The Refresh Orlando Heirs

The biggest security threat to your company is you and your staff - not the internet.

The internet is merely a communications channel for data - it’s how you manage that channel and that data that is important.

With computing, shared networking, and internet connections, it means that information can flow more easily between PCs.

But that also brings with it added security risks - it’s easier for people to find your logins and try and force them, and opportunists will try and steal your passwords where they can.

Ultimately, it’s not up to the internet or existing software to reactively protect you against every instance of a security threat - you need to take proactive action in the first place to minimise those threats.

This really needs underlining, because even the most sophisticated security equipment will not protect you as required if it is poorly used.

Ultimately, protecting your business can be as easy as using common sense and following very basic steps.

Here are a few basic tips on how to protect against these user access threats:

1. Don’t use the passwords manager on Internet Explorer to save passwords. If your PC is infected with a trojan or virus, this is often one of the first places they check.
2. If you save your passwords to a file - a text or Word document - don’t name it something obvious like “passwords”. If an unauthorised user got into your PC, you want to make it hard for them to locate your passwords.
3. Again, if you save passwords in a file, don’t use the word “password” in such a file either. Otherwise an unauthorised user could simply use your computer’s “search” facility for that word, and go straight to them. Simply use the initials “U” and “P” for “username” and “password” - that will be much harder to search out.
4. Only provide password information to people who need to use them - and if someone needs to use a password protected feature temporarily, then change the password afterwards. After all, you cannot be certain how well third-parties will protect your important security details.
5. Have different levels of passwords for different operations. For example, have a different password for accessing your e-mail, and a different password for accessing your website. That way, if someone somehow finds out one of your passwords, they cannot access all of your business operations.
6. Create really secure passwords by mixing up letters, numbers, and using upper and lower case, and even punctuation marks. Make passwords memorable by basing them on acronyms - ie, this is an article called “Online Security for Business: User access threats” and is written in 2006 - so an acronym from that could be: OS4Buat2006. That’s a strong password, and it’s much easier to remember as an acronym.
7. Don’t install desktop search applications, even by reputable vendors such as Google or Yahoo!, as they will not only help you find information quickly, but will also be invaluable to a hacker looking for sensitive information on your computer system. Instead, keep your files organised on your PC so you don’t need to resort to a desktop search tool in the first place.
8. Ensure you install anti-virus, a firewall, anti-spyware and anti-adware - and keep them up to date. This will make it far harder for anyone to access your machine without authorisation, The best of these software types will also keep checking the internet for updates.
9. You should ensure you make regular hard-copy back-ups of your computer data. And store them safely and securely, in a restricted place - such as a safe. You can make these backups to computer tape, DVD or CD media, or even just save everything to a USB stick at the end of the day.
10. Ensure you have off-site back-ups of all physical and electronic data essential to your business. In the event of catastrophic damage to your premises, you can at least restore basic business operations.

Conclusion

You are never going to be clear of security risks - but you can certainly minimise them. Keeping a security-conscious office is neither expense nor time-consuming. Considering the costs of losing essential data and equipment, can it really be that hard?

Brian Turner runs Security Watch, a site that keeps up to date with exploits and security discussions. He also runs the online security resources Trojan Library and Worm Library.

Becoming a victim of Internet fraud unfortunately is increasing in 2005 consumers spent more $65.1 billion. Everyday more and more people enjoy purchasing items online. The Internet National Fraud Centre Watch reported that the average loss to fraud victims for just the first six months of 2005 was $2,579.

This is compared to the $895 average for all of 2004. Complaints relating to general merchandise purchases (goods never received or misrepresented) accounted for 30% of Internet fraud complaints, and auction purchases (goods never received or misrepresented) topped the list at 44%.

There are many thousands of e-commerce websites which are reputable and have the necessary safety precautions in place, but it never hurts to always be on the look out, if you have decided to make an online purchase, just think about considering these easy steps:

1. Try and use only one credit card which has a very low credit limit attached to it, try not to use an ATM or debit card unless really necessary.
2. Be on your guard for unsolicited offers. The Internet National Fraud Information Centre Watch reported that email, as a method of contact by Internet fraudsters was up 22% in 2004. While the offer may be legitimate, fraudsters like to use this tactic to get round creditable sites that provide consumer protection for online purchases.

