Identity thieves ‘phishing’ the Internet

Monday, September 22nd, 2008

Marc Saltzman

Identity theft — a type of fraud in which someone pretends to be someone else for financial gain — can be accomplished in many ways: pickpocketing a credit card, rummaging through letters from a mailbox, or phone scamming that tricks victims into giving out personal information.

Increasingly, identity thieves are going online, sending out “phishing” scams on fake websites that look real or using other high-tech means to retrieve information you type on a public computer’s keyboard.

According to PhoneBusters (, a Canadian anti-fraud agency jointly managed by the RCMP, the Competition Bureau Canada and the Ontario Provincial Police, identity theft is on the rise in this country. In 2007, the organization received 10,279 complaints, of which 9,970 were victims, totalling a loss of $6,438,123. So far this year, by the end of August, PhoneBusters had received 8,233 complaints (7,649 victims), with a valued loss of $6,573,335.

So, what can you do to protect your identity in an increasingly online world? Here are a few tips:

– For websites that require a password, such as your banking institution, company site or social networking home, pick one that’s at least seven characters long and use a combination of letters, numbers and symbols. Don’t use your child’s name, dog’s name or your phone number.

– If you get an e-mail from your bank or credit-card company asking you to act fast to confirm your account information, it’s probably a phishing attempt that will take you to a phoney website. (Look at the URL and you’ll see it’s not your bank.) Do not click on the link in the e-mail, which takes you to the spoof site. If you do, never type in any info being requested. When in doubt, contact your bank directly.

– Peer-to-peer file-sharing programs, such as LimeWire, may be used by thieves to access your private information. So if you use these services, be sure to configure them not to expose personal folders. (Disable the sharing feature in the Options menu.)

– If you’re a Windows user, be aware that Microsoft regularly releases software fixes. Choose “automatic updates” in your operating system’s security settings, so you won’t forget to manually update them. These fixes plug holes that hackers know how to exploit in order to gain access to your files.

– Don’t buy anything online with your credit card unless the website is secured with SSL (Secure Sockets Layer), indicated by an icon of a padlock in your web browser. On a related note, if you shop at such online marketplaces as, use a secure payment method, such as PayPal or a credit card, to protect your purchases in case of a dispute.

– According to Symantec, the makers of the popular Norton anti-virus software, you should never save your log-in information on a website. While it might be convenient when sites and programs have an automatic log-in feature that saves your user name and password, you should disable this option so no one can log in as you. And always click “log out” when you leave the site; it’s not enough to simply close the browser window or type in another address.

– If you set up a wireless network in your home, make sure to use the security features to prevent people from joining. (Note: WPA security is better than WEP.) If a neighbour joins your network, they will not only get free Internet access, but could read your computer’s files. This is more important now that 802.11n Wi-Fi routers are offering twice the range of older 802.11g devices.

– Try to avoid entering confidential information on public computers (for instance, those in a hotel, library, airport lounge or school). These systems may contain “keylogger” software that records everything you type. Symantec also suggests deleting your browsing history after surfing on a public computer (including your cookies, form data, history and temporary Internet files). Finally, when you’ve finished using a public computer, do a hard reboot, which will not only clear the page file if you’ve enabled that option, but will also clear out everything you did from the physical memory (RAM).

– While it might be tempting to sniff for unlocked, i.e., free, Wi-Fi networks at a cafe or hotel, they could be the work of nearby hackers out to access files on your PC. Be sure to ask what the establishment’s wireless network name is to ensure you’re logging on to the correct one.

– Finally, watch out for over-the-shoulder snoops at cafes, schools or on airplanes.

© Canwest News Service 2008

Comments are closed.