Looking to protect yourself from fraud, identity theft, and scams? Maybe you’re wondering about the best way to use credit, how to shop for a used car, or maximize your security online.
The Somerville Police Department has information for you during National Consumer Protection Week – March 1-7, 2020 – and any time of the year.
Below are just some recommendations you can take this National Consumer Protection Week 2020.
How to protect your data before you get rid of your computer:
Your personal computer may have a lot of sensitive information on it. That could be financial information like your account numbers or tax returns. Or it could be personal information like email messages or photos. Before you get rid of your old computer, delete your personal information from the hard drive so it doesn’t end up in the hands of an identity thief. Here’s how.
Back Up Your Information
Before you get rid of your old computer, think about what important information you want to save. Do you have photos, videos, or important documents you want to save? How much storage space will you need to save that information?
Knowing what you want to save and how much space you’ll need will help you choose the best solution. Here are some options for saving or backing up your information.
Transfer your files to your new computer. If you bought a new computer, you can transfer information from your old computer to the new one. Most operating system manufacturers have support articles that tell you how to do this.
Save your files to an external storage device. A USB flash drive is an affordable option that offers a moderate amount of storage. Another option is an external hard drive. It might cost a little more than a USB drive, but it can give you more storage capacity and transfer data faster. You can decide which files or folders to back up, and you may be able to schedule automatic backups.
Save your files in the cloud. There are many cloud storage services that let you save files and data online. You may be familiar with some, like Google Drive, Evernote, Dropbox, or iCloud, but there are many others out there. Many of these services come with some free storage space and you can pay for more storage.
Do they have privacy and security settings you can adjust?
When you save your information in the cloud, you’re trusting someone else to keep that information safe. If you’re thinking about using cloud storage, find out what level of privacy or security the different services offer.
Do they use encryption to protect your data?
(Encryption is the process of scrambling the information to hide the contents of the file.) A service that encrypts your data when it’s transmitted to and from the service, or when they store it, provides a higher level of security than one that doesn’t.
Sign Out of Accounts, Disconnect Devices, and Erase Your Hard Drive
After you save your personal information, however you save it, sign out of all your online accounts from the computer you’re getting rid of. Un-pair your computer from Bluetooth devices like a mouse, keyboard, or wireless display.
Then, erase your computer’s hard drive. Look for a program or function on your computer that will let you erase all your files from the hard drive and reset it to factory settings. If it doesn’t have one, look for expert reviews online to see what programs are out there and which ones are compatible with the type of computer and hard drive you have.
Safely Dispose of Your Computer
You’ve saved your personal information and wiped your hard drive clean. Now you’re ready to get rid of that computer. Most computers contain hazardous materials like heavy metals that can contaminate the earth and don’t belong in a landfill. So what are your options? You can recycle or donate your computer.
Computer manufacturers, electronics stores, and other organizations have computer recycling or donation programs. Check out the Environmental Protection Agency's Electronics Donation and Recycling page to learn about recycling or donating your computer.
You saved your personal information. Wiped your hard drive clean. And safely disposed of the old computer. Now learn how to protect your new computer from hackers with these computer security tips.
Malware includes viruses, spyware, and other unwanted software that gets installed on your computer or mobile device without your consent. These programs can cause your device to crash, and can be used to monitor and control your online activity. They also can make your computer vulnerable to viruses and deliver unwanted or inappropriate ads. Criminals use malware to steal personal information, send spam, and commit fraud.
Scam artists try to trick people into clicking on links that will download viruses, spyware, and other unwanted software — often by bundling it with popular free downloads. To reduce your risk of downloading malware:
- Install and update security software, and use a firewall. Set your security software, internet browser, and operating system (like Windows or Mac OS X) to update automatically.
- Don’t change your browser’s security settings. You can minimize "drive-by" or bundled downloads if you keep your browser’s default security settings.
- Pay attention to your browser’s security warnings. Many browsers come with built-in security scanners that warn you before you visit an infected webpage or download a malicious file.
- Instead of clicking on a link in an email, type the URL of a trusted site directly into your browser. Criminals send emails that appear to be from companies you know and trust. The links may look legitimate, but clicking on them could download malware or send you to a scam site.