3. Use only legitimate e-commerce websites that give you there full address and even telephone number.
4. Check out the sites privacy policy. Some websites may reserve the right to sell/give your information to a third party. Check the document to see if you can “opt-out” of receiving special offers from third-party vendors or for permission to share any of your personal information.
5. Always make sure the website has a lock sign in the bottom right of your browser, don’t give personal information out if the website does not start with https this is always a good sign to show that they are using a secure server
6. There are many third party sites like the Better Business Bureau or Verisign that help protect you when making a purchase, make sure the site is using these or something similar.
7. Always make sure the delivery times stated are reasonable around 7-10 days is a good average to work from.
8. Print out all necessary paperwork of the transaction you make and keep it somewhere safe.
9. Remember the old adage that if something sounds to good to be true, then it probably is, there are many get rich quick schemes out there that are just plain scams and full of false advertising
10. If your item never turns up and you get nowhere when trying to contact them by e-mail or phone contact your state’s Department of Consumer Affairs for further help in the matter.

http://adaware.hampsonbiz.com

This article is shareware. Give this article away for free on your site, or include it as part of any paid package as long as the entire article is left intact including a live link. Copyright © 2006 Mitchell Hampson

History and Background

The virus was one of the first ever threats to computer security. It brought a whole new fear upon computer users. Bugs and glitches could cause damage unintentionally, but a virus created havoc intentionally, and therefore often caused much more damage then just glitches in software. Technically a virus must be in a host file and spread manually by people, versus a worm which spreads by an automated process and doesn’t require a host file, but we will include worms as part of the term virus. Therefore, the threat of viruses quickly multiplied expotentially. One computer infected by a virus is manageable, but a virus spreading uncontrollably and automatically can cause damage to sometimes entire populations. And with the introduction of the Internet, billions of computers worldwide could be accessed with a click of a button. These abilities are what made the virus probably the greatest security to personal computers in the 21st Century.

What kind of damage will it inflict?

Since up to 100 new viruses are discovered every minute by anti-virus industries worldwide, the damage they inflict varies considerably. Some will display an annoying popup. Some will swap your mouse buttons. Some will uninstall Internet Explorer. Some will delete all your personal files. And some, though rare, will slow down your computer fan to the point that your computer processor starts smoking. All have 1 thing in common - they reduce your productivity in some way and they inhibit you from comfortably using your PC. Therefore you must take several precautions to insure you do not to become infected with viruses. With just a few simple security measures, the chances of getting infected with a virus can be cut down by over 90%.

Security Measures

The most important step - Be careful of everything you do on the Internet! It is extremely rare for a computer to get infected by a virus if you only download and browse trustworthy sites and emails. If an email has an attachment and looks suspicious it is very likey to be a virus. If a site is providing illegal or inappropiate content, it should be considered a risk. These are basic rules of safe browsing of the Internet and unfortunately, most people only learn these rules after a disaster. Don’t learn from experience! Don’t let it happen in the first place.
Keep your system up-to-date. Nearly every major virus threat to operating systems are patched soon after discovery. Visit your operating system update website often, which is www.windowsupdate.com for Windows users.
Get a reliable antivirus solution. The most common is Norton Antivirus, but I personally do not like its unreliability and incompatibility with many PCs. On the otherhand, it is probably the most user friendly antivirus solution on the market, and is probably best for PC beginners.
If you’re looking for a free yet extremely reliable and easy-to-use antivirus solution, Avast may be your answer. I am currently running Avast and am very happy with it. I previously tried Norton Antivirus, Norton Client Security, NOD32 Antivirus and McAfee Antivirus, but each had their own individual problems and so I had to constantly change antivirus software until I finally reached Avast.

Some people go overboard and install many other security measures but I don’t recommend this. These measures only hog resources, confuse users and cause conflicts with other software. Some of this software includes firewalls, memory explorers and file protection.
References

www.wikipedia.org

us.mafee.com

www.netmom.com

www.pcworld.com

Links

Avast Antivirus - www.avast.com

Soroush King is a certified programmer, adept in VB, C++, Delphi, as well as web developer and scripter, having considerable knowledge of both PHP and Perl. He also owns and manages several professional websites.

This article was originally published at http://www.articlesandtools.com/adware.php For more information on computer security visit http://www.articlesandtools.com.

If you would like to use this article anywhere else, please just notify me by sending an email to kingofkings@gmail.com (you don’t have to wait for a response, as this is just a notification, not permission). Please refer on the page that the author of the article was I, Soroush King, and also please note that the article was originally published at http://www.articlesandtools.com/adware.php by providing a link.

