Does anyone really know or understand just
what a Scam is? Many people over the
years have written on the subject, but no one has really explained what exactly
is behind their reasoning. So let me
discuss this.
1.
What
is a Scam?
A scam, it seems, is
the ability of one person to receive either money, services or property from
another with no intention of reimbursing that individual. My Son, Michael, who is 30 yrs. old now,
recently borrowed $100.00 from me, stating that he will pay me back when he
receives his pay-check from his employment (he’s a police officer). He borrowed this cash in February 2013, and since
then he has received his pay-checks [twice per month] in March, April, May,
June, and once in July; yet he has not returned the $100.00 to me, thus, I have
been scammed. A scam can come from
anywhere at any time, and essentially, it is through persuasion that works on
your emotions to give your hard earned money to the scammer.
2.
Incidents
of a Scam:
While almost everyone
wants to help out complete strangers when a disaster occurs, some people
pretend to either be victims of the same disaster or a charity intended to
assist in helping out those victims of the disaster. This is called a
charitable society when complete strangers assist those in need after a
disaster. To scammer, however, this is
called a ‘feeding frenzy.’
Just for a moment,
an example is in line here, when a Hurricane hit Florida, and left flooding all
along the coast and parts of the inland areas causing significant damage and
hardship to the residents, people all over the United States responded by
sending those victims, equipment, shelter, food, money and almost everything
necessary to rebuilt the infra-structure of society back to normal. Of the many billions of dollars sent to that
direction, it is estimated that 35% was diverted into the linings of the
pockets of scammers! Just imagine 35% of
the estimated 18 billion dollars send for relief to victims of this natural
disaster, that means that scammers costs the people of the United States +/-
630 million dollars that went into their pockets!
3. Virus
Protection Scam to Gain Access to Your Computer
My phone was ringing
off the hook one recent Saturday, three calls in just a few hours from different
people claiming to be from Microsoft or other software companies, all with the
same alarming news: A virus had been spotted on my computer. My machine would
be crippled unless I followed their advice and downloaded a program to fix the
problem.
The Computer Repair
Scam has returned. If my repeated treks to the phone aren't evidence enough,
consider recent warnings — from the Better Business Bureau, Royal Canadian
Mounted Police and others — about the very real trouble that can result.
The caller may press
you to buy a particular "security" program or try to steer you to a
website for the "necessary repair." Either way, the intent is to
trick you into downloading software that gives these crooks remote access to
your computer — and everything stored on it. That can compromise your bank and
credit card accounts, among other things.
In the past, a
company calling itself Support on
Click was scamming folks with phony alerts. Now others are eager to
take its place.
In truth, Microsoft
does not make calls or send e-mail warnings of an infection in a particular
computer. Nor do makers of antivirus software, another false identity that
these scammers sometimes use. When real
threats are detected, the companies send software updates en mass over the
Internet telling users to strengthen the defenses on their computers. If your
computer has a virus, the antivirus software that you've installed on your
machine is designed to warn you and remove the virus. Your best bet if you get one of these calls?
Do what I did. Hang up — without following the caller's instructions, which may
also include providing your user name and password details. And if the scammers
approach you with an e-mail, just delete it.
If you think you've
already fallen for this gimmick, you may need a reputable local computer repair
company to remove any program that the hackers tricked you into installing. Ask
a computer-savvy friend or relative to recommend one.
3A. Resources
for reporting a scam
Place a report
First of all, add a report with all
the details (story, letters and photos) to the database of Stop-Scammers.com
Contact agency or
website
You are obliged to
contact the agency, dating service or web site where you found the profile of
the woman, or where your data was placed and the woman was the first to contact
you - ask them to remove her profile.
Contact police
If you have already
sent the money and were scammed, then contact the local police department.
They'll tell you what steps are necessary to return the money.
Contact her email
provider
Contact the provider
for the email address she used or is using. Ask them to shut off her email
account and to reply to you.
Western Union or
Money Gram
If you sent money
via Western Union or Money Gram you can contact them by email and supply them
with the information. You have to send a
copy of your receipt. You won’t get your money back but at least you will be
helping to shut down one conduit the scammer used. You can also apply to Fraud
Prevention.
