Protect Yourself Online

On Monday, June 7, I attended an ASCCA Cyber Security Forum in Sydney. Speakers included Warren Perumal from the Commonwealth Bank, Adam Sandan of the Australian Federal Police, Kate Reynolds and Crag Tidmarsh from Microsoft's Security Division, and ASCCA President, Nan Bosler.

Internet Banking is relatively safe if you're alert and take the necessary precautions. The Commonwealth Bank have a number of safeguards in place and, if you utilise those safeguards, and if you refuse to give your account details and passwords to anybody—including family members—they will guarantee that your account is 100% safe. (This is not an industry-wide guarantee and you will need to check with your own bank to determine their position on guarantees.

One safeguard that is absolutely guaranteed throughout the banking industry in Australia is that NO BANK WILL SEND YOU AN EMAIL CONTAINING A HYPERLINK. (A hyperlink is a clickable link that takes you to a particular web site. I'll give you just two examples that will explain, better than words can do, why this is necessary. The links appear to be identical and if you click on the first one you'll be taken to the Commonwealth Bank's home page. No problem. Try it, but don't click the second one yet.

Now you can click the second one. It won't take you to the Commonwealth Bank but, in this instance, you're perfectly safe. It will only take you to my personal web page, Tomorrowland. Click it now and see. It will open in a separate page, so you won't lose this one while you're visiting. Have you tried that? Great! Just remember that when criminals send you a link like this the page you go to will be professionally done and will look almost exactly like your bank's home page . . . but any information you put in there (like your account number and password) will be used to steal your money. Just remember the golden rule: NEVER CLICK ON LINKS IN EMAILS UNLESS YOU'RE ABSOLUTELY CERTAIN WHO SENT THEM TO YOU, and NEVER EVER click on a link from a bank.

Online Risks abound and Adam Sandan spoke about them at length. He listed three categories of risk: Content, E-security, and Communication. The content comprises inappropriate or illegal material like child pornography and sites inciting terrorism. Other sites that are completely legal are still inappropriate for, say, children. Kids (or in our case, grandkids) can, and will, visit porn sites; these are one obvious error to avoid. It's much easier to keep an eye on their on-line activities if the computer is in a location where adults are passing by and can see what's on the screen. The same supervision is needed for social networking sites where inappropriate relationships can be formed.

E-security is concerned with viruses, spam, trojans, and so on. The solution is to install reliable anti-virus software and KEEP IT UP TO DATE. Make sure your "automatic updates" function is ticked so that you update every time you go on line.

Content can be anything from spam, to cyber bullying, to fraud. Nigeria is the fraud capital of the world and 10% of their GDP actually comes from cyber-crime. The solution is easy: don't believe promises or requests made in emails from strangers. And don't accept job offers to work from home. These are actually aimed at recruiting people to accept money into their own bank account and transfer it (via Western Union) to another account overseas. This is money laundering and, if you become involved, you will be guilty of a crime. And, in case you were wondering, when they've finished using you, they'll clean out your bank account.

Microsoft offer a free anti-malware engine called Windows Defender. You can download a copy by clicking on the link. But be careful: the link I provided is safe, but some of the sites offering to download Windows Defender are actually pirate sites. They'll give you a copy, all right, but it will be a copy that's been modified to provide the bad guys with access to your computer. Only download it from Microsoft.

One area that's being exploited is Genealogy. Even if the sites are genuine they attract criminals who will take the details you've displayed or researched on the site, and introduce themselves by saying something like, "I'm cousin Jean's daughter." They then go on to establish a friendship with you until you get a request for money to help with cousin Jean's life-threatening illness. You may feel that you've come to know them quite well, but the rule is this: if you haven't met these people in real life then you know nothing about them other than what they've told you: and that may be a complete fiction.

Social Networking sites are a lucrative source of information for criminals. The rule of thumb here is to make your account Private and to only give access to people listed as friends. AND THE ONLY PEOPLE YOU LIST AS FRIENDS ARE THOSE YOU KNOW IN REAL LIFE! In a room full of computer-savvy people somebody asked, "How secure is Facebook?" and everybody laughed. Craig Tidmarsh's reply was, "The most secure way to have a Facebook account is not to have a Facebook account." (On May 14 the Sydney Morning Herald published an article about Facebook security in which the founder, Steve Zukerberg, was asked by a friend in 2003 how he got so much information about people. His reply was, "People just submitted it. I don't know why. They trusted me. Dumb f---ks.")

Everybody who attended the forum was given a booklet called "Protecting Yourself Online" issued by the Australian Government. It's an excellent booklet and is packed with information and hints. You can download a copy from the Attorney General's website by CLICKING HERE.

Do remember that as a member of U3A Nepean-Blue Mountains you are also a member of ASCCA and are welcome to attend their forums, conferences, and other functions. The forums are normally free. You'll get to hear about them thanks to the enthusiasm of our curriculum convenor, Alan Lees, who passes on the information by E-mail when it's available.

                         —Report: David Evans, Webmaster