Introducing our Escaping Scams Series

Chesa Keane, a new Associate member of Global Travelers, is a long-time consultant in many aspects of IT. As members of a virtual Rotary club, we are all, by definition, on-line to various degrees. And, like many things in life, being on-line comes with risk. Chesa has generously agreed to launch a web series for our members with tips for helping us avoid becoming the victim of online scams.

Almost everything we do these days is tied to the Internet. Whether it is email, web surfing research, paying our bills, streaming your favorite TV show, applying for a job, making reservations to fly or cruise away on vacation, obtaining a hotel reservation on your next road trip, paying your bills, making bank deposits or managing your A/C or heating unit with your computer, tablet or phone. It’s all about online access to your Wi-Fi and Internet.

Any of these activities can put you in direct line of attack by a scam artist. Being safe online is becoming more and more difficult. Scammers are clever and target your trusting nature with the ultimate goal of getting your personal data to enable digital theft.

hacker fishing
Scam on the screen

Let’s look at the major types of scams, malware and hacking that you need to become familiar with to protect your privacy and your bank account. When you are the victim of a scam, you unwittingly allow the scammer to separate you from your money and possibly your identity.

Here are some the major areas of vulnerability that we all face by being online:

 

  • Stealing passwords for your online accounts where money is involved.
  • E-mails that carry malware links or downloads that contain viruses and “attack software” that can disable your computer and/or capture your personal information and financial data,
  • Playing on fear: you get a message about a potential unauthorized expense and click on a link that eventually embroils you in loss, loss and more loss.
  • Exploiting your trusting nature: You find it difficult to believe that this is happening to you, and you jump to fix the problem which is exactly what the scammer is looking for – your engagement.

And the list goes on. Scammers are very creative, and like demanding toddlers, they seem to have nothing but time to think up new schemes.

Good Password Management is your first line of defense in protecting yourself online. In this first article in our series, we’ll focus on good practices for creating and protecting your passwords. Future articles will address other important aspects of protecting yourself online.

Hopefully, you have long since graduated from using 1234 or Pinky (your cat’s name) as a password.  Most sites, especially financial sites, enforce some basic rules to ensure that passwords are not easily guessed. Why do they have these rules that frustrate you and make it hard to come up with passwords that meet their criteria?

password
password cracking

Hackers don’t have to be rich to invest in computers that can crack short, easy passwords. But if you make your password longer and more complex, you can thwart even the most powerful computers:

hacking time

You’re convinced! You need a long password that can’t be cracked by a computer or a human. Meaning you shouldn’t use things that are easy to guess like your birthday/birthdate, anniversary date, pet’s name, child’s name, friend, favorite sports team, etc.

Most browsers have a feature that allows you to generate a strong password as you are creating a new account online. But let me suggest that you search for an online password generator website that you bookmark and wander over to use when needed. I like 1password.com/password-generator. It gives you options for the creation of random passwords with the choice of how many characters to use and letters, numbers and symbols or a combination of all three. It also allows you to choose Memorable rather than Random to create a pass phrase rather than password if you wish to be able to more easily remember and type your password. An example might be:

  • 16 characters in length
  • Random: CtHHTxsEsRNimPyq
  • Memorable: beanie-poultry-gazelle-berate (higher character count passwords are better for pass phrases)

 

password generator
password post-it

Not only do your passwords need to be long and complex, they also need to be unique. You shouldn’t use the same password for multiple websites ( to minimize the damage if someone gets one of your passwords). And you should change your passwords regularly, especially for financial sites and for your email. If your email is compromised, a hacker can send out malicious emails to your unsuspecting friends and colleagues.

Which brings us to … how do you remember all those passwords? Not with post-it notes!!

You need to keep a log. Minimally, use a notebook and make sure you log any new or changed passwords. But this is my least favorite option. Where are you going to keep this book of passwords? Next to the computer? What about when you are on your phone and away from your desk and need a password to your bank account? Or what if it is taken from you and now access is available to anyone holding the book?

Instead, choose from one of the many password apps that keep your secrets in an app that is itself password-protected. The main advantage of a password app is that it is accessible across all your devices – phone, computer, and tablet. You can find a list of good applications here. As noted above, I like 1password. Our web editor has used (and loved) Roboform for years.

password summary 3

In future articles, I am going to provide you with many, many examples that I hope help keep you safe. If you have any questions, feel free to contact me.

 

Chesa Keane