Western Union
official web site: http://www.westernunion.com
Money Gram official web site: http://www.moneygram.com
Money Gram official web site: http://www.moneygram.com
FBI (Federal
Bureau of Investigation)
There's a special
fraud division in the FBI which handles complaints originating from the web.
Although their international activities are limited, they may use foreign law
enforcement to stop cons and scams from the Internet. FBI web site to register an Internet Fraud: http://www.fbi.gov and http://www.ic3.gov
FTC International
Internet Fraud
Formed by the FTC
(Federal Trade Commission), the aim of this organization is resolving
international disputes and allowing Internet users all around the world to file
their complaints in one location. It was specifically designed to apply to
cross-border, international e-commerce disputes. The site will receive the
complaints and give them to civil and criminal fraud fighters in different
countries. You may apply in English, French, German or Spanish. FTC International Internet Fraud official web
site: http://www.econsumer.gov
Her Embassy in
your country
You may contact the
embassy of her native country. You have to send a detailed letter about the
case and ask them to reply. It's better to send a registered letter and include
a stamped envelope with your address on it. Call them some time later after you
sent the letter. Search addresses of
embassies here: http://www.embassyworld.com
Your embassy in
her country
You may contact your
embassy in her native country. Send a detailed letter about the case and ask
them to reply. You can call them some time later after you sent the letter. If
it is a real person her data will be placed on a Black List and, perhaps, if
she travels abroad she will be turned down for a visa to your country. Search addresses of embassies here: http://www.embassyworld.com
Department of
Justice
Department of
Justice site includes information defining Internet fraud, what to do about it,
and where to go to get more information.
Department of Justice official web site: http://www.usdoj.gov
Cybercrime
Another Department
of Justice site dedicated to Internet crimes and fraud. Cybercrime official web site: http://www.cybercrime.gov
Better Business
Bureau
Check here to see if
the Agency you are dealing with might be listed. But this is only for business
inside the US. This is far from a catch-all but a good place to start. This is
also a place to complain about an agency in general, again if they are in the
USA.
Better Business
Bureau official web site: http://www.bbb.org
Rip-Off Reports Place report here: http://www.badbusinessbureau.com
Victim Support
Europe
Victim Support
Europe is a network of 26 non-governmental victim support organizations in 21
European countries, which provide assistance and information to victims of
crime. Victim Support Europe official
web site: http://www.victimsupporteurope.eu
The Economic and
Financial Crimes Commission (EFCC)
Special organization
created in Nigeria to fight 419 and other financial cybercrime.
The Economic and
Financial Crimes Commission (EFCC) official web site: http://www.efccnigeria.org
Junk Email
Resource
Site for dealing
with email scams. Junk Email official
web site: http://www.junkemail.org
4.
Ten Steps To Securing Your Computer's Firewall
[Note Hyperlinks are
included in common text as I understand from numerous Emails received that text
hyperlinks do not copy over in my translation program.]
After installing an
expensive alarm system in his apartment and then getting robbed, Jerry Seinfeld
learned a valuable lesson: no matter how good the security system, if it isn't
used correctly, it is completely ineffective. That lesson holds just as true
when it comes to everyday computer users and their firewalls.
Most computers now
come with a firewall built in, but despite this, the number of computers that
are infected with viruses, worms and other types of malware grows by the day.
One of the biggest reasons why firewalls are not doing their job, is because
many of us have never taken the time to tweak our firewall to make it
effective. This 10 step list will help introduce individuals and small business
owners alike to some very simple ways that they can tweak, supplement, and
support their firewall in order to keep their computer and private information
as secure as possible.
A. INSTALL WINDOWS XP, SERVICE PACK 2, ONTO YOUR
WINDOWS OPERATING SYSTEM
Before you can start
supporting or tweaking your firewall, it is important to make sure you actually
have one installed. Surprisingly, a large number of individuals who believe
they are already protected, have not even taken the most basic step of
installing a free firewall.
