Hack Attack—Breaching Your Online Information

June 2014 View more

iStock_000037747788LargeYears ago, I routinely made online purchases with my debit card until a friend’s bank account was breached by doing the same thing. It wasn’t until her debit card was denied for a sizeable purchase—though she was confident she had adequate funds in the bank—that she tracked it back to an online debit card purchase. Someone had hacked her computer and found the debit card information. I asked my bank for a new debit account number and vowed never again to use it for online purchases.

Online Shopping

We’re all savvy enough to avoid shopping on a website unless we know the purchase is encrypted and secure. That is often times signified by the locked padlock or URL address starting with HTTPS or SHTTP. Regardless, it’s best to avoid opening Pandora’s box by using debit cards for online purchases. Instead use one, and only one, traditional credit card, with a credit limit, for online purchases. A singular statement makes it simple to ferret out any surprises or unauthorized purchases.

Easy Access To Your Information

My friend’s debit card purchase predicament could have been worse. If cybercriminals had located her birthday and social security number, they could have used the information to set up bank accounts, a driver’s license, mortgage or even medical care.

Impossible? Take a look at Facebook and see how many friends list their birthday. Even if you leave out the year, smart crooks could piece together your graduation date and figure out a birth year.

Social security number? How many times have you complied when asked to supply your social security number when there is really no good reason to do so? For example at the doctor’s office, your kid’s school, summer camps, etc.? Recently, I went shopping inadvertently leaving my store credit card at home. The charge purchase required me to input my social security number to make sure it matched the store’s records.

Mobile Insecurity

Clearly, we’re living in a mobile device world where our computer devices are running and connected to the Internet 24/7. Wi-Fi access allows us flexibility, but this constant connectivity allows criminals to more easily install malware. Free software is available but sometimes you’ll want more security. In January, PC World released its security software reviews at www.pcworld.com/reviews/software-security/

If you insist on living fast and loose in the Wi-Fi universe, password protect your Wi-Fi access and avoid conducting personal business on public Wi-Fi, like the library, the airport, or your local coffee shop. And log out after making a purchase.

If you still insist, the online site Techlicious offers a few valuable tips:

  • Before connecting to Wi-Fi, know whose network you’re connecting to. If you’re not sure what the public network is, ask before connecting.
  • Make sure your computer or smart phone isn’t set up to automatically connect to unknown Wi-Fi networks.
  • Connect to websites via HTTPS, which encrypts anything you send and receive from the website. While a VPN service encrypts everything you send, HTTPS ensures that communication to and from a website is secur
  • To encrypt data you send, use a VPN service. Anyone trying to steal your data will see only encrypted data that they can’t get into.
  • Use two-factor authentication which requires both a password and a secondary code that changes regularly, for websites. This makes it very difficult for hackers to get at your accounts because even if they can get your password, they won’t have the secondary code.
  • Make sure your computer isn’t configured to share access to files. It may be convenient to use a folder shared with other members of your house, but that’s less safe when you’re connecting to public Wi-Fi.