Stop your computer being a target for fraudsters, phishers and other miscreants who conspire to make our on-line life a misery!
Occasionally, we are asked to comment on the safety and security of the PayPal
payments system. You will have read from time-to-time, like us, of users of on-line banking systems who have had their accounts compromised and money stolen. But in fact most banking and payments systems operate pretty secure systems. If they did not, they would not be in business for long. The reality of today’s world is that payment systems are increasingly being used on-line. But that doesn’t mean we should not be alert to the kinds of problems that can occur.
It’s important to distinguish between the security of an on-line system (like a Bank, or Amazon, or eBay) – viewed as a “black box” - and the security and safety of the user names and passwords that we keep on our computers or in note-books. The important point is that if an on-line fraudster manages to hack into our own computer and get hold of our log-on details - username and password – then no amount of security in the “black box” can stop the inevitable happening. To the banking system at the other end, we are who we appear to be. As an old Internet adage had it: "on the Internet, know one knows your are a dog!".
In our experience, almost all apparent problems with the use of on-line payment
systems are because a fraudster managed to get hold of our details. This applies to PayPal as much as any system. So the first rule is to stop your own system being compromised. There are two ways that this can happen: so called "phishing", and a more direct attack, where someone else manages to access your computer through your broadband connection while you are using it. Both are dangerous.
In some ways, phishing is more difficult to avoid. What happens is that someone
sends you a "spoof" email. The email may appear to be from your Bank, or someone else you have been dealing with. (We'll avoid explaining here how they can do this.) The email looks convincing and innocently provides a link to click.
Don't do it!
Once you click that link, it's already too late. Software code is implanted
on your computer that can do almost anything. Least worst, it might email all your friends with similarly spoof messages. At worst, it can access all those passwords you have cleverly remembered in your nice little Word file.
The direct attack method can also cause many problems. The usual means of
preventing these attacks is a "firewall" - a software barrier that continuously monitors traffic coming and going across your connection. Companies like McAfee and Norton sell software that can be installed on PCs that go some way to prevent this happening.
But, in fact, most problems that users experience are due to poor personal
management of user names and passwords. Saving them on your computer is an
invitation for them to be found. Unfortunately, many people then end up using the same password for all their on-line systems. Once gain, this is a recipe for disaster. Once one is compromised, the fraudsters (who by now will know which sites you visit) will have free access to all your sites!
Perhaps this is all enough to convince you to avoid the Internet. That's one route to travel. Unfortunately more and more services including essential Government
programmes are being delivered digitally.
So here is our basic advice about how to manage your on-line security and safety:
1. Use a different password for each on-line system you use.
2. Use passwords that are hard to remember: definitely not “password” or “123456”
even your own birthday
3. Change passwords frequently – say monthly at a minimum.
If you use a PC, make sure you have a proper firewall installed. Get advice if you are not sure which one to install.
Check the sites you use:
Most on-line systems have plenty of advice on their web sites about safety and
security. Please read PayPal’s.
Apple vs. IBCM PCs
There is no doubt that Apple computers are safer than PCs. The reason is that PCs are still used in most of the worlds commercial systems, so there is more incentive for fraudsters to attack these systems. Apple computers also have a carefully managed environment where they strictly control who gets access to their internal software designs.
The job of remembering passwords, changing them and keeping them secure can be a daunting task, which many people forget to do. Fortunately, there is a better way – use a piece of specialist software called a “password manager”. This will keep your passwords and capture the new ones when you change them. The best one I have found is LastPass (www.lastpass.com). I rely on it totally; in fact I have no idea what most of my passwords are, but LastPass does