You’ve probably heard that Macs are more secure that Windows PCs. And, in general, that tends to be true. Very few if any viruses are written specifically for macOS. However, only a portion of online security risks come by way of viruses. These days, you’re more likely to get taken in by a web-based scam than an old-fashion computer virus. Anti-virus software isn’t enough to protect you, either: good online security requires good online security habits. If you don’t have good online security habits, it’s never too late to develop them! Fortunately, many of the common sense rules that keep you safe in the real world can also protect you online.
1. Be skeptical
You might think you could never fall for a scam. But it’s even odds that every single person who has ever fallen for an online security scam would say exactly the same thing. Scammers rely on our natural instinct to trust other human beings. By default, we want to trust other people: that’s what the social contract is all about. We believe that people will act in good faith until we are proven wrong. But by the time alarm bells start ringing in your head, there’s a very good chance the scam has already run its course. A popular type of attack, called “social engineering” attacks, rely on exactly this kind of good-faith trust. Of course, you can’t just trust no one. That’s a horrible way to live, firstly, and secondly, trust is necessary for society to function. But a heavy dose of caution and skepticism when dealing with online security and strangers can put an end to many scams before they start.
Double check suspicious information with the supposed source of that information. For example, if you get a surprising and troubling email from your credit card company, make sure it actually came from your card issuer. And don’t use the phone number in the email signature, which may be false. Instead, log on to your credit card’s website and contact them with the information listed there. Be doubly suspicious of unusual communications requiring immediate resolution. There’s absolutely no harm in confirming the source of information before you act on it, even if seems to be apparently urgent.
2. Is it too good to be true?
Always question whether a deal is too good to be true. An unbelievable deal is often unbelievable for a reason: it doesn’t actually exist. In addition to trust, scammers rely on natural greed to access money and credentials. Whether it’s financial scams that promise an outrageous return or Amazon listings for way below the market price, scams often entice us with an unbelievably good deal. It’s astonishingly effective, even when the buyer is protected. For example, an outrageously good deal on Amazon might seems like a win-win: if you don’t actually get the item, your money will be refunded. But by that point, it’s possible the scammer has used your money to turn a profit, or has disappeared from Amazon’s radar. While you’re not out a cent, it’s some serious hassle for literally zero again. And these kind of scams drive up prices for everything, just like petty retail theft.
The same works on a smaller scale, with websites and downloads. Attackers can often sneak malicious software on to your computer by using websites that promise something like free movies or music. While Macs are insulated from these sorts of attacks thanks to their relative unpopularity, the Titanic was “unsinkable” before it sank. Be wary of the programs you download and install and the websites you visit. Improve your online security with this old truism: if a deal is too good to be true, it probably is.
3. Go to the source
Most email-based scams rely on users casually opening email and following the instructions found inside. You expect email to be trustworthy, because the vast majority of emails are. And while this attack might be widespread, raising user awareness, scammers have also become more sophisticated. It requires a sharp eye to spot a fake email message by sight alone. Confirming a fraud often requires a dive into the email’s source code, and few folks are looking that closely. Better to think critically about what the email is asking you to do: this way, you can often avoid scams.
For example, are you being asked to log in to your Google or PayPal account immediately? If so, don’t follow any links in the email. Visit the website by typing the domain in to your browser and logging in that way. If you’re uncertain about the origin or legitimacy of an unexpected email, communicate with the sender to confirm its authenticity. This alone can make a dramatic improvement in your online security.
4. Question “urgent” decisions
Be wary of anyone trying to convince you to take a specific course of action without thinking it over. We can take a distressingly common Western Union scam as an illustrative example. In this con, scammers call individuals and imitate the IRS. They say you owe major back taxes, and they’ve been trying to contact you for ages. To make matters worse, the police are on the way to arrest you right now! But there’s hope: if you pay your back taxes by wire transfer immediately, they call off the cops. Immediately, people’s mind’s race: what happens if I get arrested? What will my children do? Will I lose my job? Of course, this is all lies.
And yet, people have been so taken in by the scam that even when Western Union agents refused to process the payment and assured customers that the caller was fraudulent, panicked customers insisted that they process the wire transfer. Scammers rely on that panic response to get you to follow their lead. Of course, the IRS doesn’t send the cops to arrest you for missing taxes, and they don’t accept money via wire transfer. But if you cultivate a natural attitude of skepticism, you might not be taken in by such a scam.
5. Confirm the other party’s identity
Many scammers are successful because they pose as authority figures or loved ones. Humans are simply less likely to question apparent authorities or those they already trust. Scammers have been known to pose as utility workers and government officials. From this apparent position of power, they’re able to convince their victims to do things they otherwise might not.
Some scams also manipulate the elderly by imitating their children or grandchildren. Using a fake or stolen Facebook account, the scammers contact the grandparents, claiming that their relative is trapped in a foreign country and needs money to gain their freedom. A phone call to the grandchild themselves or their parents will often reveal this scam, but it’s still successful frequently enough to make it worth their while to try it. After all, many grandparents would do anything to help their grandchildren, and scammers are fully aware of this fact.
Honorable Mention: Use Unique Passwords
If you have developed this habit by now, get on it today! If you use unique passwords, you’re never risking important credentials on a single site. Scammers and hackers know that many users reuse passwords. Once they get a password and email combination, they’ll automatically try it out on sites like Facebook, Twitter, LinkedIn, and major bank account and credit card portals. If you want to stay safe, you need to use unique passwords for each and every site you log in to. Using a password manager can help you keep all your passwords straight.
When dealing with strangers online, cultivate an attitude of suspicious. A little caution can go a long way: a teaspoon of prevention is worth a pound of cure, as the saying goes. Confirm the origin and veracity of any unusual claims. By simply being skeptical and cautious, you can often avoid online scams.
You might also like the following posts: