As I often tell you, things are not as bad as you think.  Unfortunately, they are worse.  Many of us think we are completely avoiding the danger of identity theft by never providing personal information in response to emails asking for such information knowing that such emails are a prime method for identity thieves to obtain the information necessary to make us a victim of identity theft when we trust emails that appear to be from legitimate companies or governmental agencies.  This scam is called phishing and it is extremely dangerous.  Additionally, these identity thieves will sometimes lure you into clicking on a link in a tainted email or in a message on your Facebook page that instead of providing the information or video that it promised, instead causes a keystroke logging malware program to be downloaded and installed on to your computer or portable device that steals the information from your computer or portable device and leads to your becoming a victim of identity theft.   Again, you may be too smart to fall for these scams, however, you still should not be too confident that you are avoiding danger because a recent study from Palo Alto Networks, a software security company has found that only 6% of malware infections are coming from tainted email while 90% came from malware unwittingly downloaded when people went to legitimate websites that you had reason to trust that had been infiltrated by hackers.  This type of identity theft has come to be known as a “drive by” identity theft.    To make things worse it usually takes as long as three weeks for anti malware software makers to identify the latest malware threats.  Java software which is used on many legitimate websites has proven to be a rich target for identity thieves because of  its continuing vulnerabilities to hackers.  It is for this reason that the Department of Homeland Security has advised people to consider uninstalling Java software.  For more information about this go to the Scamicide archives and type in “Java.”


Along with avoiding obvious scam emails, the best thing you can do is to make sure that your security software and anti-malware software are constantly kept up to date with the latest revisions, updates and patches.  You also may want to uninstall software programs, such as Java which have proven to be an Achilles heel for many legitimate websites.  Finally, if you want to be extra careful, you may even want to consider having a separate computer for your financial dealings and purchases while using a separate computer for surfing the Internet so that if you do go to a tainted website, there would be nothing of value on that computer for an identity thief to use.