Don’t be a victim of Cybercrime

When you access the Internet through the world wide web it is extremely important that you safe guard your personal information.

There are literally thousands of people around the world that make a living exploiting the security loop holes by accessing your personal identity, passwords and bank accounts.

There are many more daily who are the victims of these crimes. You have a responsibility as a user of the Internet to take certain precautions to protect yourself from online crime.

Internet users who access bank accounts, e-currency accounts or any source of personal information online, should be aware of the following methods used by criminals to convince you to reveal your confidential information.

Here are some simple steps to help keep your information secure

1. Avoid being a victim of fradulent email requests for personal information

This method is called “Phishing” and is a popular way for criminals who are acting as legitimate businesses to steal your personal information. This is usually accomplished by sending you an email with a hyperlink to a fraudulent website made to look like the real one. Once you have entered your information the perpetrator will have access to your account, many times unknown to you.

One way to avoid falling victim to this sort of scam is to never provide any personal details in response to an email. Legitimate businesses will never ask you for your password by email. Be aware of suspicious emails from unknown individuals. Delete before opening anything that you think might be harmful.

2. Make sure you visit your bank, e-currency or financial website via your Internet browser with the correct website address.

3. You should take care to never follow any suspicious hyperlink, url, or open an unknown senders attachment.

If you inadvertently reply to a “Phishing” email or respond to what you think could be a fraudulent website, contact your associated financial institution immediately for advice. Do not delay in seeking help. Check your account for any unusual activity.

Ways to protect your computer

1. It is important to use only a trusted and secure computer to access your Internet banking account.

2. Using publicly shared computers, such as those at Internet cafes, is strongly discouraged.

3. It is recommended that you keep your computer up to date with current anti-virus protection, firewall and the latest patches.

4. Remember that after you install virus protection it is necessary to update the software so the protection remains current.

5. Avoid using the “remember my user name and password” feature when accessing sensitive financial information.

6. Make sure not to store your passwords and account information on your computer.

7. Use a different password for your bank than you would for your email address.

8. Do not use easy to guess passwords, or passwords that closely relate to you. Your birthdate, name or favorite pet make poor passwords.

9. Create passwords that have both numbers and letters.

10. If you use a wireless network it is important that you never leave your computer unattended.

11. Take extra precautions around wireless fidelity (Wi-Fi) hotspots that provide free Internet connections. Coffee shops, Internet cafes, airports and libraries can pose significant security threats. Avoid conducting sensitive business in a Wi-Fi hotspot.

Sniffing and Evil Twinning are two methods devious criminals are using to steal confidential data. Sniffing is the act of using a program to search for certain information like passwords and credit card numbers over a Wi-Fi network. Evil twinning mirrors the setting of a Wi-Fi hotspot. When the unsuspecting person uses the evil twinning hotspot the hijacker uses sniffer technology to access anything the victim might be sending.

12. When accessing bank accounts online, confirm that your data is encrypted between the bank and your computer by looking for the padlock symbol on the bottom right hand corner of the browser window.

13. Close your Internet browser after logging out at the end of each online banking session.

14. Beware of any windows that ‘pop-up’ during an online banking session.

Most financial institutions have detailed information on their websites on how their customers can protect themselves from Online fraud attempts. Visit their website or contact them via email or telephone for information on how you can protect yourself from online criminals.

Copyright (c) 2005 by M.Sherborne. All rights reserved. The author authorizes you to post the above article on your Web Site or E-zine solely for personal and non-commercial use.

Matt Sherborne is the creator of “Get Rich Trading E-Currency.” For more information please visit his website at:
http://www.dxingold.com

As a regular author on a leading SEO specialty blog, I have the unique opportunity of corresponding with some of the greatest search engine optimization minds on the planet. Many of them provide outstanding tips. Recently I came across ten that could make or break your ranking. I’ve been given permission to share them in this article, so here we go…

Buyer Beware! Choose your web hosting company carefully. Be aware of the following:

1. Avoid free hosting, since search engines don’t like it.

2. Make sure the IP address of your future server is static, meaning that it doesn’t change over time. Some top engines don’t like changing IP’s due to numerous technical problems that often result.

3. Don’t host with companies that host banned websites, such as spammers or pornography. Search engines might penalize, or ban you for being associated with such sites.

