SitNews - Stories in the News - Ketchikan, Alaska


Consumer Issues

'Tis the season for making mischief on the Web
Sacramento Bee


December 08, 2008

'Tis the season for making merry. Or in some cases making mischief, especially on the Web.

Whether you're shopping online or just checking your personal e-mail, don't get financially fooled this holiday season.

"In this economy, when we're all trying to get the most bang for our buck, we're letting down our guard," said Parry Aftab, a privacy attorney and the new family Internet safety adviser for McAfee Inc., a computer security firm.

The hectic holidays, when people are hurrying and hunting for bargains, are especially ripe for online ripoffs, experts say.

How do the scamsters do it? Let us count the ways.

There are the phony FedEx and UPS e-mails, describing a package delivery waiting for you. The fake bank e-mail, warning that your account is overdrawn. The heartfelt appeal -- seemingly from a favorite charity -- asking you to donate as little as $5 by clicking online. Not to mention all the pseudo-shopping sites masquerading as the real thing.

It's what's known as "phishing," posing as a legitimate Web site in order to entice you into entering your credit card, Social Security or bank account numbers. Or they'll lure you into clicking on an e-mailed link, which then unleashes all sorts of nasty spyware and malicious gremlins into your computer.

"It always increases around the holidays, when more people are shopping online," said David Jevans, the San Francisco Bay area-based chairman of the Anti-Phishing Working Group, a consortium of business and law enforcement entities that tracks Internet fraud and scams globally.

Phishing attacks cost U.S. consumers $3.2 billion last year, according to a survey by technology research firm Gartner Inc., which said 3.6 million adults were bilked out of money online, compared with 2.3 million in 2006. The average loss: $886.

Jevans and others say the scammers are getting more sophisticated.

Even holiday-themed greetings and e-cards can be imbedded with peril.

"People think, let's send a friend a cute holiday screen-saver ... but while you're listening to Santa singing 'Jingle Bells,' it's downloading spyware," said Aftab.

Spyware is the malicious coding that can infect your computer, leading to unwanted popups, password and data theft, or the silent use of your computer to send spam.

Aftab said parents should be especially careful as many kids are home from school and busily download lots of Santa screen savers, holiday puzzles and games, or reindeer ringtones.

How to avoid online dangers?

-- First, be sure your computer is loaded with the most up-to-date firewall, anti-virus and anti-spyware software and spam blockers. When your computer system sends a message asking you to download the latest free security update, don't ignore it.

You can also pick up free software, such as Ad Aware, which protects against spyware, or McAfee's Site Advisor, which issues safety ratings on thousands of Web sites.

-- Pay close attention to the Web address of incoming e-mails. A fake message from PayPal, for instance, may change a letter or add a suffix. It could read "PayPlal," with an extra letter included. Or "" with an extra word tossed in.

-- Be wary of friendly-sounding subject lines like "Happy 2008!" or "Christmas Blessings" from odd-looking Web addresses. Don't open any attachments unless you're sure who it's from.

-- If you bank online, log into your account often to check for fraudulent charges.

Among the millions of avid online shoppers is Joanne McNabb of Sacramento, who is also head of California's Office of Privacy Protection.

As a consumer, McNabb hasn't set foot in a shopping mall for the past five holiday seasons, preferring to do all her gift-buying for 25 friends and family members on the Web.

But, she's also well-versed in how to avoid getting ensnared in seasonal scams.

Her advice:

-- As with any brick-and-mortar store, know who you're doing business with. Check the Web address to be sure it's recognizable. Don't click on a link to a store's site; type it yourself to be sure you're on the real Macy's Web site, for example, not a phony one.

-- Be sure there's a "Privacy Policy" at the bottom of the retailer's home page, explaining who it shares your information with. If the privacy policy is not there, take your business elsewhere.

-- Don't use a debit card online. If someone gets access to your card, your bank account could be drained quickly. And, McNabb says, the time frame to report a debit card loss is shorter and the liability limits less generous than with a credit card.

"If you're using a credit card, you're in a very good position. When you get your bill, you can protest any fraudulent transactions," she said.


E-mail The Sacramento Bee's Claudia Buck at cbuck(at)
Distributed to subscribers for publication by
Scripps Howard News Service,


Publish A Letter in SitNews
        Read Letters/Opinions

Contact the Editor

SitNews ©2008
Stories In The News
Ketchikan, Alaska

 Articles & photographs that appear in SitNews may be protected by copyright and may not be reprinted without written permission from and payment of any required fees to the proper sources.