More Dangerous Than Malware?

Category: Security

Most experts writing about computer and Internet security focus on threats found 'out there' in the online sphere, or in the form of malicious hackers with malevolent intentions. The danger is that they will get to you or your computer, and steal or do damage. Most security measures focus on preventing such intrusions. But the greatest threat is not 'out there.' It's much closer than you think. Read on for the answer...

The Biggest Online Threat?

It's YOU, in fact. You are human (no matter what your kids or ex-wife says), and have a human mind (or enough of one to get by). Nothing is more capable of causing, or is more likely to cause you trouble. Yet the mind is seldom the subject of information security articles. This is one of those rare reads.

“It ain't what you don’t know that gets you into trouble,” wrote Mark Twain. “it’s what you know for sure that just ain’t so.” Almost every activity that a human performs, including most of what is supposed to be “knowledge work,” is done unconsciously; motions are gone through with blind faith that they will produce the same results they did last time. No attention is paid to what is right in front of you, in your hands.

That is why people click on links in emails that generally look like they’re from their bank; follow the instructions on what generally looks like their banks’ Web sites; and have their accounts emptied by bandits in some third-world country. Had you been paying attention, you would have noticed that your bank’s emails address you by name, not as “Dear Customer…” You would have remembered that your bank has told you, at the time you opened your account and many times since, that it will never ask you for your account password via email, and that you should always use a bookmark or type in the bank's web address. But busy people do not always pay attention.

The Biggest Threat?

It's why people fall for virtual kidnapping scams, or believe the "Nigerian prince" who promises that if you send him $5000 by wire transfer, he'll give you half of the $15 million lying dormant in a secret bank account. It's why lonely women send money to "international businessmen" they've never met, thinking they are helping to save the life of a dying son who desperately needs an operation. Kind-hearted people, especially the naive, the emotionally vulnerable, or the financially stressed ones, want to believe the best about others, even if it's not rational.

It's why people click into the dark corners of the Internet, or on flashing banners that say "You just won an iPad!" They believe that because they have McAfee or Norton AntiVirus, it will protect them from all possible cyber-threats. Of course, they don't know that viruses can morph and propagate in minutes, but it takes days for antivirus companies to update their malware signature databases. They haven't applied critical Windows security patches, or updated their software in years. Maybe they're just lazy, or too busy. More likely, they've simply decided to trust the claims of the company that sold them the Internet security suite, and pay $79 a year for "peace of mind."

It's why people don't make backups of their data, which might have protected them from the damage that can be caused by human error, hard drive failure, or ransomware attacks.

"You Can Trust Me..."

Trust is the belief that you can predict behavior with an acceptable degree of confidence. It might be the behavior of a person, a computer program, a pet, or a website such as Facebook or LinkedIn. Innumerable people have overestimated their prediction abilities with regard to people, programs, cars, pit bulls, “trusted service providers” and “trusted partners.”

When you decide not to use two-factor identification on websites that offer that option, you expose your account to compromise when data breaches reveal your username and password. It's happened to online department stores, banks, hotels, airlines, health insurance companies, and others that failed to protect your privacy and personal information.

When you answer seemingly harmless questions on Facebook quizzes, you willingly tell Facebook (and the app creator) about the books and music you like, your favorite color, your pet's name, the movies you've watched, and your favorite TV shows. That just might be enough to help a scammer figure out the answers to your password recovery questions.

When you link your profile to all of your family, friends and business acquaintances; it's Facebook using you for free to fill in the blanks of their highly marketable dossiers on over a billion people. Why believe that? Because that is how Facebook has behaved from the beginning, if you have paid attention. Mark Zuckerberg started Facebook by stealing copyrighted information and publishing people’s personal information without their permission. Of course, he and his official biographer don’t see it that way, but that is what history shows. Do not trust a person or a corporation to do other than what it has done in the past, despite what the legalese in the Privacy Policy says.

The three “A’s” of security are: Attention, Adaptation, and Action. Pay Attention to what is right in front of you. Adapt your Action to new or changed external behavior. Don't blindly trust your antivirus software, your 12-digit password, or your hard drive. Don't click when you see “Dear Customer…", or when you know in your gut that something smells fishy. Are you paying Attention to me? Your thoughts on this topic are welcome! Post your comment or question below...

 
Ask Your Computer or Internet Question

 
  (Enter your question in the box above.)

It's Guaranteed to Make You Smarter...

AskBob Updates: Boost your Internet IQ & solve computer problems.
Get your FREE Subscription!


Email:

Check out other articles in this category:



Link to this article from your site or blog. Just copy and paste from this box:

This article was posted by on 28 Oct 2019


For Fun: Buy Bob a Snickers.

Prev Article:
Does My Email or IP Address Expose my Physical Location?

The Top Twenty
Next Article:
Can a Virus Really Destroy a Hard Drive?

Most recent comments on "More Dangerous Than Malware?"