4. If you are seriously considering getting good search engine rankings, you need to have a private static IP address.

Linker Beware! Watch for the following scams and pitfalls when reciprocal linking (a.k.a. doing a link exchange):

5. A site might link back to you, but then get rid of the link, or move it to a different part on their site, that isn’t ranked as highly.

6. A Webmaster might place a “rel=nofollow” attribute in his ling to you, which makes a spider ignore the link when crawling the page.

7. Your link might be placed on a link page that exists on the site’s server, but doesn’t have a link from the actual site to it. That way a spider is highly unlikely to reach it. And if it does, due to manual submitting for example, it will not give it a high rank, no matter how popular the main page is.

8. Some webmasters will point the link to a script on their page that will redirect to your site. Since spiders don’t read scripts, this link is useless SEO-wise.

9. When purchasing links, some sites will place the link on every page of their site. Google has recently begun ignoring such schemes.

Think Before You Link…Most current search engines analyze your inbound links before considering them. Many will give links that contain a string after “?” only a fraction of their normal importance, since these are often used in commercial affiliate linking. URLs with longer strings may even be ignored entirely.

Search engines work hard to ensure people cannot buy link popularity through offering affiliate promotions, or purchase advertising on other sites.

10. If your website is dynamic, it might make sense to create a separate page for each logical section of your site, rather than using URL string identifiers.

These tips came from some of the best SEO pros I have ever dealt with. For any of them who may be reading this I offer my sincere thanks for sharing this incredible information.

Mike Small is a former Harvard University computer specialist
and regular contributing author at http://www.seopartner.com
- a specialty blog offering free SEO tips and unbiased SEO software reviews to
the public.

Why have monitored alarm systems?
The point of having a monitored security system is that if a break-in occurs, the right authorities can be notified and dispatched. Your business or home is protected 24 hours a day, 7 days a week. This gives peace of mind knowing that your home or business is protected. You also have the use of the three panic buttons (police, fire & medical). And further, having a monitored alarm system can save you up to 20% off your home insurance.

Is the security system easy to use?
A security system is very easy to use; the installer will provide basic training on the system after installation. Usually a security system comes with a complete manual that will provide further information about the security system. Some companies offer a 14-day orientation program. And if you attend the orientation program, there will be no dispatch until the 14-day period is over. Also the customer care department from you installer will be more than happy to answer any questions you may have.

Is the system hard-wired or wireless?
You can get both hardwired and wireless equipment. It all depends on the location you are on. In a residential setting where the basement is finished and where there is no access to the ceiling, then it is possible to install a wireless system. If there is access to the basement ceiling then you need to install the hardwired system. Every home is different, and security consultants are trained to be able to present you the most suitable system and design for your location and your needs.

Can I use my system only when no one is home?
A security system can be designed in many ways to suit your way of life. You can pick from various levels of protection. For instance when you are not home you can have all the motion sensors and contacts activated. And if you are at home you can choose which zones are activated. Some peripherals such as smoke detectors must always be active, whether the system is armed or disarmed. Your security consultant can usually help you design a system that would best fit your needs and everyday life.

What happens if the burglar cuts my phone line?
Generally monitored alarm systems use the phone line to send a signal to the monitoring station. If the line is cut no one knows there is a break-in. The siren will still be audible though. If you want to have equipment that can handle the case where your phone line is cut, that is possible. Your security consultant can advise you the best course of action.

Huge amount of information about Home Protection on this website. See for your self.

Operational Issues Confronting e-Business Today:
Business through the internet has expanded by leaps and bounds and continues to do so. With opening up of the world economies e-business has become truly global for buyers and sellers alike. Also keeping pace are the associated problems that are both technical and non-technical in nature. The prime concern for any e-business is secure and efficient handling of run away transaction volumes at acceptable response levels. Congested networks are causing delays, even outages. Slow downloading time is one of the main reasons potential on-line customers switch web sites. Long waiting times can prove disastrous. The web site load pattern varies from hour to hour. For example, lunch time and after hours load on an on-line super-store will be more than it is during working hours, as that is when people like to do their purchases. Unacceptable response times could result in on-line customers abandoning the cart midway and switching to competition. The varying internet networks’ bandwidths and load patterns mean response times could vary widely from place to place even for the same traffic volumes. The web sites would like to know in real time where the bottlenecks are on a regular basis. Constant monitoring is therefore a must to enable web sites identify problems and initiate remedial steps without loss of time or on-line customers. There are other problems as well. These relate to web site’s accessibility, availability, security, data integrity and dangers from the hackers. Invariably, even the best managed web sites do not know what the exact problem is and where! Until informed by a frustrated customer. Clearly, web site owners would prefer to concentrate on challenges posed by their business rather than spending time on these extraneous issues. For every web site in e-business, therefore, there is an urgent need for constant 24×7 monitoring that keeps constant vigil and reports response time delays and any availability or accessibility problem; also regularly monitoring consistency of content and protected areas for any violation.

