Tuesday, January 1, 2008

Internet safety for grandparents: What to do when you’ve been compromised


By Brenda Coxe

Over the past few months, I've been writing a series of articles on Internet safety. Although I've aimed them at grandparents (probably the most vulnerable group online these days), I recommend everyone read these articles. Internet safety is too important.

In this article's title, I use the term "compromised" because there are so many different things that can happen online if you are not careful. For those who are not familiar with some of the terms, let me put them into layman's terms to make them easier to understand.

Common terms

"Hacking" occurs when someone is able to break into your computer remotely without being given the password to legally enter. The method usually used to obtain this information is using a malicious password stealing program called a Trojan horse.

When your computer becomes infected with a Trojan horse, each time you log on, the creator of the program is able to see your log in information. Simply changing the password when you find a Trojan Horse program does not eliminate the problem -- you must get rid of the program AND change all your passwords.

Hacking is really a very broad-use term. Back in the 1970s and early 1980s, "hackers" were considered the best and brightest (and most creative) of computer designers and programmers. But nowadays, the term "hacker" describes someone who breaks into computer systems illegally and does bad things.

"Phishing" is a term you should learn -- and be wary of. Phishing is one of the most popular ways to obtain credit card information, and those who use it are very articulate in the way they do it. Put simply: phishing is sneaky and you could lose a lot of money to it. They will pick a site such as eBay or PayPal and set up a mirror site that looks exactly like the real site.

Phishers will then send email messagess to people whose addresses they have harvested from other sources. The most common practice is to tell you that you need to verify your financial information and if you don't log into your account within 24 hours, your account will be closed.

The best way to handle these kinds of emails is to report them to the abuse and fraud or "spoof" mail areas of the Web site involved. A "spoof" email is a fake message that generated in the process of phishing.

If you're unsure of an email message's validity (and you should always be unsure), open a new browser and physically type the main URL of the site you're concerned about -- NEVER, NEVER, NEVER click on links in these types of emails.