- Don’t open attachments in emails unless you know who sent it and what it is. Opening the wrong attachment — even if it seems to be from friends or family — can install malware on your computer.
- Get well-known software directly from the source. Sites that offer lots of different browsers, PDF readers, and other popular software for free are more likely to include malware.
- Read each screen when installing new software. If you don’t recognize a program, or are prompted to install additional “bundled” software, decline the additional program or exit the installation process.
- Don’t click on popups or banner ads about your computer’s performance. Scammers insert unwanted software into banner ads that look legitimate, especially ads about your computer’s health. Avoid clicking on these ads if you don’t know the source.
- Scan USBs and other external devices before using them. These devices can be infected with malware, especially if you use them in high traffic places, like photo printing stations or public computers.
- Talk about safe computing. Tell your friends and family that some online actions can put the computer at risk: clicking on pop-ups, downloading "free" games or programs, opening chain emails, or posting personal information.
- Back up your data regularly. Whether it's your taxes, photos, or other documents that are important to you, back up any data that you'd want to keep in case your computer crashes.
Monitor your computer for unusual behavior. Your computer may be infected with malware if it:
- slows down, crashes, or displays repeated error messages
- won't shut down or restart
- serves a barrage of pop-ups
- serves inappropriate ads or ads that interfere with page content
- won’t let you remove unwanted software
- injects ads in places you typically wouldn’t see them, such as government websites
- displays web pages you didn't intend to visit, or sends emails you didn't write
Other warning signs of malware include:
- new and unexpected toolbars or icons in your browser or on your desktop
- unexpected changes in your browser, like using a new default search engine or displaying new tabs you didn’t open
- a sudden or repeated change in your computer's internet home page
- a laptop battery that drains more quickly than it should
Get Rid of Malware
If you suspect there is malware on your computer, take these steps:
- Stop shopping, banking, and doing other online activities that involve user names, passwords, or other sensitive information.
- Update your security software, and then scan your computer for viruses and spyware. Delete anything it identifies as a problem. You may have to restart your computer for the changes to take effect.
- Check your browser to see if it has tools to delete malware or reset the browser to its original settings.
- If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem.
- Many companies — including some affiliated with retail stores — offer tech support. Telephone and online help usually are less expensive, but online search results might not be the best way to find help. Tech support scammers pay to boost their ranking in search results so their websites and phone numbers appear above those of legitimate companies. If you want tech support, look for a company’s contact information on their software package or on your receipt.
If you think your computer has malware, the Federal Trade Commission wants to know. File a complaint at www.ftc.gov/complaint.
Have you ever wondered why some online ads you see are targeted to your tastes and interests? Or how websites remember your preferences from visit-to-visit or device-to-device? The answer may be in the “cookies” – or in other online tracking methods like device fingerprinting and cross-device tracking.
Here are answers to some commonly asked questions about online tracking — how it works and how you can control it.
What is a cookie?
A cookie is information saved by your web browser, the software program you use to visit the web. When you visit a website, the site might store a cookie so it can recognize your device in the future. Later if you return to that site, it can read that cookie to remember you from your last visit. By keeping track of you over time, cookies can be used to customize your browsing experience, or to deliver ads targeted to you.
Who places cookies on the web?
First-party cookies are placed by the site that you visit. They can make your experience on the web more efficient. For example, they help sites remember:
- items in your shopping cart
- your log-in name
- your preferences, like always showing the weather in your home town
- your high game scores.
Third-party cookies are placed by someone other than the site you are on. For example, the website may partner with an advertising network to deliver some of the ads you see. Or they may partner with an analytics company to help understand how people use their site. These “third party” companies also may place cookies in your browser to monitor your behavior over time.
Over time, these companies may develop a detailed history of the types of sites you frequent, and they may use this information to deliver ads tailored to your interests. For example, if an advertising company notices that you read a lot of articles about running, it may show you ads about running shoes – even on an unrelated site you’re visiting for the first time.
Understanding Other Online Tracking
What are Flash cookies?
