NJ Attorney General offers basics on Cyber Safety for Consumers

Posted

Acting Attorney General John J. Hoffman and the New Jersey Division of Consumer Affairs today concluded the commemoration of National Consumer Protection Week by reminding consumers of the “Cyber Safety Basics” – tips on preventing identity theft and protecting personal privacy, by safeguarding the information stored on computers and other devices.

“Computers and the internet have become integral to our lives, and we must use them safely,” Division of Consumer Affairs Acting Director Steve Lee said. “Online security threats – from hacking personal information for the purpose of identity theft, to unwelcome invasions of privacy – are becoming ever more sophisticated. But consumers can prepare and protect themselves by taking several basic steps.”

The Division of Consumer Affairs protects consumers against identity theft, unlawful invasions of privacy, and other computer-related violations by enforcing New Jersey’s Consumer Fraud Act, the Computer Related Offenses Act, the Identity Theft Protection Act, and other statutes.

Cyber Safety Basics


The following basic tips can help prevent identity theft, monetary theft, or other types of harm that can be caused by malware – malicious software such as viruses. Additional information on each of these tips can be found on the Division of Consumer Affairs Cyber Safe NJ website, www.NJConsumerAffairs.gov/cybersafe.

Avoid phishing scams: Never act on any email, text message, pop-up window, or other communication that asks you to provide your personal information, click on a link, or open an attachment, unless you recognize the sender, or you requested the information that was sent. Remember that legitimate businesses and government entities will never ask you to provide personal information through an email.

Install antivirus software and keep it up to date. Many virus protection programs offer automatic updates.

Use a firewall to block suspicious data from entering your computer.

Use a variety of smart passwords that incorporate uppercase and lowercase letters, numbers, and symbols. To help keep track of multiple passwords, consider keeping a password notebook or a list on your computer that is password-protected.

Consider maintaining more than one email address and designate them for specific uses, such as one email address for online purchases, another for personal correspondence, and another for news feeds. If your e-shopping email is hacked, the personal information in your other emails would still be protected. The use of multiple emails can also help prevent spam. Spam can be more than an annoyance; unwanted emails may contain malware or phishing scams.

If you use a wireless router or file-sharing system, be aware that they may leave your computer vulnerable to hackers. Refer to your user's manual or ask your Internet service provider for information on how to secure these systems.

If you must provide personal information over the Internet, make sure the website is secure. A secure website uses encryption to protect your information. The two elements that indicate a website uses encryption are the image of a locked padlock, and a URL that begins with "https" rather than "http."

Before disposing of your computer, cellphone, printer, scanner, or copy machine, use a "wipe" utility program to overwrite the computer's memory. Simply deleting your personal data or moving it to the "trash" will not make it permanently disappear.

To prevent the loss of needed information in case your computer becomes damaged – or in case you are ever threatened by “ransomware,” a type of malware that renders the victim’s computer unusable unless a ransom is paid to cybercriminals – regularly back up your data on an external hard drive or through a remote backup service such as a cloud computing system.

Identity Theft: If You Become a Victim

While the “Cyber Safety Basics” provide good protection, identity theft can still strike anyone through data breaches, the theft of personal documents, or other mishaps.

Fortunately, it is possible to resolve the financial and credit problems that result from identity theft. The U.S. Bureau of Justice Statistics found that the majority of identity theft victims in 2012 were able to resolve these issues in less than one day, once they became aware of the crime and took concrete action.

All New Jerseyans who believe they were exposed to identity theft are advised to take the eight steps for self-protection that are outlined in “Identity Theft - If You Become a Victim,” a Consumer Brief developed by the Division of Consumer Affairs.

Further information can be found in the “Preventing Identity Theft” section of the Division’s Cyber Safe NJ website.

Controlling Your Privacy

Web browsers, mobile devices, and social networking sites have the ability to collect a great deal of information about their users, and to transmit that information to advertisers and other third parties, for whom that information is extremely valuable.

Many consumers are concerned about the collection of personal information and about “behavioral profiling” for advertising or other purposes, and wish to have greater control over how their information is collected and used.

The following steps can help consumers protect their privacy online. More information is included in the “Controlling Your Privacy” section of the Division’s Cyber Safe NJ website.

Think twice before posting: Remember that all electronic communications can be saved and viewed forever. And even the most private messages can be accidentally or maliciously shared with others. Think twice before sharing personal information online such as in social networking profiles, tweets and status updates, personal blog entries, and even private emails or text messages. You may restrict access to certain messages with privacy settings – but someone you trust may still share your message beyond that limited group.



· Evaluate your social media privacy settings: Review the privacy settings and privacy policies of any and all social networks, blogs, and other venues on which you have a profile or post information. If you can't find the privacy settings, contact the website publisher and ask for this information. Read through your privacy options, think carefully about them, and adjust your privacy settings to a level of sharing with which you feel comfortable. After adjusting your privacy settings, you should re-check them on an ongoing basis. Some social networking websites have changed their privacy settings and policies over the years.



· Evaluate your web browser’s privacy settings: Your web browser – the application such as Safari, Internet Explorer, or others that your computer uses to view websites – comes with default settings that seek to strike a balance between keeping your computer secure, and allowing you to get the functionality you need from most websites. These settings create limits for the extent to which the computer will allow Internet applications such as “cookies” that help websites perform important functions. However, if your browser allows unlimited interaction with cookies and other applications, you may be at greater risk of a malware attack or of being tracked for advertising purposes. Find a balance that works for you. Check the privacy and security settings of all web browsers that are installed in your computer, and adjust them as necessary. You should also learn how to delete cookies and other cashed or temporary files from your web browser. For specific information on your web browsers, visit the website of the company that developed the browser, or contact the company and request more information.



· When using mobile apps: Smartphones and tablet computers are capable of tracking users' online activities and more. They may include a GPS that knows the device's current location, and a unique device identification (UDID) number that can never be turned off. Many children’s apps include interactive features such as connecting to social media. Many apps have sent information to ad networks or other third parties, without disclosing those practices to users. Consumers should be wary of the information they provide to mobile apps, and parents should pay attention to the apps their children use. Find out whether the aps include a privacy policy, and contact the web developer if a privacy policy cannot be found.