The Dotcom-Monitor.com Solution:
The Dotcom-Monitor.com is a secure advanced 24×7 web site monitoring service that provides comprehensive web site monitoring and helps address the issues and concerns raised above. Dotcom-Monitor service keeps the web site performance informed about it’s availability, accessibility, security and content and highlights any deviations from the supplied norms. The website monitoring management studies these exceptions and takes appropriate remedial steps. That means that the applications keep running within acceptable web server monitoring parameters and therefore are more profitable. Other available services in the Dotcom-Monitor portfolio include checking of password protected sites, online form work check, verification of web site’s Digital SSL Certificate validity, providing client-side help (called Cookie support); providing detailed performance metrics; performing web load stress test by simulating upto1000 concurrent users; business transaction support; can suggests bottlenecks within applications; customer’s network monitoring and related services etc. Dotcom-Monitor can also help a new e-business prospect assess impact of varying levels of simulated load; tune up their infrastructure before the web site launch. This results in arriving at an optimum start-up solution and costly mistakes are avoided.

How Dotcom-Monitor Service Works:
It is important to know other components that makeup any website operational environment besides the site, the client and the browser that Dotcom-Monitor service interacts with. These include File Transfer Service (FTP); The Domain Name Service (DNS) that provides IP address for the site name; Telnet (Port availability); Trace Root Servers, Ping (Routers/Firewall), POP3 (email) Server etc.
Dotcom-Monitor has remote agents strategically positioned around the world each acting as an internet browser. After a customer creates an account with Dotcom he supplies URLs of his web sites to be monitored, the process starts immediately. Dotcom global agents start checking the web site(s) to ensure the web site is accessible, has proper content, and is maintaining acceptable levels of web server performance as per norms supplied. If any of these fall outside the specified parameters, the notification process starts. To take just two examples, web server performance monitoring checks the time it takes for the web server to respond to the monitor agent’s request against acceptable response time (say 5 seconds). If page takes more time to load on the agent’s browser web site is notified as a possible performance issue. For content check, customer provides a specific keyword or a phrase that network monitoring uses to ensure that the page was not altered and has proper content. This check is crucial for data base driven web sites. In case keyword is not found on the page the monitor notifies and also stores snapshot of the page for customer’s review. Similarly, sites are checked for consistency of content and for accessibility (and availability) through its world wide agents and notifies if any problem is detected. Dotcom-Monitor, therefore, provides a much needed non-stop monitoring service for smoother running of e-businesses.

About Dotcom-Monitor Company:
Dotcom-Monitor is the leader and innovator in advanced website monitoring services that ensures reputation and up-time of the e-business. Since its inception in 1998, Dotcom-Monitor has significantly helped over 2000 companies get more out of their resources; earn more customer loyalty and goodwill; earn more profits through maximizing web site up-time. Dotcom service watches e-business from outside using its global multi-pronged approach by simulating the end user actions. Dot-com ensures that the web site is open for business for 24 hours a day for its global customers. Dotcom-Monitor continues to grow its client base through its superior support services while steadily providing more network monitoring features while maintaining competitive pricing. Dotcom-Monitor was one of the first monitoring services to develop 1-minute monitoring, and the first to develop recorders that automate and simplify complex monitoring tasks.

Conclusion:
It is clear that the increasing customer preference for doing business on-line, and the rapidly expanding global e-commerce not only mean greater opportunities for e-businesses worldwide; but also, that, unless a constant global monitoring service is integral to the overall business e-business strategy, the web sites can never realize their true worth. Dotcom-Monitor.com provides just the right solution to help web sites realize their full potential.

Get more information on website Monitoring, web server performance monitoring, and network monitoring.

Securities:

There are several areas of security that are in extreme need of attention. Any company that obtains and retains personal information is liable for that information. This being said, there are certain protocols to follow to ensure that the information provided is kept safe.

