Weekly winners June 19: real adventures in internet security

It’s Friday (June 19) during National Internet Safety Month, so we’re announcing the next winners of the Real Adventures in Internet Security Bundle Giveaway Event. A big ‘Thank You!’ to everyone who submitted an entry. What a great response with so many of you writing to us about your online security experiences. Keep the entries coming for a chance to win a bundle of software security titles!

Read on to check out the stories from this week’s winners.

sp_security-NISM-fb

Submit your entry to [email protected] during June for your chance to receive one of 10 super security bundles that includes a VPN, anti-virus, online backup, anti-keylogger, parental control app, PC optimizer, encryption software and, of course, Sticky Password.

Top learning moments of the week ending Friday, June 19

With many thoughtful entries, it was hard to decide what ‘learning moments’ to focus on this week, but the theme that struck a chord for us was the role that we each play in our own safety.

Steve told us about unexpected activities taking place on his PayPal and eBay accounts. If he hadn’t noticed that something was out of the ordinary, it could have cost him more than the time and aggravation to stop the situation from getting out of control. Here’s Steve to tell us what happened:

Having been a regular user of PayPal for many years I suddenly acquired a ‘second buyer’. Incredibly for ‘security reasons’ PayPal could not give me details of who this was. Needless to say I closed my account and have never used PayPal again.

More from Steve:

I received notification from EBay that I was no longer the highest bidder on a car!!!! I accessed my account and changed my password. I immediately received notification from EBay that my password was changed. Within ten minutes I received further notification that my password had been changed AGAIN. This happened twice more.

I contacted EBay (great customer service by the way) who blocked transactions and talked me through closing my account. Again I have not used EBay since.

Andy told us about his mother getting an alarming phone call from her bank asking about a large payment that had been made from her account. We’ll let Andy tell the story:

Quite a few years ago my mother got a call from her bank asking if she had made a payment for £1500. She said “NO I HAVENT”, with panic in her voice.

The man on the phone said not to worry, and for her to just go to the bank and they will explain everything. She went into bank next day and it was true someone had got into her accounts and transferred £1000 from one of her accounts to her current account, and then transferred £1500 from her current account to another bank. Luckily, they managed to recover the money for her.

She does online banking, so I did a full diagnosis of her PC. I found a key logger, so I reformatted her PC with a full reinstall, and most importantly I had recently found out about sticky password, so I installed that, so she never has to type another password again. She has now been banking, etc online for many years with not one problem.

The takeaways:

  • Know what’s ‘normal’. Whether it’s an online account, a program on your PC, or an app on a mobile device, YOU NEED TO KNOW what you can expect when everything is OK. Only then can you know when something suspicious is going on.
  • Be aware! (Cue to Billy Connolly’s outrageously funny joke about the spiders in Australia) YOU need to pay attention to what is going on with your accounts, and on your devices. It’s not enough that you’ve installed great programs on your PC – you need to know what they are telling you, and how to use them.
  • Don’t count on the vendor to recognize that something is wrong. We can be certain that neither PayPal nor eBay wanted anything bad to happen to Steve, but how could they recognize that a new setting or transaction wasn’t legitimate? Yes, lots of vendors (e.g. credit card companies) track ‘unusual activity’ on accounts, but not all breaches will register as unusual in the algorithms they use. Andy’s mom was lucky that she received the call, and was aware of charges that she had made. YOU have to review your statements (online or paper) and make sure that you know your settings.
  • Take action. The key to taking action is to keep your head and act quickly. Who knows what would have happened if Steve had waited even a few days when he discovered the unexpected activity in his accounts?! Maybe the money in his accounts would have been stolen, or used for unauthorized purchases. Maybe something worse… Taking action usually means talking to the vendor. As we’ve said many times, banks and vendors want to hear from you. They’d much rather work with you to discover that there’s nothing wrong with your account, than to have to deal with a breach after it’s too late. Andy’s mom was lucky that the transfer was able to be reversed..
  • Exercise your options! The first thing Steve did was to make sure that there would be no surprises on his watch – i.e. he STOPPED the suspicious activities at each vendor. Then, when he was out of immediate danger, he decided that the best thing for him was to close the accounts. In many cases, you’ll have other options (e.g. switching to another credit card company), but sometimes the best option for you really is to close an account. To be clear, sometimes online security means that you cut off a channel of possible danger to your finances, your identity, etc.

And Jim told us that he uses “Sticky Password’s password generator for everything: account id’s, passwords (of course), answers to security questions, server “who is” prompts – anything where somebody is going to record something to identify me or the site where I’m connecting.

It’s not so much that I’m a target as it is that I just like to think I’m doing all I can to thwart the bad-guys.

Jim doesn’t think he’s a target, but he tells us that “a little paranoia never hurts.” We’re not sure why, but by exercising even basic online security these days, many people think they are being paranoid. The fact is that – large or small – everyone is a target for hackers! So, you can call it paranoia if you like, but we think an attitude of better safe than sorry is the way to go with personal security!

Thank you, Steve, Andy and Jim. We hope you get the most out of your security bundles!

Send your security experience to [email protected] and help others by anonymously sharing your experiences and learning moments, and you may receive one of 10 super security bundles valued at over $330.

*All quotes and personal mentions made with the permission of each individual referenced herein.