automatically by default. It’s important that these settings be left alone and not altered otherwise you won’t get the latest updates to the new virus signatures and spyware programs that are affecting internet users on the internet.

Use the latest versions of Internet Browsers

Browser security is another issue that is often overlooked. If you’re still accessing the internet with Internet Explorer 6.0 or older versions, you’re at high risk. Spyware programs and viruses can easily get past the stoppage points that this browser offers. Other versions like IE 7.0 are a little more adequate. However, you should also consider using FireFox, Opera or Google Chrome. These browsers have better built in security features that can help to protect you while you’re online.

FireFox and Opera are highly configurable browsers and don’t have Active-X enabled by default like IE. FireFox in particular has a strong community behind it that contributes constantly to configuration and security features. Chrome is rather new, but offers a pretty stable interface for browsing the internet.

For more information on browser security and how to secure your browser, we recommend you read “Securing Your Web Browser” from Cert.org, this is a complete guide on browser safety and internet surfing.

Computer identity theft is an ongoing threat but it isn’t as well known as other types of identity theft such as credit fraud, which is the most common. But computer fraud is one of the major causes of identity theft and online thieves have gotten more sophisticated in their methods reaching unprotected systems. Since the birth of computer networks and the internet, there have always been possibilities for exploiting the inherent lack of security of most computer systems particularly because most people run some version of the Microsoft operating system.

The truth about computer identity theft is that it is a real threat and in most cases it is difficult and costly for a lot of people to grasp and consistently implement security measures to protect their integrity and their information. Most people are not patient enough to learn what it takes to properly prevent this type of identity fraud and this is perhaps one of the biggest reasons why online identity thieves are so successful. There are increasing numbers of internet users who do not have the proper security software installed on their systems and this only creates opportunities for fraud.

Some of the activities that invite internet identity theft are:

Email Scams (phishing) – Most free online Web mail providers like yahoo, hotmail and gmail offer spam filters that can keep your inbox somewhat clear of spam mail, however they’re not 100% successful at keeping all spam mail out. Today spammers, who are in fact amateur sellers and in many cases identity thieves, have gotten better at getting past the spam filters and continue to make attempts to collect sensitive information from victims by posing as legitimate representatives from financial institutions and their success rate is not as low as most would imagine.

Internet auctions – One of the best ways to find bargains online today is through online auctions, close to 50% of online crimes reported today originate on online auction sites. The most important thing to consider when dealing with online market places is how you provide or receive payment for an item you’re bidding on or getting payment for. Sites like eBay offer a secure payment method known as paypal, which offers a level of security for both buyers and sellers that’s not provided by any other method of payment. Typically when a buyer or seller insists on getting payment in the form of personal checks or cashiers checks you’re better off buying somewhere else.

Online shopping – this is an easy and often fun way of getting things you need, but it can also be risky depending on where you end up doing your shopping. You can become a victim of Internet identity theft if you render your financial information to the wrong website. Well known sites can sometimes be spoofed and this is not uncommon but the biggest risk is doing your shopping at less than well known or reputable websites. No matter what you need to buy online it is best to stick to the bigger and more secure market places where can have a little more security.

P2P Security risks – Peer 2 Peer file sharing became a popular way of trading information online particularly music, video and software. Most of these P2P client applications that are freely distributed in fact provide an illegal medium for trading proprietary information, but the biggest danger to the user is the exposure to viruses, spyware and other intrusions into their computer system. Security considerations, particularly computer identity theft are never a concern in the design of these P2P networks and in turn they leave lots of open doors that can allow others to copy and steal files on your system you do not mean to share.

Social networking sites – Social networks are huge on the internet, the web 2.0 revolution is in full effect. Social networks allow you to enlarge your circle of contacts and friends online and provide new generation technology and methods of sharing information and networking. These networks however useful, can also increase your exposed in a negative way, to people with intentions other than friendship. Social media sites can be used to farm user information and users may not always realize that they’re in danger, so as a general rule it is always recommended to use aliases for IDs and to never give any specific details about one’s self to these online groups.

Wireless access points – this is another entry point and a common cause of computer fraud, when this is not done correctly, wireless technology can be dangerous. The key to security when it comes to wireless networking is to use WPA encryption and to secure laptops and PCs with antivirus and anti-spyware software that updates automatically. These steps are often overlooked while the users are mostly preoccupied with the convenience of mobility and freedom that wireless networks can provide. Because wireless networks work by broadcasting signals it is very easy to pick up other peoples networks and hack into them if the encryption is not configured properly and no security access keys are in place.

Computer disposal – If you like many others like to recycle or donate things you no longer need and your computer is rather old and you’re planning on donating it, it’s important that you take the time to properly wipe the hard drive on it before you present it to its new owner. If you feel you don’t really have anything of value on it, you may have internet cache collected on your browser’s history, and even if you’ve deleted all important files, they could be recovered with the right tools. So a complete and total wipe of the hard drive is necessary or you could be giving away more than you planned on.