Identity theft follow up

Greetings from SurfSafely.com! If you enjoy reading this newsletter as much as I do writing it, please pass it on to all your friends and family. As always, this newsletter is opt-in only. If you feel you've received it in error, reliable removal instructions are at the bottom.

In this issue:

1) News Bytes
2) Identity theft scam follow up
3) Computer virus watch.

News Bytes:

SurfSafely.com issued a press release this weekend regarding this incident with the San Francisco user conducting his own little identity theft operation and the lack of response I ran into trying to report it to SBC for them to have it shut down. It was not until I located an email address for the San Francisco FBI local office and reported it there that the content was actually taken down. As far as I can tell the content was online since October 28. It took me four days to get this content off line. It should have taken me four minutes! The system is broken. We need to fix it.

Click here to read our press release.

Please consider doing what you can to support our continuing work online to help keep it a safe place for us all by becoming a sponsor.

Back to top.

Identity theft scam follow up.

There's a new trick up their sleeves that identity thieves are using to try and fool users into thinking they have been taken to an authentic URL. It applies only to Microsoft Internet Explorer and it may work only if the user has not changed the default location of the Address Bar, which still probably accounts for 80% or more of all online users. Remember my third tip from a few days ago?:

Next, if there's a link to click on, make sure it actually leads to the site in question. For instance, note this next link http://surfsafely.com/. It says surfsafely.com but if you click it you will actually be taken to safe-pc.co.uk (Don't worry. That's one of mine too). Likewise, in an email I can type what looks like a link to ebay (http://cgi3.ebay.com/) that takes you somewhere else entirely. The key is to examine the actual URL in the browser Address bar. If it starts out with any combination of numbers like http://169.254.67.20/some/clever/subdirectory/name/ or http://cgi.ebay.anyotherdomain.com/some/clever/subdirectory/name/ leave immediately! "You're not in Kansas anymore."

Well, it seems you still have to be careful. The new trick is to paste what looks like the authentic URL over the location where they expect the address bar to be, third line down in the menu bar toward the left side of the browser window. Here's a screen shot to show you how it actually looks.

Notice that there appears to be two address bars? The real one is at the very top because I moved it there to use up otherwise unused space in the browser and make room for the Google toolbar. The fake one rests on top of what should be my Google Toolbar. Fortunately for us, the only way scam artists seem to be able to put this fake address bar up is to force it to the top of all open windows on our desktops. This means if you slide any other open window over the position of the fake address bar, it will still show on top of other window. Here's what it looked like when I did it.

This should never be and it's your cue to leave. (And yes, this is a real scam, Washington Mutual is the actual target and the web pages are still live collecting personal information from individuals. This one is actually being hosted in Taiwan.)

One thing I do like about Outlook Express (the free email client bundled with Internet Explorer) is that before you actually click the link from within an email to go to a web site, it shows you the URL you're about to be taken to in the status bar at the very bottom of the email window BEFORE you actually go there just by hovering the mouse pointer over it. If you use Outlook Express try it now and hover your mouse pointer over this link. By contrast, Microsoft Outlook (The paid version that comes with MS Office) does not offer this feature by default. At least not MS Office 2000 which is what I use. Others versions may. If they do please let me know so I can tell others. If you have Outlook and would rather use Outlook Express there's nothing stopping you. You can migrate and import from Outlook very easily and just pick up where you left off in Outlook Express.

Another solution is to wean yourself away from Microsoft products entirely. They are not affected by these tricks. I recently visited my Mom and, as usual, gave her computer a full system diagnostic. She still uses Netscape Communicator 4.78 to browse and the bundled email client Messenger. At most homes I visit while wearing my Safe-PC hat I uncover hundreds if not thousands of spyware programs, cookies and registry hacks that have installed themselves through Microsoft products over time. They slow your computer down, cause it to crash and are a brazen invasion of privacy. When I ever looked at my Mom's computer and found absolutely no spyware, no registry hacks, no dangerous cookies planted by web sites or email, even my jaw hit the floor! It was so refreshing to sit at a clean machine words cannot even express it. I will again be looking much closer at Microsoft alternatives to browsing and email. Watch for it in the coming months.

One reader just shared a tip with me that she saw on eBay. Rather than clicking a link from within a suspicious email, open a fresh browser window and type in the suggested URL manually. There's no way for a scam artist to spoof it this way. The only down side to this method is some URL's are very long and anything after the / that follows the domain name is caSe SensiTiVe. One wrong keystroke and you've got a "URL not found" message. As for myself, I'll just watch the links carefully.

So that's about it. Watch for the danger signs. Not all but most "identity checks" are really identity theft scams.

Please share these tips with friends and family. The sooner we stop these scam artists the safer we all are.

Computer virus watch.

They're still with us because people still have their heads buried in the sand. Let's keep people talking about this issue. Find out which of YOUR friends and family still do not use an antivirus product and get them to buy one. I hate having to pay to own software to protect myself from a problem I did not create just as much as the next person but that's life.

Don't forget to keep your antivirus software up to date. Get your latest virus updates here:
Microsoft Internet Explorer 5.x patch
Mcafee updates
Norton updates
F-Secure updates
PC-cillin updates

Back to top.

That's news for now.

Be informed,
Be involved,
Be well.

Sincerely,
Mark Brasche
Founder and CEO,
SurfSafely.com

Come visit our growing family of web sites and services
=======================================================
http://surfsafely.com/ Our web directory/portal
http://Safe-PC.net/ Our in-home computer services
http://surfsafety.com/ Our online safety community site
=======================================================