B2007 - 19 March - Protect Your Computer

A four-week campaign was launched on 4 March by the Australasian Consumer Fraud Taskforce to help people protect themselves from scams. The overall theme for the four weeks of the campaign is 'SCAMS TARGET YOU—Protect yourself'. The theme for the third week of the campaign is 'Protect Your Computer'.

A recent Internet scam with an Australian twist

A hoax email has been circulating over the Internet claiming that Prime Minister John Howard has had a heart attack and is in a critical condition. The email looks just like a normal news article and lures readers to a link supposedly from the Australian newspaper website to find out more details on the story.

Unsuspecting people who click on the link are taken to an error page rather than a news story. While at the error page, malicious software is installed on their computer which has the ability to steal personal and financial information.

The Australian Computer Emergency Response Team (AusCERT) has completed an investigation of this attack and estimates that to date about 1000 Australians have fallen prey to this scam.

This isn't the first time that famous figures have been used as part of Internet scams. George W Bush, Vladimir Putin, even Paris Hilton have been used as bait by scammers to lure unsuspecting people into clicking on links.

More information about the PM's hoax email can be found through the Aus CERT website.

Internet scams

Until recently, your main security concern when connecting to the Internet might have been the risk of having your computer infected by a virus. These viruses were generally written and circulated by hackers with no other incentive than showing off their technical skills. The result would most likely be lost data or your computer acting strangely. However, more recently the motivation driving scammers has been financial gain and their attacks are becoming more targeted. Now when you connect to the Internet, it is becoming increasingly important to look out for Internet scams seeking to steal your identity or financial information.

Internet scams are typically carried out in two different ways. One method uses what is known as ‘social engineering' techniques. The other uses malicious software (malware) that can target vulnerabilities in your computer's operating system or other software programs.

Internet scams using social engineering techniques

Scammers use social engineering techniques to trick you into divulging your personal information by pretending to be a legitimate person or business.

A common example of a scam that uses social engineering techniques to make money is ‘phishing' or hoax emails. Phishing attacks are often designed to make you believe that an email has been sent to you by a bank or other reputable organisation by using the organisation's logo and message format. Phishing emails usually lure victims in by describing a situation that requires immediate attention, such as clicking on a web link.

For example, a phishing email may tell you that your bank account will be terminated unless you click on the link. The link will take you to a webpage asking you to enter personal or financial information, such as your Internet banking logon, your password, credit card number or PIN. Once entered, scammers can use this information to steal your identity or to illegally obtain access to your bank account.

Internet scams using malware

A growing number of scammers are now employing malware to carry out online attacks. Malware can be installed on your computer in many ways, including:

  • opening a hoax email attachment or clicking on a link contained in a hoax email;
  • downloading infected programs from websites;
  • sharing files with other Internet users (‘peer-to-peer' sharing); or
  • accessing a USB memory stick, floppy disk or CD infected with malware.

Once installed on a computer, malware can be used by scammers for a number of different purposes depending on the type of malware. These include:

  • Spyware, which can be used to record your keystrokes so that your personal information, such as banking account data and credit card details can be captured and used by a third party; or
  • Trojans, which can compromise your computer and thereby allow it to be controlled remotely by a third party to send spam and undertake other malicious activities on the Internet.

What can you do to protect your computer?

The Australasian Consumer Fraud Taskforce recommends a number of simple steps that Australians can take to protect themselves from online scams.

  1. Keep your security software up-to-date

Always use anti-virus and anti-spyware software, a personal firewall and an anti-spam filter and ensure they are updated regularly. In addition, regularly download and install the latest security patches for all your computer software, including web browser applications.

Security software is available from your Internet service provider or from computer shops. More information about acquiring and using this software can be found on the Internet Industry Association website.

Using up-to-date security software will help to prevent criminals accessing your computer via the Internet and installing malware on it. Some firewalls can also prevent information being taken from your computer and sent to someone else.

  1. Don't respond in any way to unsolicited emails

Unsolicited emails, or ‘spam', are those emails that arrive in your inbox from an unknown source, often promising money, good health or a solution to all your problems. In the past spam has been used to buy, sell or advertise goods or services. However, more recently spam has been used by scammers to disseminate malware or phishing attacks to unsuspecting online users.

To reduce your risk from online scams, always remain suspicious of spam. Never respond to unsolicited emails, never provide personal information to an unknown source and never click on links in spam emails.

  1. If in doubt, delete

Do not take the risk of having your computer compromised, and possibly your personal and financial information stolen. Always delete suspicious emails and exit from pop-up windows or websites that appear to be offering something too good to be true.

The Taskforce comprises all of the governmental regulatory agencies and departments in Australia and New Zealand who have responsibilities for consumer protection.

Where can I find out more?

You can read more about basic tips to secure your computer online.

Take a quick look at the StaySmartOnline Top Tips