Friday, 10 March 2017

Exploit Consumer Rights Day

Wednesday next week is World Consumer Rights Day. This day, 15th March, is used every year to highlight issues that are important to consumers all over the world and this year the theme is “Building a digital world consumers can trust”.

Although I’m not a big believer in having special days for particular issues the theme this year is an important one. There are very few of us, probably even fewer when you consider Mmegi readers, who aren’t somehow connected to what used to be called the information superhighway. Almost all of us have a phone that can surf the web, send emails and access Facebook. Almost all of us are therefore exploiting the benefits offered by the information age but we’re also exposed to the risks associated with it.

And those risks can be serious ones.

Most of us are now familiar with the advance fee scams that operated historically by email and now use Facebook as their primary channel for stealing people’s money. A message will arrive with what seems like attempting offer. Some will say the sender is an orphan with an enormous inheritance they want to share with you if you help them get it out of the country where they’re trapped. Others will offer you a job, a place at a prestigious conference or even romance. Regardless of the message, sooner or later they’ll ask you to send them money, either to secure your share of the money, a visa to the country where the fictitious job is located or the shipping costs of the package of goodies your beloved says he’s sent you. Whatever it might be, that’s what the whole business is about, the advance fee that gives the scam its name.

Most of us know about these scams by now but that doesn’t mean everyone else does. We still regularly hear of people new to the internet who believed the messages when they arrived and happily handed over their money to the scammers, never to see it again.

A risk that many people fall victim to is another type of email, the phishing attack. Just a few days ago I received an email that my laptop very kindly realised was risky and put directly in my Junk mail folder. It said: “Good afternoon. Please find attached stock sheets. Kind Regards Ahmed”.

I wasn’t expecting any stock sheets from anyone called Ahmed so I wasn’t likely to open it but who knows, someone not familiar with these things might easily have clicked on the attachment which looked at first sight to be a spreadsheet. In fact, it was a link to a web site that asked for my internet banking username and password. As it happens the fake banking site it showed wasn’t pretending to be my bank but even if just a few people happen to have an account with that bank and just a handful of them are gullible enough to enter their account details, the scammers will be in profit. Before the victims has a chance to realise what they’ve done the scammers will have signed on to the victims bank and sent any money they find their to somewhere far away and safe from the prying eyes of law enforcement agencies.

Luckily these days most anti-virus and anti-malware packages that come on most computers will alert you to these threats before you open them but not everyone keeps those protections up-to-date and alive. And those people like me who use a Mac or people using Linux aren’t immune to these attacks. They’re not viruses that run code on your computer, they’re links to web sites that any computer can visit. Even if you are effectively immune from viruses, you’re not immune to the “social engineering” that modern criminals exploit. When presented with what looks exactly like your bank’s internet banking screen it’s almost automatic just to type in the necessary details without doing the checks the banks and cybersecurity experts recommend. Have you checked the web address you’re visiting in the box at the top of the screen? Is it really your bank? Is there a little padlock symbol showing that the site is encrypted?

One good thing about the internet is the enormous availability of information. If you’re looking to buy a new car, laptop or cellphone you’ll find vast numbers of sites containing reviews of the models you’re considering and even comparisons of competing models. It’s almost certain that someone else in the world will have already faced the choice you’re considering and will have posted their thoughts on the web. When you finally get to the store to make your choice you can be well-equipped with the information needed to make a rational choice.

But with this information comes serious risk. The sheer size and the enormous volume of information it contains presents a new problem. Where can you find the truth? Recent events have highlighted the fact that serious geopolitical decisions have been based on fake news and “alternative facts” rather than objective truth.

Let me give an example. I went to Google and searched for “cancer cure” and I was given eighty-two million results to choose from. Being lazy I only checked the first three pages and found the results fell into three categories, all in roughly equal quantities: news stories, specialist cancer advice sites and dangerous nonsense.

Choosing which one to trust can be a challenge, particularly as many of the sites peddling dangerous nonsense are the ones advertising “the truth about cancer”. They’re often the sites selling conspiracy theories about the medical establishment, the pharmaceutical industry and strange powers that want to keep you controlled. They’re the sites selling fake cures and potions that are most likely to empty your bank balance and shorten your life. But how can someone who isn’t skeptical or scientifically literate tell the difference?

So maybe World Consumer Rights Day will play a small part in educating people about both the benefits and the risks presented by the modern information age. Consumer Watchdog will certainly be playing its part but you know what? It’s going to take a lot longer than a day to protect everyone. It’s going to be a full-time job.

No comments: