INDUSTRY
E-Valentine Cards Present Cyber Security Risk
Electronic Valentine cards promising sweet nothings may instead infect loved ones' computers with a nasty surprise from a cyber scam artist, according to a Purdue University computer security expert. "An e-mail or instant message from a 'secret admirer' on Valentine's Day may be specifically designed to piqué your curiosity," says Michael Carr, Purdue's chief information security officer. "It's human nature and exactly what the bad guy is counting on." An important element of cyber deception is the victim's willingness to "click here" or "open the attached file." Too often, the surprise is an e-mail virus, Trojan horse, spam, or so-called phishing scam — an e-mail that appears legitimate but is designed to trick people into providing valuable personal-information passwords or bank account and credit card account numbers. Carr recommends practicing "safe computing" by: * * Not clicking on links or attachments unless they are part of an expected e-mail or instant message from a reliable, known source. * * Protecting your computer with current anti-virus software and manufacturer-recommended system patches. * * Checking the authenticity of a questionable message by contacting the sender via telephone or another messaging technique. Sometimes dangerous e-mails can even arrive having been forwarded by or appearing to have been forwarded by people known by the recipient. Carr says even these messages also need to be evaluated and confirmed by a phone call to the sender. "If you continue to have doubts about the e-mail or instant message, just delete the message," Carr says. "It is not worth the risk of being a victim." Information Technology at Purdue, also known as ITaP, provides free-of-charge computer security advice, including how to identify spam and phishing scams, on the Web at its Web site.