A Flash cookie is a small file stored on your computer by a website that uses Adobe’s Flash player technology. Flash cookies use Adobe’s Flash player to store information about your online browsing activities. Flash cookies can be used to replace cookies used for tracking and advertising, because they also can store your settings and preferences. Similarly, companies can place unique HTML5 cookies within a browser’s local storage to identify a user over time. When you delete or clear cookies from your browser, you will not necessarily delete the Flash cookies stored on your computer.
What is device fingerprinting?
Device fingerprinting can track devices over time, based on your browser’s configurations and settings. Because each browser is unique, device fingerprinting can identify your device, without using cookies. Since device fingerprinting uses the characteristics of your browser configuration to track you, deleting cookies won’t help.
Device fingerprinting technologies are evolving and can be used to track you on all kinds of internet-connected devices that have browsers, such as smart phones, tablets, laptop and desktop computers.
How does tracking in mobile apps occur?
When you access mobile applications, companies don’t have access to traditional browser cookies to track you over time. Instead, third party advertising and analytics companies use device identifiers — such as Apple iOS’s Identifiers for Advertisers (“IDFA”) and Google Android’s Advertising ID — to monitor the different applications used on a particular device.
Does tracking of other “smart devices” occur?
Yes. More and more, consumer devices, in addition to phones, are capable of being connected online. For example, smart entertainment systems often provide new ways for you to watch TV shows and movies, and also may use technology to monitor what you watch. Look to the settings on your devices to investigate whether you can reset identifiers on the devices or use web interfaces on another device to limit ad tracking.
Controlling Online Tracking
How can I control cookies?
Various browsers have different ways to let you delete cookies or limit the kinds of cookies that can be placed on your computer. When you choose a browser, consider which suits your privacy preferences best.
To check out the settings in a browser, use the ‘Help’ tab or look under ‘Tools’ for settings like ‘Options’ or ‘Privacy.’ From there, you may be able to delete cookies, or control when they can be placed. Some browsers allow add-on software tools to block, delete, or control cookies. And security software often includes options to make cookie control easier. If you delete cookies, companies may not be able to associate you with your past browsing activity. However, they may be able to track you in the future with a new cookie.
If you block cookies entirely, you may limit your browsing experience. For example, you may need to enter information repeatedly, or you might not get personalized content that is meaningful to you. Most browsers’ settings will allow you to block third-party cookies without also disabling first-party cookies.
How can I control Flash cookies and device fingerprinting?
The latest versions of Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer let you control or delete Flash cookies through the browser’s settings. If you use an older version of one of these browsers, upgrade to the most recent version, and set it to update automatically.
If you use a browser that doesn’t let you delete Flash cookies, look at Adobe’s Website Storage Settings panel. There, you can view and delete Flash cookies, and control whether you’ll allow them on your computer.
Like regular cookies, deleting Flash cookies gets rid of the ones on your computer at that moment. Flash cookies can be placed on your computer the next time you visit a website or view an ad unless you block Flash cookies altogether.
How can I control tracking in or across mobile apps?
You can reset the identifiers on your device in the device settings. iOS users can do this by following Settings > Privacy > Advertising > Reset Advertising Identifier. For Android, the path is Google settings > Ads > Reset advertising ID. This control works much like deleting cookies in a browser — the device is harder to associate with past activity, but tracking can start anew using the new advertising identifier.
You also can limit the use of identifiers for ad targeting on your devices. If you turn on this setting, apps are not permitted to use the advertising identifier to serve consumers targeted ads. For iOS, the controls are available through Settings > Privacy > Advertising > Limit Ad Tracking. For Android, Google Settings > Ads > Opt Out of Interest-Based Ads. Although this tool will limit the use of tracking data for targeting ads, companies may still be able to monitor your app usage for other purposes, such as research, measurement, and fraud prevention.
Mobile browsers work much like traditional web browsers, and the tracking technologies and user controls are much the same as for ordinary web browsers, described above.
Mobile applications also may collect your geolocation to share with advertising companies. The latest versions of iOS and Android allow you to limit which particular applications can access your location information.
