Not a day goes by without some story or other about somebody having been ripped off on the ‘net. Either they have sent their savings to some Nigerian “oil tycoon” who needed to smuggle ten billion dollars out of his country, or a “lonely Russian lady” has managed to lure a few thousand euros out of a similarly lonely, and overly trustful, gentleman in the West. Other people win in Internet lotteries they don’t remember entering and learn too late that the registrar asking for their bank account details wasn’t planning to make a deposit, but a withdrawal.
So why, if we hear about all these frauds, do people never seem to learn? It’s not like they haven’t had time or opportunity – we hear about such scams just about every day, and I received my first Nigerian money letter back when I was at university and the Internet consisted of a Usenet with text-based discussion groups and text-based email (a totally novel concept at the time). In other words, these scams have been around for more than twenty years.
I pride myself of never having fallen for scams with one exception: When I started receiving spam mail on my first Hotmail account, I was stupid or naïve enough to click the “Please Unsubscribe Me” link. Which of course only sent the signal to the spammers that my email account existed and was active, ensuring that I received thrice as much spam! DOH!
I’m wondering if some sort of “Driver’s License” should be required, or at the very least offered, before people are let loose on the ‘net.
Unfortunately I don’t consider myself a teacher, and I don’t know about all the scams of the world. So let this be my call to Internet service providers and other entrepreneurs: Please start offering courses on Internet Security & Awareness for overly trustful users. Here are a few ideas for the curriculum (and warnings for my readers):
- If it seems too good to be true, it is. You can’t win a lottery you never entered into, and Nigerian princes who offer you 20% of half a billion dollars just for the loan of your bank account don’t exist. And nobody gives away free iPads or Blackberries.
- There is such a thing as too much information. When you post information on the Internet, everybody can read it. Your neighbor, teacher, boss, or your parents. Or a completely random guy on the other side of the Earth. If you post your information in a “closed” community, somebody else may download it and re-post it elsewhere. As a ground rule, if you wouldn’t tell something to a random stranger in a dark alley, you shouldn’t tell it on the Internet.
(Example: Burglars routinely check Facebook for people’s holiday plans. If you tell your friends on Facebook that you’ll be on holiday in Spain the next 14 days, a burglar will see that as an Open House invitation for the next two weeks.)
- You can’t un-upload what you’ve uploaded on the Internet. If you upload a picture or a video of yourself today and regret it tomorrow, it may already have been seen by 100,000 people around the globe. They may even have downloaded it and re-uploaded it since there is apparently no sense of ownership on the ‘net.
(And yet people think little of uploading pictures of themselves drunk and/or semi-nude. Or not just semi-nude. It may seem like a lark today but not so in five years time when you’re applying for a job in a bank.)
- On the Internet nobody knows if you’re a dog. And more importantly, you don’t know if the other guy is a dog! An email apparently from your bank may not be from your bank at all. Did they send it to you personally? Or is it addressed to “Dear valued customer”? Do they ask for personal information (a bank would NEVER ask for your logon name or password in an email)? Other warning signs of phishing mail is: Poor English, or poorly translated language, possibly even machine-translated into your language. A great sense of urgency – threatens to close your account if you don’t act immediately, to make you act first and think later.