If you are using
Microsoft's Windows XP and just assumed that you were protected by a built-in
firewall, you may be wrong. In fact, the standard version of Microsoft's
Windows XP is notoriously vulnerable to worms and viruses precisely because it
has no substantial built-in firewall. In response to the criticisms, Microsoft
created an all-in-one patch (or downloadable add-on) to Windows XP called SP2.
By downloading and installing SP2 onto your computer, you will automatically be
equipped with Windows Security Center, Windows Firewall, a Pop-up blocker for
Internet Explorer, an Email virus scanner for Outlook Express, and a Wireless
Network Security system. [http://www.microsoft.com/windowsxp/sp2/default.mspx]
Given the standard
version of Windows XP's notorious weaknesses against worms and viruses, it is a
necessary first step for all individual and small business users who use
Windows XP to download the all-in-one patch. Make sure, however, to download
the patch directly from Microsoft,
as clever spammers often offer a version on their own sites which are full of
hidden viruses. [http://www.microsoft.com/windowsxp/sp2/default.mspx].
For those
individuals that haven't been using any sort of firewall whatsoever, having SP2
in place is a big step up. Unfortunately, however, the Windows Firewall will
only block attacks that come from the outside, it just presumes that anything
you send out is safe. But, if you have been connecting your computer to the
internet without a firewall in the past, that assumption is probably wrong.
Your computers may already be infected and you simply have no idea. To deal
with this problem you will need to install a 'bidirectional' third-party
firewall. For individuals, there are some good free ones available, including
Zone Labs' ZoneAlarm. If ZoneAlarm does not fit your needs, there are
dozens of other options. Check out PCWorld's firewall review for a few more ideas. [http://www.zonelabs.com/store/content/company/products/znalm/freeDownload.jsp][http://www.pcworld.com/article/id,115939-page,1/article.html?findid=42886#]
Now that we have made sure that you
actually have a firewall in place, it is time to start optimizing it.
B. ENABLE AUTO UPDATES FOR THE
FIREWALL.
New viruses, worms
and other forms of malware are created daily, so it is important that once a
firewall is installed in your personal computer or across your company's
computers, you develop a plan to regularly check for and install new patches
for your firewall. While normally it is a terrible idea to let your computer
download anything without your approval, when it comes to fighting viruses,
there is a whole new set of rules. Because every small business is strapped for
time, the only reliable means of ensuring that your business's firewalls remain
up to date is to setup auto-updates. Once automatic updates are set up, your
firewall will upload the newest patches each time you have them scheduled or
each time you turn off your computer. These updates will enable to firewall to
protect your computer against any new viruses, worms, Trojan horses or bugs
that have been created since the program was last updated.
If you are using the
default Windows XP firewall that you downloaded with the SP2 patch, then you
should simply enable Windows Automatic Updates. This is a program for Windows
that will actually check to see what patches you need, and then suggest that
you download them. Once you are current, the program will frequently check for
new updates and when they are created, it will wait for a time when your computer
is idle, so as not to interrupt your work, and automatically download the new
patch. The setup for Automatic Updates is a simple step-by-step process that will not take more than 15
minutes to complete, even fore the most technically disinclined. [http://www.microsoft.com/athome/security/update/msupdate_keep_current.mspx]
If you decided to
opt for greater protection and downloaded or purchased a 'bidirectional'
firewall you can still setup automatic updates, and typically the process is
very straightforward. If you selected the free version of ZoneAlarm, the setup
instructions are here, otherwise you will simply need to check the
manufacturer’s website for instructions on how to setup auto updates for your
firewall. [http://www.zonelabs.com/store/content/support/zasc/index.jsp?dc=12bms&ctry=US&lang=en&lid=zasupp_c]
C. TWEAKING THE SETTINGS TO YOUR
USAGE
Firewall settings
are designed with the median user in mind. The problem is, none of us is that
mythical 'median' user, so almost everyone will benefit from tweaking the
settings on their firewall.
