Disconnect: How to Avoid the Latest High-Tech Scams

Youíve got an hour to kill, so you drop into a coffee shop to log on to its free Wi-Fi network. You send some emails, buy a book online, and pay some bills. A month later, your bank account is depleted. Youíre the latest victim of a cyber crook.
Unfortunately, online criminals are finding increasingly clever means to separate you from your digital secrets. To avoid getting stung, use this guide to learn about five new high-tech scams.

Social Network Scams

Facebook and other social networks operate on the principle that youíre friends with other people on the service. One of the most common scams involves one of your friends whose Facebook account has been hacked, or broken into by a criminal. The hacker sends an urgent plea to your friendís contacts, which includes you, asking for cash. Naturally, the account holder is not in need, and any money sent goes straight to the scammerís pockets. Other common attacks include hacked accounts used to direct victims to Web sites that install viruses and other software to corrupt your computer.
How to protect yourself: Donít use the same password on Facebook or any other social network that you use on other Web sites. Never click on unusual URLs sent through a social network. If you think somethingís amiss with a request you receive, contact the sender through another channel, like a phone. Change your Facebook privacy settings so that only friends can see your personal information.

Mobile Malware

The main threat to mobile devices is from applications that have been coded with the intent to do harm to the phone or its owner. This threat is particularly directed at iPhone users who are unlocking their phones to install applications Apple hasnít approved or are using the phone on a network other than AT&T. This practice, also known as jailbreaking, bypasses the deviceís built-in security system.
How to protect yourself: Donít run applications that havenít been approved by Apple, Google, or the manufacturer on your mobile device. These applications havenít been checked for security risks. If you want the tightest security, keep your mobile deviceís operating system unmodified. Donít download apps you donít know anything about.

Text Message Come-ons

Watch out for text messages that include phony alerts. The come-ons are varied, encouraging you to call a 900 or other toll-based number. Youíre then directed to a phishing Web site under the pretense of a job offer or quick cash and possibly tricked into giving up sensitive or personal information, such as a banking site password.
How to protect yourself: Ignore any text messages from a number or person you donít recognize. Use the Web to look up strange phone numbers to see if theyíve been reported as malicious. Simply google the phone number, and youíll quickly see if itís been reported as dangerous. Then, report the text messages to your cellular carrier.

Wireless Interlopers

The rapid growth of Wi-Fi hotspots has made it convenient to crack open your laptop and hop online just about anywhere. But how do you know the hotspot youíre accessing is legitimate and not set up by a hacker? Crooks operate lookalike hotspots with the sole purpose of eavesdropping on all the data you send through it. When you type in your password, Social Security number, or your credit card information, scammers can capture it all and be on a fast track to stealing your identity. Another less-common attack involves a hacker simply eavesdropping on a legitimate wireless connection by using special equipment to capture your signal, either from next door or driving down the street.
How to protect yourself: Most phony hotspots leave telltale signs that they arenít legit, such as typos, strange sign-in Web page designs, or URLs that donít sound right. If you arenít 100 percent sure a site is legitimate, donít sign in to it. Leave your banking and bill paying for when youíre home on a line you know is secure. Make sure youíre using Wi-Fi Protected Access security on your home router and protect it with a strong password, such as a combination of numbers and letters.

Extortionware

The latest twist on malware goes like this: A Web pop-up alerts you that you have a security problem, prompting you to download additional software to fix it. Once you do, youíre told the problem is even more severe than you thought, and the software says you need to spend $40 or so in order to correct it. You use your credit card to pay the fee, and the problem goes away. The catch is there never was a virus.
The original download caused the initial problem with the intent of making you pay to make it go away. When they get your money, theyíve hooked you. Your credit card may be charged multiple times, or your credit card number may be sold to others, or the problem will suddenly resurface in a few monthsí time, prompting you to pay again.
How to protect yourself: Any pop-up asking for money is undoubtedly malware and not part of a legitimate security program. Run standard anti-malware software to rid your computer of the attack. If that doesnít work, a Web search from another computer for the name of the program usually will provide specific tools designed to remove the malware from your machine.

* The above article is provided by USAA. They will send monthly guide to me to be posted here.