7 Tips For Keeping Cyberswindlers Off Your Computer

David Evison/Shutterstock
By Fredricka Ransome

Joan Harwood, treasurer of Dartmouth Fire District No. 3 in Massachusetts, handles an annual budget of about $1 million. While doing some routine online banking for the firehouse in 2010, she discovered that $375,000 was missing from the account.

It turned out that her computer had been infected with a malicious computer program, Zeus Trojan, that enabled hackers to access the account and steal the money. Zeus spies on keyboards and captures keystrokes to swipe usernames and passwords.

Harwood was far from Zeus Trojan's only victim. Using the malware, a cybercrime ring operating out of Russia made off with more than $70 million from online bank accounts.

Cybercrime -- which ranges from bank account hacking to phishing (in which fraudulent emails are sent with the aim of obtaining data or cash from the recipient) -- is vast. According to the Internet Crime Complaint Center, consumers lost more than $525 million to cybercrimes last year -- an 8.3 percent rise from 2011.

A study by McAfee and the Center for Strategic and International Studies estimates that the cost of cybercrime may exceed $100 billion a year. While hackers hone their craft of manipulating computer users, Michael Kaiser, the executive director of the National Cyber Security Alliance, provides seven ways consumers can protect themselves.

1. Maintain a clean machine.

Keep any device connected to the Internet free of malware infections. Make sure you're running up-to-date security software, operating systems and applications -- important, because application updates often include security advances.

2. Have long, strong, unique passwords.

Create a password you can remember but that's difficult for others to guess. Lock your mobile devices and tablets. Thirty percent to half of users have not enabled a password or PIN on their mobile devices.

3. Avoid social engineering.

When in doubt, throw it out. An antenna should go up if a pop-up threatens you to act immediately or else. Do not click!

4. Censor yourself on social networks.

How much of your data is public? What do you post about yourself -- location, habits, plans? Disclosing where you're taking your vacation or turning on the tracker enables identity theft. %VIRTUAL-article-sponsoredlinks%In addition, be mindful of what you post online about others. We sit on vast amounts of data concerning family, friends and colleagues. Be a good steward of that information.

5. Use secure websites.

There are simple ways to ensure that a website is secure. Make sure the URL begins with "https," as such sites encrypt log-in information before sending it to the server, thus keeping it safe from hackers. You also can check for an icon that looks like a lock somewhere in the browser window.

6. Back up your files.

Ransomware -- a malware that places restrictions on a computer that can be lifted only when payment is made -- is one of the latest developments in hacking. For example, CryptoLocker scrambles files with essentially unbreakable encryption and demands a ransom to retrieve them. Backing up files on an external hard drive will help keep them safe, even if those on a computer are deleted.

7. Isolate financials.

The best way to ensure that online accounts are safe is to have a separate computer that's used only for banking. An alternative for the average person is to ask about which security services your bank offers, such as multifactor authentication.

More from CNBC:

You Thought You Were Safe? The Myths and Realities of Your Online Security
See Gallery
7 Tips For Keeping Cyberswindlers Off Your Computer
For years, security professionals have emphasized the importance of shredding your personal documents before you throw them out. But Holland notes that shredding isn't as much of a priority as it used to be. "There aren't nearly as many documents with personal information out there as there were even just two years ago," he explains. "These days, it's much easier to get your information off your computer."

Passwords are your first line of defense against intruders. But, as Holland points out, even the most careful people sometimes have password breaches. "I've helped chief privacy officers from health care and security firms," he notes. "If they're getting hit, then anyone is vulnerable." While Holland notes the importance of having a good password, he emphasizes that the most important thing is paying attention to password breach notifications. If you hear that one of your passwords may have been breached, he counsels, change it immediately. And, because many of your accounts may be linked, he notes, it's not a bad idea to change the rest of your passwords as well.

One piece of advice that you don't often hear is to keep on top of software updates. But, Holland argues, updating your operating system, your software, and your security programs is one of the easiest and most important ways to ensure your security. Software companies spend a lot of time and money trying to stay ahead of online intruders -- it only makes sense to take advantage of their work.
Even if you are convinced that your security is state-of-the-art and your password is unbreakable, it never hurts to double-check your most sensitive accounts. Holland suggests regularly checking your bank and credit card statements to ensure that there aren't any inappropriate charges on your accounts. As a side benefit, this is also a great way to catch any unexpected fees that your bank may try to spring on you.
When a breach happens, a fast response can mean the difference between a minor annoyance and a major pain in the neck. With that in mind, Holland suggests talking to your bank about having transaction alerts placed on your account. Every time your account is credited with a transaction over a particular amount -- $50, for example -- your bank will send you an e-mail or text notification. If it's an expected transaction, you can discard the message; if not, you'll be able to respond immediately.
Every year, you are entitled to a free credit report from each of the reporting bureaus. Holland suggests taking advantage of this free service, noting that your credit report is a great way to track your outstanding debts and ensure that nobody is trying to open false accounts in your name. He emphasizes, however, that the best way to get your free report is by going to AnnualCreditReport.com, not FreeCreditReport.com. "That site's a scam," he laughs.
Read Full Story