One of the most
common tweaks is the timing of automatic updates. You enabled automatic updates
to take place because they will keep your firewall updated all the time. But
that can only happen if the 'automatic update' actually happens. For most
firewalls the automatic update is timed to start each night at 3 a.m. If you
typically have your computer off and disconnected from the internet at that
time, however, your firewall will never update. So, make sure to schedule your
updates for a time when the computer is going to be on and connected, but not
in heavy use. If you cannot come up with a time that works for your home or
business, just select an option that the computer notify you when an update is
ready, and then you can decide pick a convenient time that day.
At work, most of us
are focused on getting the job done in the quickest way possible. So if your
employees are having trouble with a pop-up blocker (e.g. it is blocking pop-ups
they need to sign in or fill out a form) often they will just disable the
pop-up blocker rather than spending the time to whitelist that site. Very soon,
you will find that all the computers in your company now have disabled pop-up
blockers, and as a result your firewall has to filter a lot more bad content,
and ultimately your computer is less secure. Rather than have that happen, make
sure to tweak your firewall to allow exceptions, by listing all the trusted sites that
your employees will need to frequently visit throughout their workday. So for
instance, if your employees constantly need to sign in to the company email
provider, which uses a pop-up, make sure that that site is listed in your
'trusted sites' list so that pop-ups can appear. Just adding the five or ten
sites that your employees visit most frequently to the exceptions list, will
stop them from disabling that pop-up blocker, and keep your whole network
safer.
For a hacker to be
effective, he or she needs a way to get information on and off your computer
without you knowing. One of the most common ways they do this is by hiding
their malware inside of a legitimate program, and then directing that
legitimate program to establish a connection between your computer and the
internet. Untweaked firewalls that are left to their default settings can often
do little to prevent this, as the firewall does not know which programs need to
send and receive messages from the internet and which do not. But, by tweaking
the settings of your firewall, you can restrict those of your programs that do
not need to send and receive information from the internet from doing so. One
of the most common steps is to restrict your printer from having access to
anything beyond the local network level. That way, a virus will not be able to
embed itself into your printer software and send and receive information
through that connection. For those programs that do require internet access,
you should consider whether they need to both send and receive information, or
whether they might simply send information. If that is the case, you can toggle
your settings so that that program is restricted to sending outgoing
information, but cannot receive incoming information. While this offers less
protection than a total block, it is certainly better than the default firewall
setting.
D. KEEPING SETTINGS CONSISTENT ACROSS
NETWORKS
In most companies
and homes, individual users access the internet and use their computers in
wildly different ways. Because of these different uses, many individuals and
small companies decide to setup the individual firewalls within a network
differently according to the usage habits of that individual. For example, if a
person accesses a certain site more than the other users, he might authorize
that site to show pop-ups by adding it to his ‘trusted site’ list. And even
more commonly, an individual employee might decide to toggle their firewall
settings to permit Instant Messenger to function without hindrance.
While these sorts of
individualized tweaks can seem harmless, in fact they create different attack
surfaces for each computer throughout the network, so that when a worm or other
malicious program eventually succeeds in breaching the firewall, it is far more
difficult to tell where the firewall vulnerability is located, and thus what
change needs to be made to close up the weakness. This same reasoning also
requires that the firewall administrator not permit different firewall settings
for each connection, or profile, on the computer. Just as individualized
firewall settings on different computers make it difficult to identify where
the firewall weakness is, having different settings for different users within
the same computer make the task of identification nearly impossible.
E. ADD MULTIPLE LAYERS TO YOUR PC AND
SECURITY SYSTEM.
An easy way to think
about a firewall, is that it is a program that creates a sort of shell around
your computer that lets certain types of authorized information pass through
it, while identifying and blocking out other types of code or information that
it recognizes as bad. But for all their advancements, firewalls are and will
always be defensive in nature. That means, that a firewall can only block
malware that humans have coded it to recognize as bad, and that code can only
be created for viruses that already exist and have already infected some
computers.
Because of the
inherent defensive nature of firewalls, they are always fighting an uphill
battle against hackers who are creating new sorts of malware. Thus, to help put
a firewall on equal footing, it must always be supplemented with an aggressive
anti-virus program. Unlike a firewall which tries to form a shell around your
computer, an anti-virus program scans information that has gotten through the
firewall and quarantines then eliminates the malware that it finds. That way,
even if a new virus is quick enough to sneak past your firewall, it will
eventually be rooted out by your anti-virus software, once your software is
updated to recognize the new virus.
In addition to an
anti-virus program, you should also add a pop-up blocker and spam-blocking
software to your company's computers. While these two firewall supplements will
not directly fight against attacks by viruses, worms, and trojan horses, they
will limit the number of these types of malware that your computer faces, and
thus help make your firewall more effective overall.
Because many viruses
are designed specifically for Internet Explorer, it is safer for you or your
company to begin using an alternative internet browser such as Firefox.
Firefox comes with a built-in pop-up blocker and spam blocker that are usually
regarded as better than most off the shelf third party alternatives. So if you
decide to go this route, you won't need add-on spyware or spam blocker
protection. [http://www.mozilla.com/en-US/firefox/].
But if you decide to
use an internet browser besides Internet Explorer or Firefox, it may not come
with a strong pop-up and spam blocker. This means that you will need to
download spam and spyware blocking software, Microsoft offers a free program
entitled Windows Defender, which will alerts you if viruses, Trojan
horses, or worms try to enter your computer and stop them. If you want
protection beyond the off the shelf freebie version, you should consider
acustomized security solution. [http://www.microsoft.com/athome/security/spyware/software/default.mspx]
By supplementing your
firewall with the essential add-ons like a spam blocker, spyware blocker, and
of course, an anti-virus program, you add valuable layers to your malware
protection and better ensure that your computer remains malware free.
F. USE STRONG PASSWORDS
An effective
firewall will shield out almost every attack by a hacker to gain access to your
computer. No matter how effective a firewall, however, it can be rendered
useless if a hacker is able to gain access to your sensitive data through
direct means. For example, anyone can access your wireless network if they have
the correct WEP encryption key. Similarly, a hacker need not breach your
firewall to gain your banking information, if he or she can instead just guess
your password. For these reasons, an essential part of supporting the
effectiveness of your firewall is to use strong passwords.
Remember:
Using a strong password requires four things:
1. Length: One of the simplest methods
that hackers use to obtain sensitive information is to simply start guessing.
The longer a password the more letter and number combinations a hacker will
have to try before he or she can guess a password. Even with a computer program
designed specifically for trying every letter and number combination, most
hackers are quickly frustrated by longer passwords.
2. Structure: Hackers often use a
password stealing method in which a computer program repeatedly tries various
combinations of words out of a dictionary to guess a password. Consequently,
your password should never be a single word found in a dictionary, nor should
it be a combination of two or three words. Instead, your password should always
involve either fake words or word and number combinations.
3. Distinctness: Around the house, no
one uses just one key to open the garage, backdoor, front door, the car, and
their safe. Just as in the physical world, you should never use the same
password for all of your access codes. If a single password holds the key to
all your bank accounts, social security number, personal emails, and work intranet,
then a single correct guess by a hacker will leave you and your company
irreparably harmed.
4. Frequency: Nobody is perfect, and
you should build that assumption in when you consider how often you need to
change your password. Eventually your password information will leak out to
someone. But as long as you change your password frequently enough, you can
minimize the chance that when the information leaks out, it will still be
relevant. The frequency with which you change your password will depend upon
how important the information it protects is, but under no circumstances should
you give your personal password(s) to anyone.
G. A 128-BIT WEP
ENCRYPTION ON YOUR WIRELESS NETWORK
No one would
consider leaving a box of keys to the office laying right outside the office
doors. Yet many individuals and small companies do just that when they fail to
encrypt or password protect their office's wireless network. With an
unencrypted network, anybody can access your network and thus access your
company's computers. Even beginner hackers can then use this access to steal
company information like credit card numbers and passwords, or barrage your
computer with viruses and worms since they have essentially circumvented your
network firewall.
While big companies
need to undertake major steps to protect their wireless networks, for homes and
smaller companies, WEP encryption is an easy and good solution. The most common
WEP encryption is a 128-bit encryption, however, encryptions can range anywhere
from 40-bit to 152-bit. Practically speaking, the higher the number encryption,
the longer the password required to access your wireless network, and thus the
harder to hack into. But if you are worried about performance and speed, there
is very little difference in security between a 64-bit and a 128-bit
encryption, and a 64-bit encryption will require slightly less time to log in
to.
