Tips to avoid getting scammed online.

The most common way people get scammed is by social engineering. I learned a few simple scam-prevention techniques from my co-hosts on the podcast Security This Week, where we teach security topics through the lens of current hacks. On the podcast, I'm the dumb guy asking questions, the other two are red-hat security professionals.

If you get an email or a text from what looks like a company that you pay money to on a regular basis, and they offer a link you can click to do whatever they are asking you to do, don't click it.

If it's an email, log on to the official website, open your account settings, and check to see if there are any notifications for you. If you don't see anything there, you're probably okay. You can confirm with the company by sending them an email or using their contact page. If it's a text, a Facebook message, or any other kind of instant message, don't click on it.

You might get an email from one of your credit card companies that has a number you should call right away. Don't call it. Instead, call the number on the back of your card and ask them if they sent you this email.

If you get a Facebook message from one of your friends with a request that seems out of character, like "Hey, Carl. I'm stuck in Miami because I got ripped off and I need $500 for a plane ticket home" - Don't answer it. Contact your friend by another means and ask them if they sent you a message.

Also, sometimes you'll get Facebook messages from friends you haven't heard from in a while, and the message is just something like "how are you?" or "hi..." they have probably been hacked. Again, contact them using another method, and confirm.

If you get an email or a message from a friend that has an attachment and the words "check this out!" or some other non-descript request, do not click it. This is how Ransomware gets installed.

The best way to confirm the identity of a friend online is to ask them a question that only they can answer, or if that seems too weird, just ask them to call you. Even if a scammer has your number, it won't be your friend on the other line.

Another tip is to NEVER scan a QR code in a public location that doesn't look official. Anyone can create a QR image from a URL, even if that URL points to a website that can infect your phone. Don't ever scan a QR code printed on a sheet of paper and taped to the wall, a bus, a billboard, or any other public property.

Wifi routers are another problem. You need to make sure your WIFI router is always up to date with the current firmware. I have one that automatically updates itself.

Also, you should have two WIFI networks, one that your computers connect to using a strong password, and another one, a GUEST network, that has no password, and is not connected to any computers or printers. That's the one you should use for your household devices (NEST, etc) and give to your guests.


Carl Franklin

Carl Franklin has been a key leader in the Microsoft developer community since the very early days when he wrote for Visual Basic Programmers Journal. He authored the Q&A column of that magazine as well as many feature articles for VBPJ and other magazines. He has authored two books for John Wiley & Sons on sockets programming in VB, and in 1994 he helped create the very first web site for VB developers, Carl & Gary's VB Home Page.

Carl is a Microsoft MVP for Developer Technologies, and co-host of .NET Rocks!, one of the longest running podcasts ever (2002). Carl is also an accomplished musician and audio/video producer. He started Pwop Studios in 1999 as a record label for his first album, a collaboration with his brother Jay: Strange Communication. Franklin Brothers released Lifeboat To Nowhere in 2011, which has met with rave reviews. In 2013, Carl released his first solo album, Been a While, which features a tune with John Scofield on guitar, as well as an incredible group of musicians local to New London, CT.

Pwop Studios is a full-service audio and video post production studio in New London, CT, where Carl records and produces the podcasts as well as music and video projects - both for himself, Franklin Brothers Band, and the public.