When you see a “gone fishing” sign hanging from a door, there is little doubt of its meaning; someone is taking the day off and heading to a lake or river hoping for a bite. But in the 21st century, the sport is ‘phishing,’ and the predator, who is anonymous, is also looking for a byte. In this case, it is someone without guilt and an enormous appetite. Living in cyberspace, they cast their nano-quick lines worldwide, ready to reel in anything not secured. And like the solitary great white shark stalking the oceans, the hunt is endless.
Cyber phishers — sometimes called hackers — are on a constant lookout for computer passwords, user names, credit card data or, otherwise, secured information kept on smart phones, home computers or maintained by mega-companies who store and protect nearly infinite amounts of data.
Phishers are not unlike grizzly bears that whet their taste buds on bark beetles as they stalk the Bull Moose; if it is in the way, it is game. And while phishers will still enjoy a meal of fixed-income retiree, trusting high schooler or stay-at-home mom or dad, their menu now includes governments — big and small. In fact, many phishing expeditions today are actually state-sponsored. These clandestine state phishing expeditions are a new form of warfare and today, across the globe, the world is in a constant state of cyber war.
The most famous state-sponsored virus is Stuxnet, a computer worm ostensibly developed by the U.S. and Israel to thwart Iran’s nuclear program. It set back Iran’s development by some estimates, years. North Korea, using a virus with a China internet address, routinely hacks into South Korea military operations. If a country today is not using computer viruses in internet warfare it is in danger of becoming the vanquished without firing a shot.
States and municipalities are also beefing up staffs to address the growing problems from cybercrime. In the Denver District Attorney’s office, prosecutions in this new arena have grown. “We charge computer crime in many cases when it was used to commit theft, such as an embezzlement or identity theft,” says spokesperson Lynn Kimbrough. “And we have a couple of cases in which defendants vandalized employers’ databases and files upon resigning.” Other cybercrimes, including hacking, are referred to the FBI and U.S. Attorney’s office. Internet crime targeting kids is also a priority — a growing one.
In a computer age, though, battles are fought at all levels, particularly where there is money to be made. “We employ expert security consultants,” says Steve Sherman, Information Technology Director for Lakewood’s Solera Bank. And while Solera has so far not become a victim, like nearly every financial institution, it knows it may only be a matter of time. Banks and financial institutions are among the most alluring and consistent targets. A Ukrainian-based ring that successfully penetrated firewalls of financial giants Citigroup, PayPal, JPMorgan Chase and TD Ameritrade to the tune of $15 million was recently nabbed.
But because most financial institutions are reluctant to report actual damages — whether their pain resulted from an old fashion bank robbery or a cyber hit — it is difficult to estimate the true financial loss from cyber-theft. However, according to RSA, a company that monitors cyber theft worldwide, the rise in phishing attacks jumped nearly 60 percent from 2011 to 2012.
Cybercrime has gone worldwide. Gangs, not unlike the Ukrainians nabbed by the Justice Department, operate sophisticated and not so sophisticated rings in China, North Korea, Eastern Europe, Latin America and Africa (think ‘Nigeria’) — essentially anywhere.
The Nigerian Scam, so called because that is where it was perfected, is designed to con victims out of money, identity or both. A desperate email from a prince or widow asking for a small investment that will be paid back ten-fold — or more — has hooked thousands of victims. And it continues to work. Authorities say if an email from a Nigerian prince arrives, simply delete it.
It is a high tech game of ‘cat-n-mouse’ and a daily battle for big and enticing targets, Solera, included. “We’re examined regularly by the Comptroller of the Currency. We’re audited. We run safety scans. We employ consultants. We deploy security measures and use hardware and software based on industry guidelines,” Sherman says. But no matter the efforts Sherman oversees, nothing is foolproof in a game whose parameters evolve it seems, by the hour.
Right now, somewhere in the world, cybercriminals are formulating new ways of extorting, compromising or turning someone’s world upside down. A particularly malevolent virus currently making its way across the web is the FBI virus. Once infected, a computer becomes a slave of the hackers who render it impotent and extort, under the guise of government authorities — the FBI — money from the computer’s owner. Fortunately, even a virus as debilitating as this one can be erased, at a cost.
Computer experts warn users to avoid unknown or Trojan horse software, software that is free and promising but once allowed in does far more damage that the benign invitation promised or the user ever imagined. “It masks itself as something it is not,” says James Tarver of Arvada’s LikeNew PCs, a repair company that stays busy. “There’s nothing I can tell you to avoid a virus,” he says. “It’s just a matter of being careful.”
More than anything be wary of come-ons that seem too good to be true — they usually are. Computer experts warn: Look warily at all emails. If uncertain about the sender, delete. Avoid clicking on unknown attachments, one of the easiest ways hackers gain entry. Change personal passwords; take the time to create imaginative, hard to hack codes. Avoid birthdays and predictable codes like ‘abc123’, qwerty — consecutive letters on the keyboard — or letters or numerals in succession.
Also, if you have material on your computer that is irreplaceable, back up your data. More often than not, it comes at a cost. It could be as simple as purchasing a backup hard drive — you can invest as little or as much as you choose. There are also companies that specialize in this security. The question to be asked is ‘how important are old family pictures, personal and private correspondence or medical records or financial data?
Personal security also applies to children who often are better navigating the web than their parents — a good and a bad thing. Experts advise installing software that blocks access to adult-oriented sites. A number of companies offer free software for this purpose. Norton Online Family is just one. Xbox, a popular high tech device, has parental controls that make it impossible to play inappropriate games or watch objectionable movies.
“Internet Safety 101,” a video co-produced by Marisa Arbona-Ruiz, is designed to teach kids about on-line predators. It has been praised as a must-see for kids and parents. Also, police advise parents to know whom your child is visiting on the computer. Cyber stalkers target children every day. The end result is not always pleasant.
At least kids have parents looking out for them. Many adults are getting scammed every day, financially, emotionally or both. Cases of adults falling for the wrong soul mate who snags them online then cleans them out in every way are on police blotters across the country. Unfortunately, these are choices made by adults who must live with the consequences.
Experts say that chances are as high as one in four that the average computer owner will get hacked. The same odds apply to smart phone users, especially those who carelessly download too-good-to-pass-up free apps. In the end, there is never not a cost. Free games, free pedometers or social media tools — all freebies — are not free, really.
A free app can actually collect personal data, which is routinely used for marketing purposes. Credit card information, personal phone lists and other materials not ordinarily shared can be scooped up — all without permission.
Apple and Google are generally responsible about checking programs before offering them. But neither promises total protection and, in the end, it may boil down to personal responsibility.
The computer age, though still in its infancy, offers a world that earlier generations could not imagine. But also lurking out in this new world are individuals and organized crime rings that are interested in only one thing: how to separate you from your money, your family or worse. Going online should always include caution and common sense.