Personal Information Collection.

Let’s look at an E-commerce Store environment. Whether you are a multi-million dollar operation, or simply a small specialty E-commerce store, you are responsible for the information that is collected from your various shoppers. Anytime information is collected, security becomes a significant factor.

The Internet is not a safe place. Data is sent back and forth through various servers through which personal and non-personal information is housed. The problem with data transfer is the ability to intercept and record that data that is moving from server a to server b. Hackers have the ability to intercept and use that information, such as credit card numbers and expiry dates, to falsely do transactions. Now that being said, there is technology out there that can eliminate this serious threat.

SSL - The encryption of data passed through server’s means that anyone illegally intercepting data transfers will not have the ability to read whatever data is contained there within.

This is an especially important tool for any E-commerce operations. You must use SSL technologies to ensure that your consumer data is protected from fraudulent activity.

Shopping Cart Technologies

The shopping cart built with ASP technology is secure enough that the average user will feel safe using the systems. One of the features for keeping the site secure is identifying users through credentials typed into a login form. This system will automatically display a login from an unauthenticated user accessing a protected portion of the site.

OPT-in/out Procedures

Having both opt-in and opt-out measures will allow customers choose whether they want to receive various sales and advertising emails throughout the year. Some customers want the option of not receiving emails because they view them as spam. But others want to be kept up-to-date about sales and different advertisements so they can shop during those times.

Another technique that can be used is a double opt-in method. Customers will get an email verifying that they have signed up to receive emails from the organization.

At the end of every email will be an opt-out/unsubscribe link if the customer does not wish to receive anymore emails. This will automatically remove them from the emailing system but keep the email on file for future reference.

Maintaining Privacy

Your Implied Consent

In some cases, your consent is implied if we ask you to provide personal information with a stated purpose. For example, we can only deliver the product you have purchased if you provide us with your address and phone number.

Your Express Consent

In other cases, we will ask you to give your express consent to use your personal information to advise you of products or services that may be of interest. You always have the opportunity to “opt out” of having your information used for this purpose. For example, when you subscribe to the Future Flash newsletter, we will also ask for your express consent to send you promotional information.

Withdrawing Your Consent

If you have “opted in” or subscribed to one of our newsletters or mailing lists, we will always provide you the opportunity to “opt out” or unsubscribe. For example, each e-mail we send you will tell you how to decline further e-mail.”

Transaction Security

This is one of the most important aspects for businesses operating online. There are always stories in the news about credit card numbers being collected by individuals online. To combat this, all transactions will go through a secure transaction line, provided through the company’s financial institution. All processes are handled by the bank, ensuring a highly secure line that will instill customers with trust.

Transaction Cancellations

Customers will have the options for canceling transactions within a predetermined amount of time. This enables the customer to have a grace period, or ‘cooling-off’ period, the equivalent to a retail stores grace period for returns. This will also ensure that the actual customers are making the purchases, and not a customer using pirated information.
Information Divulgence

What staff have the ability to view what information and for what purpose.

Disclosure of Information

To full-fill orders and ship orders, information collected from users may be needed by service providers to complete transactions. In this event, only information needed to complete the sale and or delivery of the purchased products will be disclosed to any service provider.

Alex Simms is a content writer for Avalon Studios, a Web Design & Development firm working with small businesses.

Spam is one of the curses of the Internet age. But if the clogging of mail boxes with useless emails was bad enough, unsolicited emails aimed at tricking you into giving your valuable passwords, banking and PIN numbers is the most dangerous variety of email that you will ever encounter. This kind of email is known as “phishing” because the unscrupulous authors of these messages are fishing for valuable information which they can use to capture your online identity.

If you think that you won’t be fooled by such tricks, think again. Phishers commonly send emails which look like they come from respected financial institutions, such as PayPal, Visa, Ebay, America Online. The messages spoof the email address of the institutions and the letters have the proper logos and everything. They look real. The subject message usually has a dire warning: “Your Pay Pal Account (or Ebay, or online bank account) has been suspended.” “Warning: Confirm Your Online Banking Account.” These messages look so real, that 5% of recipients respond to them

Naturally if you have a good amount of money in your PayPal or online banking account, you are going to panic when you receive email like this. The first thing to do is to stay calm. Remember, responsible institutions will never suddenly suspend your account or ask you to give personal information in an insecure manner.