What is “private browsing”?
Many browsers offer private browsing settings that are meant to let you keep your web activities hidden from other people who use the same computer. With private browsing turned on, your browser won’t retain cookies, your browsing history, search records, or the files you downloaded. Privacy modes aren’t uniform, though; it’s a good idea to check your browser to see what types of data it stores.
But note that cookies used during the private browsing session still can communicate information about your browsing behavior to third parties. So, private browsing may not be effective in stopping third parties from using techniques such as fingerprinting to track your web activity.
What are “opt-out” cookies?
Some websites and advertising networks allow you to set cookies that tell them not to use information about what sites you visit to target ads to you. For example, the Network Advertising Initiative (NAI) and the Digital Advertising Alliance (DAA) offer tools for opting out of targeted advertising — often by placing opt-out cookies. If you delete all cookies, you’ll also delete the cookies that indicate your preference to opt out of targeted ads.
What is “Do Not Track”?
Do Not Track is a setting in most internet browsers that allows you to express your preference not to be tracked across the web. Turning on Do Not Track through your web browser sends a signal to every website you visit that you don’t want to be tracked from site to site. Companies then know your preference. If they have committed to respect your Do Not Track preference, they are legally required to do so. However, most tracking companies today have not committed to honoring users’ Do Not Track preferences.
Can I block online tracking?
Consumers can learn about tracker-blocking browser plugins which block the flow of information from a computer to tracking companies and allow consumers to block ads. They prevent companies from using cookies or fingerprinting to track your internet behavior.
To find tracker-blocking plugins, type “tracker blocker” in your search engine. Then, compare features to decide which tracker blocker is best for you. For example, some of them block tracking by default, while others require you to customize when you’ll block tracking.
Remember that websites that rely on third party tracking companies for measurement or advertising revenue may prevent you from using their site if you have blocking software installed. However, you can still open those sites in a separate browser that doesn’t have blocking enabled, or you can disable blocking on those sites.
Tips for using Public Wi-fi Networks:
Wi-Fi hotspots in coffee shops, libraries, airports, hotels, universities, and other public places are convenient, but often they’re not secure. If you connect to a Wi-Fi network, and send information through websites or mobile apps, it might be accessed by someone else.
To protect your information when using wireless hotspots, send information only to sites that are fully encrypted, and avoid using mobile apps that require personal or financial information.
How Encryption Works
Encryption is the key to keeping your personal information secure online. Encryption scrambles the information you send over the internet into a code so it’s not accessible to others. When you’re using wireless networks, it’s best to send personal information only if it’s encrypted — either by an encrypted website or a secure Wi-Fi network. An encrypted website protects only the information you send to and from that site. A secure wireless network encrypts all the information you send using that network.
How to Tell If a Website is Encrypted
If you send email, share digital photos and videos, use social networks, or bank online, you’re sending personal information over the internet. The information you share is stored on a server — a powerful computer that collects and delivers content. Many websites, like banking sites, use encryption to protect your information as it travels from your computer to their server.
To determine if a website is encrypted, look for https at the start of the web address (the “s” is for secure). Some websites use encryption only on the sign-in page, but if any part of your session isn’t encrypted, your entire account could be vulnerable. Look for https on every page you visit, not just when you sign in.
What About Mobile Apps?
Unlike websites, mobile apps don’t have a visible indicator like https. Researchers have found that many mobile apps don’t encrypt information properly, so it’s a bad idea to use certain types of mobile apps on unsecured Wi-Fi. If you plan to use a mobile app to conduct sensitive transactions — like filing your taxes, shopping with a credit card, or accessing your bank account — use a secure wireless network or your phone’s data network (often referred to as 3G or 4G).
If you must use an unsecured wireless network for transactions, use the company’s mobile website — where you can check for the https at the start of the web address — rather than the company’s mobile app.
Don’t Assume a Wi-Fi Hotspot is Secure
Most Wi-Fi hotspots don’t encrypt the information you send over the internet and aren’t secure. In fact, if a network doesn’t require a WPA or WPA2 password, it’s probably not secure.
