Bad things can happen on the Internet, just as in real life. But Greg Duncan, a consultant and all around technology expert, says that the ever-present security risks posed by hackers, spammers, and scammers shouldn’t prevent anyone from using the Internet to its full potential.
“Any one of our houses could be broken into,” Duncan said. “Any one of our cars could be broken into. We don’t stop living in a house, and we don’t stop driving a car, but we do take certain steps, like locking our doors, or having an alarm, or not leaving valuables in the front seat, that reduce the risk that something will happen. I think by following those types of principles online, people are able to generally be safer.”
Duncan, director of operations at Princeton-based TeachTech LLC, will speak on technology security on Tuesday, September 6, at 1:30 p.m. at the Computer Learning Center at the Ewing Senior and Community Center at 999 Lower Ferry Road. The free talk will cover the basics of common sense security measures. For more information, visit www.clcewing.org or call 609-883-1776.
Duncan has worked with computers for 30 years in various roles ranging from managing networks to programming databases to designing websites for entire cities. He grew up in Yonkers, New York, where his father was a consultant and his mother was a teacher. His interest in computers began one day in the early 1980s when his father came home from a computer shop with an Epson QX-10, which was an early personal computer that was meant to be user-friendly.
Duncan’s father was the first one to buy a computer from that store, and once he figured out how to use it, the store began calling him for technical advice (such were the early days of personal computers.) Duncan also got good at using the machine, and slowly took over his father’s role as informal tech support.
Duncan’s career in computing continued from there. After graduating from Princeton, he began a series of jobs in the IT field. “I’ve worn just about every hat you can wear in technology,” he said. He has done computer repairs, desktop support, database administration, website development, and project management. He has managed websites and applications for BP Amoco, the city of Las Vegas, the states of New Jersey and Pennsylvania, and Princeton University.
During that time, Duncan has always been mindful of the need of security, as anyone can and should.
For example, smartphones can connect to the Internet in one of two ways: either over wifi or the phone company’s data network. Wifi networks usually cover small areas, like the size of a building, and are sometimes free to access. Many businesses provide wifi networks as a courtesy to their customers. On the other hand, a cell phone data network can be accessed almost anywhere, but using it costs money.
Therefore, it may be tempting to use a free wifi network whenever one is available. But Duncan cautions that using an insecure network could end up being costly in the long run. Using that free wifi connection at a Target store could be an invitation to hackers. “There’s really nothing to stop a person from getting their own wifi hotspot and sitting in a car in a parking lot and naming that hotspot so it looks like a Target,” Duncan said. “When people connect to that, they’re able to sniff the line and gather information.”
Duncan recommends not doing any online banking, checking E-mail, or doing anything else sensitive over a public wifi network.
Another risk of online commerce is fake or hacked websites that collect credit card and personal information, which can be used by identity thieves. One way to guard against bogus websites is to check their security certificates. A good way to tell if a website is secure is to check to see if the address in the web browser begins https: rather than http: The “s” indicates that the site is secure and encrypted against anyone intercepting the data. Depending on the browser, there is also usually a way to view the site’s security certificate.
Another common security pitfall is the E-mail inbox. Most Internet users are bombarded with “phishing” attempts in which a scammer will send an E-mail purporting to be from a bank or other such entity in an attempt to trick the user into downloading a virus or giving up login credentials.
“You have to take that extra step to be cautious,” Duncan said. Although he is an experienced Internet user, he almost fell for a phishing attempt recently. Phishing or spam emails sometimes look like they come from relatives. “I received an E-mail once that purported to come from my father, and it had a link or an attachment on it. Sometimes when you’re looking at your E-mail, you are in kind of a mindless state, just clicking away.” He almost clicked on the link in the message he thought was from his father. “I realized the wording didn’t sound like wording my father would use. So then I thought about it. He had just left on a cruise, so he couldn’t have sent this e-mail to me, and in fact it was a spam e-mail.”
An easy way to check out E-mails in most web browsers is to hover the mouse cursor over the display name in the “from” field. This will show the actual E-mail address, revealing any phishing attempts. Another common feature of spam E-mails purporting to be from relatives is that they are usually extremely terse and vague, with no explanation of what the attachment or link is.
“I have just gotten in the habit of not clicking on those messages,” Duncan said. “I’ve trained my family and friends that if they send me a text with an attachment, they have to put something in that makes me realize it’s legitimately them … if I get a message that says ‘here are the photos from Mary’s wedding,’ and I was just at Mary’s wedding, that’s giving me some information that this legitimately came from the person it appears to be from.”
Duncan says the class is meant to be useful and easily understood by people from all walks of life. “I really consider it information that anybody can use,” he said. “We present it in a way that makes it very easy for anyone to understand. Technology only matters when it’s useful. Our philosophy is to present it in a way that makes sense, because it should be in reach to everyone.”