Usually the phishing emails will ask you to enter new information for your account and they will give you urls, asking you to click through and log into your account. The urls in the email will look like the log-in addresses for these institutions, but if you put your mouse over them you will see that the actual web address is different.

If you get any email of this type the second rule is never, never click through and try to log in. If you log in with your user name and password, then phishers have captured your password. If you go on to fill out other information such as: bank account numbers, social security number, mother’s maiden name or driver’s license number then the fraudsters will really have you.

If you are worried about your online account and want to see if it is OK. Then go to the home page of PayPal, Ebay or your bank, and log into your account in the customary way using the usual url, such as https://www.paypal.com rather than with the url in the suspectt email. When you get into your account you will probably see that everything is normal. If your institution indeed has a message for you, you will find it in that safe environment without compromising your security. If you are still in doubt, call up your institution using their toll free customer service numbers.

PayPal also has a security section where they tell you what to look for in fraudulent emails. For example, whenever PayPal sends you an email it will always start off with “Dear Donald Nelson,” in my case, or whatever name you used when you signed up. They will not say “Dear Valued Paypal customer.” So log into the proper areas of your institution and learn as much as you can about security procedures.

The third thing to do is to report suspicious email . We have to put these crooks out of business, and that can only happen if we report fraud whenever we see it. You can get quick service from PayPal by forwarding email of this type to spoof@paypal.com. Usually within an hour you will get a reply telling you whether the email comes from PayPal or not. For other instances of Phishing, you can report them to the Anti Phishing Working Group at www.antiphishing.org. This website, staffed by volunteers, has up to date information about the latest scams and is doing its best to make the Internet safer for us.

Finally, if you have given any information to fraudulent websites move swiftly to protect yourself.

Notify your bank, change your passwords for online accounts, and watch your online accounts for any signs of unusual activity. A good guide with useful and detailed information on what to do if you have given out valuable information can be found at http://www.antiphishing.org/consumer_recs2.html

So, enjoy the Internet but take precautions and protect yourself from any devious phishing message which may land in your mail box.

Copyright 2004

Donald Nelson is a web developer, editor, and social worker. He has been
working on the Internet since 1995 and is the proprietor of A1-Optimization,
http://www.a1-optimization.com, a firm providing search engine optimization,
copywriting, reciprocal linking, and other web promotion services. He
publishes a monthly ezine, A1-Web Promotion Tips, available at
http://www.a1-optimization.com/newsletter.html

Recently a client of mine was very excited to try downloading music after getting high-speed internet. After several searches for unlimited music download services, she came across a site that was ranked #1 among several user review sites. For $14.99 a year, she could get unlimited free downloads to songs, movies, and more! Sound to good to be true?

More and more complaints have been issued against these types of music download service companies. My client was just another statistic in the practice of fraudulent music download services. When she signed in to her account for the first time, she was directed to several articles on how to burn CD’s and websites such as Yahoo and Google where she could “search” for her own “free” music. She was also charged an additional $17.00 for spyware software that she didn’t order.

We contacted the customer service department on behalf of the client. After being on hold a long while, we were forwarded to the manufacturer of the spyware program that she never agreed to ordering. Further investigation provided us with long lists of reports on this and similar websites offering unlimited “free” downloads. They were selling information that anyone could get for free, and the FTC was on to them.

While several cases are pending, there will never be a way to fully rid the cyber-world of these types of fraudulent service providers. What can you do to protect yourself? Here are some basic rules:

1. Do a little research. Check with online review forums that are reputable and well-known. Don’t respond to a pop-up ad or spam. (The user reviews that ranked this particular service provider as #1 were listed on a site owned by the spyware software company, and the reviews were never real.)

2. Remember that songwriters and performers want to get paid for their songs. If a service is offering unlimited downloads to your PC to burn CD’s, these artist are usually not getting paid. Bigger name services allow unlimited download to MP3 players to be used by one listener only. If you see that newest top 40 hit available for free download to your PC, beware. You may be participating in piracy, a crime punishable with jail time or hefty fines.

3. Read the fine print. All reputable service providers should offer a “try it and see” period to test the waters. If a company states that they don’t offer refunds under any circumstances or charge a fee to reimburse you for unused membership fees, get away fast!

Linsey Knerl is the senior partner of TL Donnelly & Associates, a consumer-friendly information service provider. You may visit their website at http://www.tldonnelly.com to learn more about consumer and small business services available to you. TL Donnelly is committed to “Finding It For You…”