iStock_000030113816_SmallWhen it comes to internet security, it is always better to be cautious rather than pay the potential price of hacking or identity theft later. A client – we’ll call her Anna – recently told me this story.  While it luckily comes to a positive conclusion, it does illustrate how you should proceed when faced with a potential security breach.

As she logged into her computer one morning, Anna found that she couldn’t access Facebook or any of her usual browsing sites. Google displayed an alarming message that warned her about a potential threat from hackers, and advised her not to proceed onto any website. Then, a new screen displayed a message from her internet service provider, instructing her to enter her account ID and password so that they could “verify her credentials”.

Anna’s guard went up, as she had recently heard about security breaches with several large companies. She remembered that her debit card was on file with her service provider, because she had enrolled in automatic payments. If hackers gained access to her account, they would also be privy to her checking account information.

Noticing that this screen displayed a 1-800 number for “more information”, Anna decided to call it. A man with a heavy accent answered her call, and began asking Anna for all sorts of personal information to verify her account. She told him she wasn’t falling for his scam, and would not be giving out her name and Social Security number over the phone! After she disconnected the call, the man called her back and persisted in asking Anna for her information. At this point she was feeling alarmed, and Anna called the man a creep before hanging up on him once again.

Anna then looked up her internet service provider on her smart phone, and sure enough it was a completely different phone number. She called customer service and reported the morning’s suspicious activities.

After putting her on hold for a moment, the customer service representative verified to Anna that the 1-800 number she called earlier was indeed a special number that the company had established to deal with this information update. He understood her concerns and processed the update for her.

At this point, Anna was feeling pretty silly and embarrassed for calling the first man a creep and a con artist! But as she laughed, I told her she had taken the right steps to protect herself. After all, hackers and scam artists often employ the following tactics:

  • a fake “pop up” that prompts you to enter sensitive account information
  • very realistic “company websites” using the logos and slogans of legitimate companies
  • convincing emails from companies with whom you might have an account
  • fake 1-800 customer service lines, with phony representatives who trick you into giving out personal information

Yes, one or two people with that customer support hotline might be laughing at “paranoid Anna” right now. But she did the right thing to protect herself. Any time you receive an email, pop-up, or any other message asking for sensitive information, do not enter it! It is always better to call the company yourself, as Anna did, and inquire about any information they might need from you. That way, you know who is on the other end of the line. When it comes to your online security, it is always better to be safe than sorry.