Scan e–mail attachments and programs downloaded from the Internet. Many e–mail programs, such as Yahoo! Mail, automatically scan your attachments before downloading them to your computer. If you receive attachments you aren‘t expecting or from someone you don‘t know, do not open the attachment without scanning it first
As a general rule, never open an attachment unless you are very sure of who sent it and that they meant to send it (remember that if a friend or acquaintance‘s pc is compromised, the virus on their system spreads itself by sending itself to people in their address book!). Be especially wary of attachment extensions such as .bat, .com, .exe, .lnk, .pif, .vbe, .vbs.
Don‘t install unfamiliar programs. Unless you know exactly what a program does and how it will affect your computer, be aware that any installation can be installing a virus as well.
3. I‘ve heard about spammers stealing personal information. How does this happen? Unfortunately, so called “identify theft” has become one of the most common malicious uses of the Internet. Identify thieves most often use a technique called “phishing” with which they attempt to steal consumers‘ personal information, such as passwords, Social Security numbers or credit card information. The technique has been coined “phishing,”
because spammers pose as a trustworthy company or brand, such as Citibank or eBay in order to fish for valuable personal information.
Phishing schemes generally utilize a technique called spoofing where a spammer uses forged email headers to make it appear as though an email is coming from a trusted source, and then asks within for personal information.
Since its emergence onto the Internet crime scene about 18 months ago, phishing quickly has become one of the more widespread and profitable forms of online fraud. Phishing attacks hit an all–time high in May 2004 with nearly 1200 unique attacks reported to the Anti–Phishing Working Group.
However, there is some good news on this front. E–mail providers are currently testing and implementing solutions to help make phishing far more difficult by making email forgery a thing of the past. For example, Yahoo!Mail has implemented DomainKeys, a technological solution that validates the true origin of e–mail messages. The technology is aimed at thwarting spam phishing attacks. Google is currently signing its e–mail with DomainKeys and Earthlink will begin in the near future as well. AOL and Microsoft are supporting solutions known as SPF and Sender ID respectively, to check an e–mail‘s identity through its Internet protocol address.