Posted by:

PoppyJon
28 Oct 2019

One of your Greatest articles ever! If, I walked up to you on the street and asked for you name, address, you would think me TOO forward and so no. Yet, every day on line most surrender their vital info. on Facebook, twitter, Ancestory etc,. Just bought a new cell, can't use it unless I have a Google acct, a Samsung acct, must agree to long Privacy policies, unfair, not right, But you have already giving up my rights by agreeing to this nonsence. I don't have a Facebook acct,twitter, don't Google and don't miss it, don't need it either. Mark Zuckerberg, welcome all suckers, I made Billions off of you!
\


Posted by:

Mike
28 Oct 2019

Before considering clicking anything new, I always follow the adage, "You don't get something for nothing."


Posted by:

hifi5000
28 Oct 2019

A few weeks ago, I got a e-mail request from my credit card company to update my financial information.I guess they wanted to update my sources of income.I got suspicious as I have been a customer of theirs for over 30 years and they have never asked for this kind of info before.I haven't seen any messages on my monthly bill to do this.I think I will wait until they send me an official letter for this information.


Posted by:

Cold City
28 Oct 2019

Thanks for the reminders! I hate the use of Facebook. It is as if one had to give out personal info to the owner of a mall to get in a store.
And many small companies have only Facebook as a way to get noticed on the Internet. So I made a fake account with minimal info just to be able to see the whole picture.


Posted by:

Lon Johnson
28 Oct 2019

Re
Your 'provocative' observations that go with the invaluable tech advice always make your columns a treat!


Posted by:

Laurie
28 Oct 2019

One of the unfortunate “niceties” in our society is the belief that it is rude to not trust, even when we hardly know someone. This ties in with the belief that most people are good. Therefore, if I am feeling hesitant about trusting this person, it’s probably just me overreacting. People often feel guilty about not offering the benefit of the doubt to someone they’re getting to know, because it is ingrained that not doing so shows a lack of graciousness and is rude and paranoid.

There are other emotions that scammers evoke in order to manipulate potential victims, such as fear leading to a sense of urgency, but I think that the belief that it is rude not to trust is often overlooked and needs to be re-evaluated in our society. It needs to be used with a heavy dose of step back discernment.


Posted by:

Lon Johnson
28 Oct 2019

Hmmm - I don't know why it was omitted from my just prior post, but I wish that had included the 'take-away' from your article here that - Re You are human (no matter what your kids or ex-wife says)


Posted by:

RandiO
28 Oct 2019

Kudos to the Philosopher Rankin for being able to nicely segue from the topic of human subconscious' weaknesses (apathy, gullibility, maybe even innocence) into the topic of clicking email' links.
Long ago, I came to the conclusion that our definition of the word "Trust" lacks the most important part: I would like to nominate this human vice as the "8th Deadly Sin". It is a purely egotistical vice which serves no one else but the user. Simplest 2 examples are that we all "Trust" some driver hidden from view behind the windshield of oncoming 2-tons hurdling few inches from us at 55MPH… yet we lose our "Trust' if our mate is infidel.
"Trusted (and/or Secure) Computing" becomes almost an oxymoron as everything is as secure as it could be until it no longer is and "Trust" has zero butterfly effect to it.


Posted by:

Gloria Huffman
28 Oct 2019

Bob, George Gilder says block chain technology is going to usher in a new tech world that eliminates the inherent insecurities in our current system of usernames and passwords. We'll have just one key. What do you say about this?


Posted by:

bobd
28 Oct 2019

To hifi500, today:
Re: "...e-mail request from my credit card company to update my financial information..."
I suspect the credit card company knows more about your finances than you do.


Posted by:

bobd
28 Oct 2019

Sometime around 1977 I read an article somewhere that noted we judge others by ourselves.
No wonder decent people get scammed.


Posted by:

Zoli
28 Oct 2019

Great reminder of our fallibilities - either conscious or unconscious. As PT Barnum was quoted as saying "There is a sucker born every minute" although the estimate now is about 4.3 per second worldwide.


Posted by:

Daniel Wiener
28 Oct 2019

For over ten years now I have been collecting "Nigerian Prince"-style emails, and I currently have 821 of them saved in my Scam folder. Some are amazingly clever and quite amusing. A few years ago I printed out a selection of the best and gave them as Hannukah gifts to my relatives, on the theory that at least one of those offers might pan out and make that relative a multi-millionaire. (I can't help it, I'm just such a generous person.)


Posted by:

bb
28 Oct 2019

Gloria Huffman: Technically it is feasible, but 'Blockchain' has nothing to do with it.

Imagine if every person is given a magic number (call it a key) that they know and *never* tell anyone. There is a corresponding key which is public that anybody or everybody can know. One can use that secret (call it "private") key to identify themselves WITHOUT EVER REVEALING THAT SECRET KEY.

It's called PKI (Public Key Infrastructure) and we use it every day in httpS.

But assigning numbers (much less *secret* numbers) to people is not the American way. Besides, people can't remember passwords, how could they remember a 256-bit secret key that should *never* be revealed or known to anyone else except the owner.

We understand passwords, we don't understand PKI. And because people don't understand it, they will not trust it. Plus, the gubbermint would probably insist on a copy of our secret key just to "protect" it.

As Mark Twain reputatively said, "Three people can keep a secret if two are dead."


