How to beat 22 Web security threats
- — 06 May, 2009 13:37
6. Social-networking dangers
A message from one of your friends appears in your inbox, sent via a social-networking site you use regularly. The message promises a big laugh and points to a website you've never heard of. You click the link, and the next thing you know, you're misdirected to a phishing page that steals your login details, or to a drive-by download site that infects your system with a Trojan horse.
Your friend didn't send you the message. But because you thought it was from someone you knew, you trusted the message would be safe. We've outline some Facebook examples later on in this feature, but you're just as likely to be plagued via LinkedIn or a rogue Tweet.
If you believe your social-networking account may have been compromised, report your suspicions to the site's support team immediately. Change your password frequently, and avoid clicking message links that claim they'll transfer you back to the social-networking site. Instead, to get back to your account, type the site's address directly into your browser's address bar.
7. Voice phishing
You receive an email or get a pre-recorded voice message from a financial institution informing you that a large transaction - one you never performed - has been held up. The message includes a free phone number you can call to deal with the situation.
When you dial the number, a voice menu prompts you to key in your card number before it transfers you to a company representative. The phishers ask you to enter other data as well, such as the expiration date and/or the CVV. If you act without thinking clearly, you might provide all the information they ask for. At this point, they may hang up or put you on hold indefinitely.
If you get a fishy call or email, be cautious. Don't call the number provided in an unsolicited email or voicemail message to follow up on a mystery purchase; instead, dial the telephone number printed on the back of your card.