If you use an unsecured network to log in to an unencrypted site — or a site that uses encryption only on the sign-in page — other users on the network can see what you see and what you send. They could hijack your session and log in as you. New hacking tools — available for free online — make this easy, even for users with limited technical know-how. Your personal information, private documents, contacts, family photos, and even your login credentials could be up for grabs.
An imposter could use your account to impersonate you and scam people in your contact lists. In addition, a hacker could test your username and password to try to gain access to other websites – including sites that store your financial information.
Protect Your Information When Using Public Wi-Fi
Here’s how you can protect your information when using Wi-Fi:
- When using a hotspot, log in or send personal information only to websites you know are fully encrypted. To be secure, your entire visit to each site should be encrypted – from the time you log in to the site until you log out. If you think you’re logged in to an encrypted site but find yourself on an unencrypted page, log out right away.
- Don’t stay permanently signed in to accounts. When you’ve finished using an account, log out.
- Do not use the same password on different websites. It could give someone who gains access to one of your accounts access to many of your accounts.
- Many web browsers alert users who try to visit fraudulent websites or download malicious programs. Pay attention to these warnings, and keep your browser and security software up-to-date.
- Consider changing the settings on your mobile device so it doesn’t automatically connect to nearby Wi-Fi. That way, you have more control over when and how your device uses public Wi-Fi.
- If you regularly access online accounts through Wi-Fi hotspots, use a virtual private network (VPN). VPNs encrypt traffic between your computer and the internet, even on unsecured networks. You can get a personal VPN account from a VPN service provider. In addition, some organizations create VPNs to provide secure, remote access for their employees. What’s more, VPN options are available for mobile devices; they can encrypt information you send through mobile apps.
- Some Wi-Fi networks use encryption: WEP and WPA are common, but they might not protect you against all hacking programs. WPA2 is the strongest.
- Installing browser add-ons or plug-ins can help. For example, Force-TLS and HTTPS-Everywhere are free Firefox add-ons that force the browser to use encryption on popular websites that usually aren't encrypted. They don’t protect you on all websites — look for https in the URL to know a site is secure.
- Take steps to secure your home wireless network.
Mobile Payment Apps: How to Avoid a scam when you use one
Mobile payment apps can be a convenient way to send and receive money with your smartphone. These apps have become very popular — and scammers may try to use them to steal your money. Find out how mobile payment apps work and how to avoid sending money to a scammer.
How Mobile Payment Apps Work
You may have heard of mobile payment apps like Venmo, Cash App, or Zelle that let you send and receive money through your smartphone. If you haven't used one before, here's how they work.
To use a mobile payment app, you’ll have to create an account. You may have to link your mobile payment account to your bank account or credit card.
Security Tip: Check if you can turn on additional security features on your account. You may want to use multi-factor authentication, create a PIN, or use fingerprint recognition.
Once you set up the account, you may be able to use the app to make payments at some stores.
You can also send money to people you know — just make sure you're sending money to the right person. Double-check their email address, phone number or username.
And people can use the app to pay you. When someone sends you a payment, the money doesn't go to your bank account. Instead, it will appear in your app's account balance. You can then decide what to do with the money. You can
- leave the money in your mobile payment account
- send that money to someone through the app
- transfer the money to your bank account
How to Avoid Sending Money to a Scammer
For years, scammers have been making up all kinds of stories to trick people into sending them money. They may lie to you and say
- you won a prize or a sweepstakes and need to pay some fees to collect it
- a loved one is in trouble and they need you to send money
- you owe taxes to the IRS
- they’re from tech support and need money to fix a problem with your computer
- they're someone who is romantically interested in you and needs some money
Scammers may also tell you to send money through a mobile payment app. If you get an unexpected email or text message that asks you to send money, don't click on any links. Log in to the app to see if you have any requests for money. If you don't, the email or text is probably a phishing scam.
What to Do If You Sent Money to a Scammer
If you sent money to a scammer, report the scam to the mobile payment app and ask them to reverse the transaction right away.
Then, report it to the Federal Trade Commission. When you report a scam, the FTC can use the information to build cases against scammers.