Individuals, Not Just Corporations, Face Cyber Risks

While the big news is about hacks into the CIA’s and Senate’s public Web sites, Citigroup and Lockheed Martin, tens of thousands of people are victimized by cyber criminals each year, sometimes with devastating effect.

The FBI’s Internet fraud center received more than 25,000 complaints a month last year from people who were defrauded over the Internet by fake companies which offered to sell goods that never arrived, by people whose identities were stolen and by victims scammed by someone claiming to be an FBI agent.

The conventional view of hackers as pimply faced, isolated young men out to harmlessly joyride some big company’s servers is out of date, despite the presence of groups such as Anonymous and Lulz Security, which strike for fun and political reasons.

The more worrisome hackers are crime rings in Asia and Eastern Europe or elsewhere beyond the easy reach of the law. These are the individuals who steal personal information, like names, addresses, dates of birth and e-mail addresses. They sell that information to thieves in Internet chat rooms who often round out what they know about victims from Facebook pages – maybe a birthplace from a Facebook quiz – or other social media.

Maybe they’ll send a phishing e-mail, pretending to know the victims. Or maybe they’ll send them something they might like because they have found out, for example, that they have a Sony PlayStation and were born in 1943.

But that game download for a grandchild could include key-logging software that secretly tells thieves what victims type. Perhaps they’ll use that to find out which banks they use, and their user names and passwords.

Some advice:

• Limit information on Facebook and other social media. “Citizens need to start recognizing the value of their own personal data and not put out any data that isn’t necessary,” said U.S. Representative Jim Langevin, a co-founder of the Congressional Cyber Security Caucus.
• Have solid Internet computer security software and update it monthly. Word to the wise: porn sites are notoriously loaded with viruses. “Don’t click on links in spam messages and be extra suspicious of messages that piggyback on recent hot news items or events such as holidays,” says Joris Evers, a spokesman for McAfee Inc.
• Some security experts advise against clicking in links in any e-mail, no matter what the source.
• Use strong passwords, which means a password that is long and has a mix of letters, numbers and symbols. A strong password is especially important for financial transactions.

Editing by Xavier Brian