Setting up a WiFi encryption
is very easy to do, and the technology to encrypt comes standard on almost
every commercially available wireless router. If you have not purchased a
wireless router, you should consider D-Link and Linksys, two cheap but reliable systems. If you already
have a Wi-Fi system that is not yet encrypted, just check the website of the
manufacturer for your particular models instructions. Once the WEP is in place,
the network is sealed and only users with the correct WEP can use the network.
H. STANDBY IS
YOUR PC'S BEST FRIEND
A hacker can only
get to your computer remotely if it is accessible to him or her. That is to
say, a hacker cannot remotely place a Trojan horse onto a computer that is not
connected to the Internet. Consequently, one of the easiest ways to reduce your
vulnerability to hackers and thus supplement your firewall's efforts to keep
your computer malware free, is to shut down or change over to standby mode
whenever you are not actively using your computer.
Remember that no
matter how strong you make a firewall or how frequently you update it, a
firewall can never provide perfect protection against malware. But by shutting
the computer down each night and setting the computer to standby mode when not
in use, you can cut your potential exposure to malware like viruses and Trojan
horses by more than half.
I. TEST #1:
LOOKING FOR LEAKS
Having tweaked and
strengthened your firewall by installing certain software and taking certain
preventative steps, you should now feel reasonably secure that your computer's
firewall and overall safety are reasonably strong. But the only way you will
actually know if your firewall is working well is if you do not get infected
with malware. Since that trial by fire method of testing can be so dangerous,
however, a safe alternative is to undergo firewall leak testing. These firewall
leak tests will actually try to bypass your personal firewall and in so doing
actually test the firewall's software filtering, and outbound filtering
capabilities. Because each firewall link test uses slightly different
techniques to try to circumvent your firewall (just like different malware will
use different techniques), it is helpful to run a variety of different leak
tests in order to ensure that your firewall makes the grade. There are a number
of free online versions of firewall leak tests, including Gkweb's Firewall Leak Tester
and Gibson Research Corporation's LeakTest.
J. TEST #2:
CHECKING THE PORTS
A port is not just a
word for the socket that you plug your mouse or keyboard into. Rather, a port
also refers to a special number in a data packet that helps route data to and
from a particular program running on your computer. Ports can either be open,
closed, or filtered. When a port is open, a hacker will be able to use that
opening to gain easy access to your computer. Consequently, it should always be
a goal to keep as few ports open for as short of time as possible.
Therefore, when you
install a new program and find that your firewall is conflicting with it, make
sure to tweak your firewall correctly by selecting a 'program exception' rather
than a 'port exception' to get the program working. A 'program exception' will
open the port only as that particular program needs it opened to function, that
way a port will not remain open unnecessarily. A 'port exception' by contrast,
will leave the entire port in open status.
Because of the
stated security benefits of having ports open only as your programs need then
opened, it is important to know exactly which programs use which ports, so that
you can make sure that no ports are accidentally left permanently open.
Thankfully, there are a number of free port scanners available online that will
tell you the status of your computer's ports. A few of the more well-reputed
are:
Sygate's Online Scan. [http://scan.sygate.com/] An extended
security check that also includes a stealth scan and a trojan scan.
Planet Security's Firewall-Check. [http://www.planet-security.net/index.php?xid=%F7%04T%BDP%92nD]
A fast test that checks currently highly endangered ports.
AuditMyPC's complete port
scanning. [http://www.auditmypc.com/firewall-test.asp]
An in-depth test which will scan all 65,535 of your computer’s ports.
CONCLUSION
While no single
resource can adequately cover everything you need to know about maintaining
your firewall effectively, the ten points introduced in this article should
serve as a basic primer of the deficiencies of many firewalls as well as cover
a few of the ways to upgrade, tweak and supplement your personal or small
businesses’ firewall in order to improve your computer's overall security.
And while no
computer is absolutely secure, at least you will have the advantage of knowing
that you are more secure after reading this article than you were before. -Birdy
