02-03-2014 08:16 AM
Content provided courtesy of USAA.
How could clicking on a game in an email hurt anyone? As innocent as it may seem, that link could take over your computer or steal your identity. Malicious software comes in all shapes and sizes. That's why it pays to be on the lookout for potential online threats.
Here are five cyberscams to recognize and avoid:
1. Phony Tech Support Calls
You get a call from Microsoft tech support and the so-called technician tells you the company has "detected problems" with your computer. The tech offers to walk you through some fixes over the phone, but what he actually is doing is installing remote-access software to gain access to your computer. Once installed, he can introduce malware, extort money or wreak havoc on your machine.
Companies don't monitor your computer, and no tech support operation will call to offer unsolicited help. If anyone you don't know calls and asks you to do anything involving your computer, hang up.
2. Social Network Scams
Social networks offer a number of platforms for tech scams. One of the most common involves a friend whose Facebook account has been hacked. The scammer sends a fake plea to your friend's contact list, which includes you, asking for cash. Any money sent goes straight into the scammer's pocket. If you receive a request that screams of foul play, contact your friend using a different channel — like a phone.
Also, never click on unusual URLs sent through a social network. Change your Facebook privacy settings so only friends can see your personal information.
"And never follow anyone on Twitter you don't know or if you aren't certain of the account's legitimacy," says Jack Key, USAA's chief information security officer.
This scam starts with a web pop-up alerting you to a security problem on your machine. It prompts you to download additional software to fix it, but after you do so, you're told the problem is even more severe than first indicated. The software says you need to pay a fee of $40 or more to correct the issue. After using your credit card to pay the fee, the problem "goes away." The catch is, there never was a virus — the original download caused the problem with the intent of getting you to pay to make it go away.
Any pop-up asking for money is malware and not part of a legitimate security program. Run standard anti-malware software to rid your computer of the attack. If that doesn't work, a web search from another computer for the name of the program usually will provide specific tools designed to remove the malware from your machine.
4. Email Scams
One of the most common email-based attacks is phishing. This is when a hacker sends you an email claiming to be from your bank or another business, attempting to trick you into providing your password or other sensitive data.
"Old-fashioned malware is still commonly delivered via email in the form of an attachment," says Key. Malware contained in compressed ZIP file attachments is common — never open them.
"Another popular scam involves an email offering you a job interview out of state," warns Alex Hinchliffe, mobile malware research manager for McAfee. "'You send us a check, and we'll send you a plane ticket.' Of course, no job exists and no ticket arrives. But as job seekers get desperate, some people fall for it."
Never open an attachment you aren't 100% sure is legitimate. Be wary of any email asking you to click a link, call a phone number, or provide private information about yourself or an account you own. Reputable companies never gather information this way.
- Roll your cursor over any URL sent in an email to reveal where it really goes. The text displayed may be different from the actual destination.
- Beware any URL that is excessively long or uses numbers (such as 18.104.22.168) instead of a traditional URL format.
- Never open emails that don't include your actual email address in the "To:" line. Fakes are often addressed en masse to dozens of email addresses.
5. Wireless Interlopers
Wi-Fi hot spots are available just about everywhere — providing scammers with even more opportunities. Crooks operate look-alike hot spots with the sole purpose of eavesdropping on all the data you send through it. When you type in your password, Social Security number or credit card information, scammers can capture them all and be on a fast track to stealing your identity. Before you log on, check with an employee at the location to verify the network name. If you are not 100% sure the hot spot is legitimate, do not sign in.