Posted by:

Elizabeth Perilloux
28 Oct 2019

Your sage advice has saved me on the computer more than once in the past years. Recently I received 3 "unusual" emails within 24 hours: one from FedEx re "something I was expect" - I had not ordered anything; from my Bank advising that they had uncovered something wrong with my account; and another that was so obvious I deleted to spam immediately - as I did to the supposed FedEx email as soon as I reviewed my internet order log. And finally I called my bank to look at my accounts for possible fraudulent activity - none so I deleted this to spam also. Have received phishing emails as well as texts. So, folks. Listen to Bob. His counsel is good.


Posted by:

Egbok
29 Oct 2019

My ISP sent me an e-mail asking me to click on a link to clear up a problem. The misspelling, grammatical errors and words run together were a dead giveaway. Seems as though they could have at lest used spellcheck. And yes, I do pay attention. Thanks.


Posted by:

MmeMoxie
29 Oct 2019

Oh my heavens, great article, Bob! All of us need reminders of the "ills" of the Internet, and especially Facebook! Sorry, but Facebook is even worse than having a Google account or G Mail account.


Yes, both of those resources are exactly that ... RESOURCES for them to generate MONEY!!! I have multiple methods or programs to help me, as best I can to do what I need to do with my computer.


Smartphones are one of the worse in getting information about you and yours! Don't ever kid yourself that using a Smartphone is safe by any means. If, it isn't the smartphone, it is your Wi-Fi Server be it AT&T, Verizon, Cricket, PC Metro and so on, that is out to get as much information on you, as possible.


Basically, it all started with the major telephone companies, long before the internet. They were selling telephone numbers to the highest bidders, as fast as they could to stay ahead of all the building of the telephone grid. They even sold Private Phone Numbers that everyone paid for to have, so no one would bother them!!! All to random buyers for money, period end of quote.


I know how to protect myself, but even then bad stuff can sneak up on you, without even knowing how it did!!! It has even happened to Bob. It has happened to me, as well. No one plans on this happening, it that the "evil" people learn new ways and methods to get what they want.


I have learned over the years to pay heed to Bob's warnings and use many programs to help me stay as safe as I can. I use Malwarebytes, Unchecky, Last Pass or Roboform, WiFi Guard, CCleaner, Revo Uninstaller, PrivaZer, and so on. I learned about Glary Utilities on my own, due to reading from excellent resources. All the programs that I mentioned above, I use to this day and am VERY glad that I do. They have saved me a lot of heartache, especially in having to completely wiping my Hard Drive totally clean and starting ALL OVER, again!!!


I am using Bitdefender Total Security, my Anti-Virus/Malware program, but I know that program, as good as it is, can NOT protect my equipment alone. I need the others to help.


What I do love about Bob, he not only teaches, but listens as well. When, someone on his mailing list shares something new, he is checking it out and testing it, to be sure it is safe and can either suggest it or recommend it. Now, in MY book ... That is a very special teacher and Bob fits that bill to the T.


There are so many kudos that I can pay to Bob, for the past 22 years of my computer, and his continual newsletters to help me not only become the computer geek that I am today, but a well protected one.


Posted by:

Wolfgang
29 Oct 2019

Almost all the articles are good; however, this article is outstandingly good. Yes! It is vital to be aware, awake, and attentive to the cons, hucksters, fakers, scammers, spammers, and criminals out there. They can take so many forms, being individuals, organizations, and even governments.

This is why I constantly make certain that I have 30 years of work backed up in several locations, including a cloud backup. I use different e-mail accounts for different things, and I do shut down "old" accounts and open up new accounts from time to time. I use strong passwords, which I change frequently. For institutions, such as banks, state retirement accounts, 401K accounts, and so forth, I have those bookmarked, and I utilize 2-step authentication, when allowed. I use many of the protective software packages, which Bob recommends, and I make certain that it is constantly updated. When it comes to e-mail, I follow a rule: If it is too good to be true, then it is NOT true! It is also good to use different browsers for different things, using privacy settings, such as NOT accepting 3rd party cookies. If thus causes a problem with loading the website, then I will NOT waste my time with that site, as something may be fishy. Unfortunately, this is the way things are, where things are not trustworthy until proven trustworthy. Mindfulness of one's internet activity is essential!

Thank you for this excellent article!


Posted by:

NB
29 Oct 2019

Trust is something you earn.


Post your Comments, Questions or Suggestions

*     *     (* = Required field)

    (Your email address will not be published)
(you may use HTML tags for style)

YES... spelling, punctuation, grammar and proper use of UPPER/lower case are important! Comments of a political nature are discouraged. Please limit your remarks to 3-4 paragraphs. If you want to see your comment posted, pay attention to these items.

All comments are reviewed, and may be edited or removed at the discretion of the moderator.

NOTE: Please, post comments on this article ONLY.
If you want to ask a question click here.


Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter

Copyright © 2005 - Bob Rankin - All Rights Reserved
About Us     Privacy Policy     RSS/XML


Article information: AskBobRankin -- More Dangerous Than Malware? (Posted: 28 Oct 2019)
Source: https://askbobrankin.com/more_dangerous_than_malware.html
Copyright © 2005 - Bob Rankin - All Rights Reserved