It was once remarked that the price of freedom was; "constant alertness and constant willingness to fight back." It is true in world affairs, in law enforcement and, regrettably, it is true when it comes to protecting yourself and others from fraud, theft and damage from online predators and hackers.
In genealogy we too often forget that many of our security questions and passwords are based on family data. Thus, in our vigor and enthusiasm to share with others about our family history, unscrupulous characters with dark intentions to corrupt files and computers, steal data for vile reasons. They would take advantage of our passions and hobbies and twist our best of intentions to their warped desires. Some are searching for identities to steal which include birthdates and social security numbers.
Never forget, if you have been a victim or become a victim in the future of such a crime, that it is not you or the wonderful technological highway's fault. It is, however, always the fault of the black-hearted and twisted thrill seekers who see cracking our passwords and crashing our hard drives and stealing our identities as some sort of sick challenge. Evil is hard to understand and even harder to confront. We sometimes become too lax in our approach or, perhaps, too lazy to ensure our data is safe and secure.
It happened to me, and I wanted to write an article to warn of such people and to inform others of some simple steps to prevent such attacks from being successfully sprung against yourself and others. You don't want to be the weak link that caused a friend or family member to lose all their long, hard work and data.
A few years ago I received an e-mail which asked me about writing. I jumped in without thinking that I did not really know the sender, and the link launched a worm into my computer which eliminated my ability to access any of my programs and files. If it was not for a good and kind friend whom was also my ISP provider, I would of lost all my hard drive and all my long hard work. As a writer, losing an entire manuscript is too painful to contemplate. Fortunately for me, for a small fee he encased the worm and I was able to continue on.
Recently, someone hacked into my hotmail account, used my e-mail contact list to send a message to the addresses and then deleted my contact list. The perpetrator used my name as the sender, thus damaging my reputation and ensnaring other's with his scheme.
After this second attack, which was not as damaging, yet much more personal, I realized I had been lax in my security measures.
The main thing genealogists must remember is that maiden names of mothers are often used as a security question for access to bank accounts, e-mail accounts and web sites. All the perpetrator has to do is to say that he forgot his password while at another's account and answer the security question of "What is your mother's maiden name?" -- and "open sesame" he's into that account. Thus, I made a list of what not to use as a password and types of information which you must understand could be applied against your own security.
1. Change your password and your security question frequently.
2. Use uncommon or non-reoccurring letters and numbers in a mixture as your password. Never use words, names or phrases for passwords which you have posted on the Internet or in a profile on a web site or social networking site. ( The bad guys are clever. They read the profiles which people place on myspace and face book, etc., and then they use everything you wrote against you by testing them against your passwords. It does not matter if the Internet accounts and sites are related in nature or subject, the bad guys can figure out that you are the same person.
3. Never place personal information on the Internet, especially birthdates, social security numbers, addresses or links to such data of living individuals. This is what the identity thieves strive for. In your enthusiasm to be thorough, such information can cause headaches which were unintended. Be careful of what you add to your profile sections of various networking web sites.
4. If possible, use some security question other than your mother's maiden name. Some sites offer alternative questions and some allow you to formulate your own question. You can also use an alternate e-mail address when changing a password which is an improved security measure over using the same e-mail address which you are trying to safeguard with a new password.
5. If you publish a book or newsletter on family history, include a copyrighted message and a warning that information in your publication is not to be posted on the Internet.
6. Never open any attachments unless you absolutely know the sender and expect the message.
7. Back up your important documents and files to disc on a regular basis.
8. Use a pet name or nickname or title you like rather than your own proper name on a profile or social networking site.
9. Perhaps an extreme measure, but effective in stopping the spread of viruses and worms is to not keep track of your contact and family e-mail addresses with the e-mail account. It maybe a pain to have to retype an e-mail address each time you send a new message, but it prevents the hackers from gaining access to such sensitive information and, thus, the bad guy being able to send your friends a bunch of bugs and unwanted mail.
These are just a few things I have learned which can aid in the war against the bad guys on the net. I found another article, "Upstate New York Genealogy- Researchers Data Sources & Links-Internet security," which addresses a few other concerns, at Upstate New York Genealogy.