The Federal Trade Commission (FTC) has warned that scammers are increasingly turning to dating sites, social networking sites and chat rooms to meet potential scam victims. Millions of Americans use such sites to connect with potential romantic partners, and scammers are exploiting this demand in online love interests to steal their victims’ money.
Cyber criminals create fake profiles, target victims, gain their confidence, and trick them into sending money. According to the FTC, it receives “thousands of reports” each year about such romance scammers who target people with the sole intention of stealing their money.
The Department of Homeland Security’s US-CERT offers general tips for staying safe on social networking sites:
- Limit the amount of personal information you post – Do not post information that would make you vulnerable, such as your address or information about your schedule or routine. If your connections post information about you, make sure the combined information is not more than you would be comfortable with strangers knowing. Also be considerate when posting information, including photos, about your connections.
- Remember that the Internet is a public resource – Only post information you are comfortable with anyone seeing. This includes information and photos in your profile and in blogs and other forums. Also, once you post information online, you can’t retract it. Even if you remove the information from a site, saved or cached versions may still exist on other people’s machines.
- Be wary of strangers – The Internet makes it easy for people to misrepresent their identities and motives. (See Using Instant Messaging and Chat Rooms Safely.) Consider limiting the people who are allowed to contact you on these sites. If you interact with people you do not know, be cautious about the amount of information you reveal or agreeing to meet them in person.
- Be skeptical – Don’t believe everything you read online. People may post false or misleading information about various topics, including their own identities. This is not necessarily done with malicious intent; it could be unintentional, an exaggeration, or a joke. Take appropriate precautions, though, and try to verify the authenticity of any information before taking any action.
- Evaluate your settings – Take advantage of a site’s privacy settings. The default settings for some sites may allow anyone to see your profile, but you can customize your settings to restrict access to only certain people. There is still a risk that private information could be exposed despite these restrictions, so don’t post anything that you wouldn’t want the public to see. Sites may change their options periodically, so review your security and privacy settings regularly to make sure that your choices are still appropriate.
- Be wary of third-party applications – Third-party applications may provide entertainment or functionality, but use caution when deciding which applications to enable. Avoid applications that seem suspicious, and modify your settings to limit the amount of information the applications can access.
- Use strong passwords – Protect your account with passwords that cannot easily be guessed if your password is compromised, someone else may be able to access your account and pretend to be you.
- Check privacy policies – Some sites may share information such as email addresses or user preferences with other companies. This may lead to an increase in spam. Also, try to locate the policy for handling referrals to make sure that you do not unintentionally sign your friends up for spam. Some sites will continue to send email messages to anyone you refer until they join.
- Keep software, particularly your web browser, up to date – Install software updates so that attackers cannot take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
- Use and maintain anti-virus software – Anti-virus software helps protect your computer against known viruses, so you may be able to detect and remove the virus before it can do any damage