Thursday, May 22, 1997

Exercise caution while online

By JOE KILSHEIMER / The Orlando Sentinel

Even if you work with computers every day, cyberspace often can make you feel as if you are a pedestrian being forced to walk across an eight-lane highway.

Just about the time you think it's OK to cross, along comes the online equivalent of a Mack truck ready to mow you down.

Yikes! Is it really safe to venture online? The answer is yes, as long as you know the rules for safely strolling through cyberspace.

If you are just beginning to venture into the online world, it's little wonder that it seems scary. Recently the news has been peppered with stories about computer viruses, virus hoaxes, online credit card scams, phony stock peddlers, cyberpedophiles and Web browser security holes.

My favorite scam was pulled off in February by some hackers in the east European country of Moldova. Promising to show dirty pictures, the hackers persuaded thousands of North American computer users to download software that secretly caused their modems to call overseas. The unsuspecting knotheads who took the bait wound up with thousands of dollars in long-distance bills.

On America Online, the snerts - online pests - often seem as thick as fleas. Whenever I'm on AOL, I get hit at least two or three times with instant-message solicitations for my password. It's called "phishing," (pronounced "fishing") and usually goes something along the lines of:

"Dear AOL Member: We're sorry, but Sector 4G9E of our database has lost all I/O function. In order to verify your subscription, you must immediately respond with your logon and password. Failure to do this will result in immediate account termination."

If I'm in the mood, I will bait them by pretending to be even dumber than they are. I can't figure out why the snerts still "phish" for passwords after AOL altered its instant-message window to say specifically that staffers will never ask for them.

Also, at least four times a day, I get e-mail with file attachments that supposedly will give me an "instant message answering machine" or will reveal "AOL Secrets."

Never having downloaded and run those files, I can't say what they do. But I know enough to know that I don't want to find out.

So how do you travel safely in cyberspace? It's generally a matter of following the same common-sense rules that you follow in real life.

Here are some safe surfing tips:

-- Don't give out personal information to strangers. Just as you would never give your house keys to people on the street, never tell anyone your password to someone who asks for it in a chat room or instant message.

Same thing for your Social Security and drivers license numbers. Someone with malicious intent can use that information to fabricate a new identity for himself - and make a lot of trouble for you.

-- Be wary about where you post your e-mail address. Some Web sites sell their e-mail address lists to junk mailers. Look for sites that promise to keep your address to themselves.

-- Be judicious when using your credit card. Some consumer groups warn you should never use credit cards online, but that's old advice. It's OK if you're buying something from a Web site that conducts secure transactions.

A site does that by encrypting your credit card information, or turning it into a secret code, when you order merchandise, making it not worth a hacker's time to intercept your number. You can tell when the encryption system kicks in - as long as you are using Netscape's Navigator or Microsoft's Internet Explorer - because both programs will notify you before you give the final OK.

Obviously, sites with secure transaction systems are safer than sites without similar setups.

-- Know the basics about computer viruses and how they can - and cannot - be transmitted.

Computer viruses are software programs that infect your hard drive with instructions that aren't supposed to be there. Some are benign, but others are harmful and can delete data from your hard drive.

You cannot get a virus if you simply read or send e-mail; leave attached files unopened or send attached files; read newsgroup messages, view Web pages or use a search engine such as Yahoo, AltaVista or Lycos; chat in an AOL chat room or on an Internet Relay Chat channel.

-- Don't download file attachments from people you don't know. You can get a virus this way.

It's unreasonable to say never download anything. But treat files you pick up online the same way you treat fresh food. Make sure those files are clean before you let your hard drive eat them. Scan them with a virus scanner before running them.

As an extra measure, I have stopped accepting attached files that supposedly contain only text. One type of virus - called a macro virus - can be hidden within Microsoft Word document files.

If I really want to see what that document file contains, I ask the sender to send "straight text."

Although these safety guidelines apply to all cybersurfers, they are particularly applicable to kids, who typically have no built-in sense of caution. Teach your children these rules, plus show them how to save chat messages that are inappropriate. That will give you ammunition if the problem is serious enough to report to authorities.

If you follow these safe surfing rules, those online trucks threatening to run you over will seem like cyberTonka Toys.