What to do if you are the victim of a phishing attack...

Ok, so most people are savvy enough not to fall for this type of phishing attack (taken from my own junk email account) –

"Dear PayPal Costumer,

It has come to our attention that your PayPal^®account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service.

However, failure to update your records will result in account suspension. Please update your records before August 15, 2011

Once you have updated your account records, your PayPal^®account activity will not be interrupted and will continue as normal.

Click here to update your PayPal account information"

However, these scams are still on the increase, as are the number of victims.  It is estimated that 1 in 4 adults in the UK will be a victim of identity theft at some point. These phishing attempts differ in intent, with ID theft for financial gain (such as taking out loans in another persons name), illegal intent such as producing fake passports, hacking, keystroke logging to steal passwords, or for laying Trojans and malware, being just a few.  These criminals are clever, often disguising the fakes very well, a recent case we heard of was an email link to a website made to look like a job search site, sadly the person who received it was job hunting and in their eagerness gave away some personal information before they realised what had happened.

Here is some advice we gave to that victim;-

·         Here is a link to the leading UK Identity Theft website, which is run by the Home Office. It contains statistics and general information, as well as advice for victims of cyber crime.  You may find the information here helpful. http://www.identitytheft.org.uk/faqs.asp

·         You can report the details of the fake site here http://www.actionfraud.org.uk/ 

·          In addition to this it may be prudent to make a report to the local Police, in case you become a victim of identity theft or fraud.

·         Change all your passwords for online accounts in case there is a risk of “keystroke logging”, basically this is where a Trojan is left on your PC which monitors and records particular key patterns, they are designed to pick up repeated codes such as passwords, and pin numbers for online banking.

·         Notify any relevant official departments of information which may have been stolen, eg DVLA, Passport Office etc.

·         Notify one of the Credit Agencies (Experian or Equifax) to log a “Fraud report” against your name. This will help prevent any difficulties in the future. You only need to contact one as they will share the information with the others.

·         Ensure you monitor any accounts you use, including social networking sites, for any unusual activity.

·         Always check the URL of a website to see if it looks genuine.

·          Use strong passwords which are changed frequently.

·         Install good anti phishing and spam filters on your PC to help prevent future incidents.

·         There is some very useful information on http://www.chatdanger.com/email/spam.aspx addressing online protection for young people.

Some of this advice may seem obvious. I feel however, if it was that obvious the number of victims wouldn’t be on the increase. Please be cautious...

Here is an excellent resource for anyone wishing to keep abreast of new phishing or online security risks http://nakedsecurity.sophos.com/.  To quote Hill Street Blues – “Hey, let's be careful out there”...

Why would you want to chat to random strangers?

There has been an increase in the use of sites which enable complete strangers to chat either anonymously, or via webcam. Many of you will have heard of chatroulette, allegedly used by celebrities (Kate Moss, Paris Hilton, Ashton Kutcher and Justin Bieber have been seen on them, some fakes, some allegedly real) but as the popularity, and notoriety of these sites grow, so has the list of sites providing the service. At last count I found over 30 sites, most of which offer complete anonymity as the user is not required to register any details. Fine as long as you’re happy with your screen shots being shared on random websites across the world...

These sites say they are aimed at the 18+ market, however they do not generally adhere to this, in fact there is a rather famous user of chatroulette who is labelled as “Offensive 8 year old”. One site has a very strict policy on the log in page – “18+, keep it clean, or be reported”. Ok, that’s clear enough, except the site is un-moderated and I haven’t found a way to report yet...

Mashable, the American Internet News website published a story in March 2010, which stated that a mash up of Google Maps had been created which would take a screen grab of chatroulette users, then use their IP address to add their location to chatroulette maps. I’m not sure this is a good way of protecting any younger or vulnerable users, even with an 18+ caveat it seems obvious to me that an 18 year girl experimenting by flashing her boobs on a webcam would be at risk if anyone watching had her address?

There are many people using these sites purely for 5 minutes of showing off to a complete stranger, whether that be their privates, singing a song, or dressing up as Darth Vadar. And I would suggest that most people who use these sites are over 18, open minded and wouldn’t be shocked by what they saw. In fact I have seen a chat room conversation between some University students who use one of these sites as the format for a unique drinking game, they take it in turns to sit at the webcam, and each time a nude person flashes up they down a shot. Inappropriate? Yes. Hilarious entertainment for a room full of 20 year old lads? Definitely.

The downside is that under 18’s ARE using these sites and come into contact with inappropriate sights, and people most parents wouldn’t want their children talking to. What advice would we give to the parents of these kids? Talk to them openly about the risks and follow the usual advice about privacy etc. It’s fine to let young people have computers in their rooms provided parents are confident of their safe internet practice. I would however suggest it may be prudent that you do not let them have an active webcam...

Article by Laura Higgins – Helpline Manager

July 2011

Is it really possible to keep kids safe online?

At the Professionals Online Safety Helpline, I am often asked to endorse products or sites which have been designed to keep kids safe online. There is a burgeoning rise in Social Networking sites designed for under 13’s, (or for over 13’s whose parents are still worried about the evils of Facebook), and safety products to eliminate cyber-bullying.

But do they work?

There are so many new products, it is hard to keep abreast of quality and value.  Many iphone apps for blocking unwanted contacts are free, however the most promoted are the chargeable ones, are they any better? There are now numerous products which flag up potential bullying or inappropriate language on Social Networking sites, however these are only as good as the people updating the software that inputs words to flag up. I have two children and work in Internet Safety, not a day passes when I don’t have to reach for the “Teenage Bullying Language Encyclopedia” for reference. These products do serve a purpose however, in providing some reassurance to parents and educators that they are “doing” something to help. I see no harm provided they are not relied upon as infallible tools.

The biggest rise both here and in the USA, is with new Social Networking sites. I have read about so many who claim to be “The new Facebook”. Really? Facebook has more than 750 million active users, most of these new sites have more like 600 users. Sadly, the things which make these appeal to anxious parents, are exactly what would put off a young person from using them. Many require parental control, and allow your parents to see all your posts, or at least those which the site feels it should share, many do not allow friend requests without showing parents first, some do not allow real photos, only avatars, and others use guided communication, only allowing youngsters to update their status using words pre-selected by the site. Boring! There is a reason there are so many underage users of social networking sites, it is exciting and makes the young person feel more mature. Sticking to an age appropriate site may not have the same allure. I wonder how many of those with accounts on these safe sites, also secretly have Facebook accounts?

I think the worst sin committed is in patronising young people. This comment from a new site sums it up perfectly - “tell your friends what you're doing (...just like the older kids do!)”. Hhmm.

There are some amazing Social Networking sites for younger internet users, but they are not trying to recreate Facebook. They are fun sites, where children can interact with others and play games, preparing them for when they ARE old enough to have a Facebook account.

Article written by Laura Higgins - Helpline Manager

August 2011