Sunday, April 17, 2011

How to Protect Yourself from Identity Theft

For my last tutorial blog I wanted to give tips on how to protect yourself form identity theft. It is predicted that identity theft affects 10 million people each year, which comes out to about 20 victims every minute. And according to one source, in 2005 identity theft accounted for $56.5 billion! As you can see it is a huge problem, but there are some small, simple things you can do to avoid it. So let's look some of the problems associated with identity theft, and possible ways to avoid them.



1. Phishing: This is "The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft." Essentially what will happen is that you could possibly get an email from a seemingly legitimate company that will ask you to update your account and credit card information, and then provide you with the link to do it. Obviously most people will ignore the email, but some people do give out their information this way. A simple thing you can do to avoid these phishing emails, is never to give personal information out through emails. If a company is asking for something so private, like bank account information, either call their number, or visit the company's site directly through your own means. Here is an example of en email "phishing" for information. 

  
2.) Pharming: According to one source, pharming is "another form of online fraud, very similar to its cousin phishing. Pharmers rely upon the same bogus Web sites and theft of confidential information to perpetrate online scams, but are more difficult to detect in many ways because they are not reliant upon the victim accepting a “bait” message. Instead of relying completely on users clicking on an enticing link in fake email messages, pharming instead re-directs victims to the bogus Web site even if they type the right Web address of their bank or other online service into their Web browser." This is kind of wordy but I can explain it in simpler terms. 

Basically There is something called a DNS Server which is responsible for changing domain names into their unique IP addresses. For example, when you type in google.com, this is a domain name but the DNS translates this into the actual web address of Google. What these pharmers will do is like phishers, but they work more under the radar. They will change your local DNS server to redirect your request to a fake site that will look almost exactly like the website you wanted to go to. Their aim is to get you to go to the site like normal, and type in your username and password so they can steal it. Here is a diagram that might be helpful:


Avoiding pharming can be difficult because the url will look the same on the fake site as it would the real one. But if you've done online banking, you'll usually see a box asking you if you want to trust the certificate. If the certificate doesn't match the site you're trying to reach, then close the browser. If it does, then save the certificate so the next time you get to that site, you'll know it's the right one. 


Acknowledgments: Media - Answers.com http://www.google.com/imgres?imgurl=http://wpcontent.answcdn.com/wikipedia/commons/thumb/d/d0/PhishingTrustedBank.png/300px-PhishingTrustedBank.png&imgrefurl

http://www.google.com/imgres?imgurl=http://www.securetoday.net/wp-content/uploads/2009/07/pharming-works.jpg&imgrefurl=http://www.securetoday.net/tag/pharming

Sources for information: http://ezinearticles.com/?Identity-Theft-Affects-Millions-of-People&id=479204
http://www.webopedia.com/TERM/P/phishing.html

http://en.wikipedia.org/wiki/Pharming

http://www.consumerfraudreporting.org/pharming.php

http://uk.norton.com/cybercrime/pharming.jsp

No comments:

Post a Comment