Once upon a time this would have been an unthinkable topic for a farm column. The fact you're reading it online and not on good, old-fashioned paper makes this is a must-read. Today’s smartphones, Web access, electronic banking and credit card use have rocketed every farm family and business into cyberspace.
There, you're increasingly vulnerable to being victimized by cybercrime – identity theft, unauthorized credit card purchases, perhaps even draining of financial accounts. Unfortunately, most of us become more aware of such risks only after being victimized. I’ve been there, done that.
While mainstream media has hyped Sony cybercrime coverage, businesses of all sizes and personal accounts are attacked daily with increasingly sophisticated hacking. That’s why farmers are increasingly wary of sharing sensitive financial and personal information.
So, following are tips from my experience and collective thoughts of companies such as the KPMG financial network, BAE Systems, Symantec and others. They predict cybercrime will escalate to a whole new high in 2015. That's why this might be the most valuable five bits of advice you'll read all year.
Credit card dos/don’ts
Opening a monthly statement to find $4,000 to $5,000 of unauthorized credit charges at far-away truck stops and electronics stores you’ve never visited is a stunner. It can happen within minutes of a credit card number being stolen.
So check them immediately upon receipt. If fraud is suspected, immediately call your credit card provider. Subscribing to an early-warn alert service may not be a good investment. Credit card providers also watch for it, and try to contact you about possible abuses.
Be careful who you physically give the credit card to, and insist on a copy of the credit card receipt. If you’re traveling to far-away places or overseas, let your credit card provider know beforehand.
One of the simplest protections is to make sure new credit cards have chip-and-pin tech. They combine an embedded microchip and a personal numeric code to authorize payment transactions. Some card issuers may use the chip, but require just the old-fashioned signature. The chip/pin won't protect you unless the retailer requires you to key in your pin.
Protect your computers
Every computer connected to the Web is vulnerable to cybercrime if it’s turned on. That includes tablets, mini-tablets (including iPad minis) and smartphones.
Your PC's best defense, according to Symantec’s Norton Security, is multi-layered. The top essential is an up-to-date personal firewall, antivirus and anti-spyware software installed and running. It's one of the best preventive tech investments you can make against phishers and scammers.
Financial software and data should have a separate username and password. Then supplement your security software with hardware protection such as DataBreaker, a device that automatically disables a broadband Internet connection to your PC or Mac while it’s turned on, but not in use. This creates a physical barrier hackers can’t get past.
Forget memorized passwords
Using your memory will only drive you to simple passwords and duplicating passwords, because you can’t remember many, warns Kevin Haley, director of Symantec’s security response group. Six of every 10 people rely on noggin memory for all passwords.
Some 42% use passwords with only lowercase letters, according to an analysis by Imperva, an internet security firm; another 16% use only numbers. The top five secret phrases were “123456,” “12345,” “123456789,” “password” and “iloveyou.” So much for security secrets of that 58%.
By using eight lowercase characters and digits, password security improves dramatically. If your memory is like mine, create a hardcopy (paper) list of all user names and passwords.
For ultimate protection, Amit Klein, chief technology officer of Trusteer, an IBM-security division, suggests creating three password tiers. Use a complex password for top-tier sites such as financial services.
Start with an easy-to-remember phrase like “I love my 4020 John Deere”. Converted to a password, it would be “Ilm4020JD” and tough to “decyber”.
Make it tougher by adding the financial institution’s initials. First Bank, for instance, would be Ilm4020JD1B. Change the password with each financial institution with different combination of the last letters/numbers.
On the second-tier sites, social networks and other sites with personal data, use a different password. All other sites should have a third password.
Never use the same password with different sites. And please note that changing just the last two letters might not be enough.
The Cloud isn't heaven-sent
Online services that store your email and contacts, data files, social messages, photo collections, plus music and videos aren’t on your computer. They’re on someone else’s computer server – what the PC-savvy call a 'cloud,' and easily accessible by others.
This poses a real security quandary since many of you use cloud services provided by John Deere, Case IH, Trimble and others. The upside to this is that agriculture-related companies tend to have the best client identification protection for numerous reasons.
So the best advice here may be: Ask your cloud service provider how it's protecting your identification. Without those assurances, never upload anything into a cloud you wouldn’t want unscrupulous others to see.
Skip the scammers
The more you use and shop on the Web, the more vulnerable you are to targeted attacks to steal your passwords and data, warns KPMG's Stephen Bonner. That's one reason you may be seeing junk emails doubling, tripling or more.
Even the best web security software often is unable to stem the attack. Reason: The Cloud is a great hiding place. It allows cybercriminals to scrub traceability before landing in your email inbox. Web experts call it the Deep Web or Darknet for good reason.
So how do you protect yourself? No protection is iron-clad. The technical sophistication of phishers and scammers changes by the second, not minute or hour or day.
Rule #1: Be wary of fake email offers and advertisements supposedly from familiar sources like Comcast, Amex, Wells Fargo and PayPal. Some may be "Trojan horses" for hidden software trying to extract valuable information from your computer.
Rule #2: If you see an advertisement or offering supposedly from a reputable source, note that source, but don't click on it. Misspellings are dead give-away clues. Instead, do a Web search for the legitimate source's own website. Then go shopping.
- Vogel is editor of our sister publication American Agriculturist