Wednesday, April 18, 2007

Basics of security and protecting yourself online

Internet security, identity theft and fraud have become major issues recently as more people globally obtain access to the Internet. With the decrease in barriers to entry, i.e. lower webhosting costs, widespread highspeed and wireless Internet access, and website contruction software that truly enables anyone to create a website, the online players and number of new websites are increasing exponentially. With this increase comes a flood of new websites from countries around the world with various languages and business and regulatory environments. The question for the Internet user becomes, which of these websites can be trusted when making online purchases and revealing personal information to an unknown party?

Online fraud in auctions, advance fee fraud and romance scams, lottery and phishing emails, credit card and identity theft totalled well over $2B USD in 2006. The number is expected to increase in 2007 despite efforts to curb the trend. Criminals carry out the operations from countries all over the world, but many work from Internet cafes in corrupt countries like Nigeria, South Africa and Ghana. The truth is, however, nearly all countries in the world have criminals involved in this new crime. It is estimated that over 60% of all Internet users express privacy and trust concerns when shopping or providing personal information over the web, or over 1 billion people worldwide. How can you protect yourself from this growing crime? We provide some safety tips.

Search the Web for reviews, posts and information.

By searching Google and Yahoo for the company or website name, chances are excellent you can find reviews or at least comments from other users and customers. If not, try searching the Rip Off Report to see if the company has had a history of complaints. Sill no information? Try using Yahoo Answers to ask if anyone has any information on the site. If after these attempts little or no information is known about the site, chances are the website is new or a very small operation. In other words, the risk is higher as the company or website has yet to establish its brand and online reputation. Next, a look at the actual site.

Look for privacy policies and privacy associations.

The first step when judging an unknown website should be viewing its privacy policy. If the site has no privacy policy, consider it a questionable operation and move on. Reading the entire privacy policy and legal verbage isn't necessay, but do scan the document to see if the site or company appears to take privacy matters seriously. Truste is a non-profit group which offers its website seal to those sites which comply with their strict standards. If the website in question has this seal, chances are the website and or company takes the matter seriously with adequate steps to inform site visitors and protect your private information.

Check for security seals on the site like Hacker Safe.

If a website has a major security seal such as ScanAlert's Hacker Safe seal, visitors to that site know that the company or website has taken steps to protect users and customers from credit card fraud and identity theft. Although there are no guarantees, there is no comparison between a site with such a security seal and one without this safeguard. The Hacker Safe seal indicates the site is scanned daily to ensure the site meets strict security standards of secure website design and server applications.

Demand site encryption for personal information.

To protect personal information trasmission, such as credit card payments or home telephone and address data, a well designed and safe Internet website should have SSL (Secure Socket Layer) encryption of at least 128 bit. What does this mean? This indicates the website uses technology which ecrypts your personal data when being trasmitted from the website to its servers, and is therefore extremely difficult to intercept or steal. A major company offering this service is VeriSign and having the seal indicates that the site, or portions of the site are encrypted. There are many competitors, however, and as long as the yellow lock shows on the bottom right hand side of the browser, visitors to a website know that such a site page is being encrypted.

A website example of how it all looks and works.

Wymoo International makes a good case presentation of how all these elements come together to protect website visitors and customers. These same principles that a website is properly designed and maintained, however, can and should be applied to other websites when the choice is being made to do business via a website, or even to supply basic personal information. From viewing Wymoo's home page, we see on the bottom left hand corner the Hacker Safe and Truste seals. By clicking on either seal, visitors and potential customers can verify that the site is in current compliance with each online security group. On Wymoo's Free Quote page, visitors again see the Hacker Safe and Truste seals, but on the bottom right of the browser, there is the yellow lock indicating the page is encrypted. Also on the page are links to the privacy and data security policy. This is a good example of what to look for in quality e-commerce websites.

Lastly, there is no way to ensure 100% safety while shopping or providing personal information on the Internet. There are many steps you can take to judge whether or not the website is legitimate and offers protection from identity theft and credit card fraud. Research the company or website reputation on Yahoo and Google. Look for security and privacy seals such as HackerSafe and Truste. Check for website encryption (the yellow lock) on pages where you submit your private information. Lastly, make payments with a major credit card. In the event of fraud, your credit card company may reverse the charge.

Play it safe,

A. Hathaway
Different Themes
Posted by the Investigators

This copyrighted article was written and published by the editor and site author, A. Hathaway, or other guest private investigator, expert or contributor as noted.