Dave Aitel wants to beat identity thieves at their own game.
Aitel is a cybersecurity expert, a former computer scientist for the National Security Agency and a self-described “ethical hacker” who specializes in helping businesses determine security risks in their computer systems. He’s also the co-author of “The Hacker’s Handbook.”
According to Aitel, identity theft and credit card fraud occur more often than most people realize, and the problems are getting worse.
“The criminals have gotten a lot smarter,” he said in an interview. “Gangs and organized crime are now doing identity theft.”
No one is bulletproof, including kids who have grown up with computers, said Aitel, the chief executive of the security firm Immunity Inc. in Miami.
Keep that perspective in mind if you’re planning on shopping online this holiday season or letting your kids roam on shopping sites. Some analysts predict this will be another record year for online sales, but that also means consumers may be more at risk from thieves trying to suck up your personal information and credit card account numbers.
Here are some of the online and smartphone scams Aitel says to watch out for:
• Clickjacking. This is a popular Facebook scam. Basically, it occurs when malicious software, or malware, is embedded into a website and makes your Internet browser display bogus Web pages without your knowledge. All the while a thief could be mining your personal information.
• Smishing. You’re probably familiar with Ponzi schemes, Nigerian money transfer scams and maybe even phishing. Add smishing to the list. This trick uses text messages on cellphones to trick you into providing personal information about your credit card or bank account.
In one variation of this scam, you receive a text from what appears to be a legitimate source with an urgent message contained in an attachment that your bank account has been frozen. The attachment downloads a virus that allows fraud artists access to everything on your phone.
• Drive-by downloads. Imagine visiting a website that downloads and installs malware on your computer without your knowledge. The idea is to record what you type and view and to search your computer for stored passwords and more.
These high-tech threats can cost you a lot of time and aggravation. But the real cost could involve having your personal information compromised.
“You just can’t have a bad day,” said Aitel. “It can cost you a lot of money.”
How can you protect yourself?
Aitel recommends using credit cards rather than debit cards when shopping online. That’s because the loss restrictions on debit cards are not as good as on credit cards.
In addition, take some basic online precautions such as installing anti-malware software, subscribing to a security feature called VPN (short for virtual private network) and protecting your passwords with upgraded authentication services.
Finally, keep in mind that online scam shopping sites abound during the holiday season, so it’s best to stick with familiar names. Put a big red flag next to that tip.