view, these one-time use cards for Internet buying are a good thing. We need them, because there's no faith in the security of online transactions.
If you're going to give your credit card number over the Internet, at least make sure that the site uses S.S.L., or secure sockets layer, encryption technology. The way to tell is if the screen shows either a closed lock or an unbroken key icon. Another sign is if the merchant's web address shifts from "http" to "https" when it processes a transaction. This is far from a secure site, but it's better than a site that doesn't have encryption technology.
WHAT TO DO
Computer crime can be so much harder to track down than traditional criminal activity, and I find that you need to approach it differently. As soon as fraud is suspected, it's important to call in an expert before the evidence can be hidden. That means don't let anyone touch the computer system. What the security experts will do is undertake a forensic investigation of a computer, using a technique known as imaging, where experts take a copy of the contents so they can be studied without disturbing the original.
Sophisticated crackers know how to shred electronic files and create self-destructing e-mail, but forensic experts have their own ways of finding data, no matter how many times it's been deleted. There are file undeleting programs that often will catch rookie thieves, more elaborate tools like hex editors that enable you to view even deleted data, and magnetic sensors and electron microscopes that seize on the fact that every file deposits magnetic traces on the disk. Measuring changes in magnetic fields allows experts to reconstruct deleted files or overwritten areas.
Security experts also use things like a "honey pot" or "goat file," which is a collection of phony files meant to lure a hacker. If he bites and tries to steal them, the system is alerted so he can be traced.
As I've mentioned, things you yourself can do to prevent electronic theft include using encryption tools, firewalls, virus scanners, Trojan Horse cleaners, and intrusion detection programs. There are e-mail filters to block messages from known spammers. You can also subscribe to an e-mail filtering service that will scan e-mail for spam because they're endlessly tricky - sometimes their ruse is even an invitation: "If you don't want future mailings from us, reply to this address." You think they're being considerate. They're not. If they get a reply, the scammers know you're a live address and they'll sell it to endless other scam artists. But spammers keep creating new addresses, so it's a constant battle. And there are so-called Tiger Teams, computer experts, some of them reformed hackers, who come in and try to penetrate your system and then suggest ways to secure it. Just keep in mind that there is no such thing as an invincible system.
The FBI says if it had one tip to share to help catch cyberthieves, it would be to make certain your computer's internal clock is synchronized to national standards, because that helps agents trace a thief's steps.
Employees also need to do a better job of protecting their passwords into their systems. A common scam is for hackers to call employees, identify themselves as part of the company's technology staff, and say they're doing a routine check of passwords. Needless to say, if you receive one of these calls, always check with your company before divulging information. You need to choose a difficult password, a mix of letters and numbers, and you ought to change it every six months. Hackers have their own password-cracking software that tests words from lists of commonly used passwords - ordinary names, cartoon characters, rock bands. You wouldn't believe how many people, for simplicity's sake, use "password" as their password. Many others unimaginatively use their first name, or actually use none at all but have the "enter" key be their password.
Above all, consumers have to be smarter. When you go online, blind faith doesn't work. Know who you're dealing with. Don't be deceived by some highly-professional looking website. That doesn't mean it's legitimate. And no matter how you pay for something, you need to keep records of purchases, because they're your best defense against fraud.
It's obvious to me that electronic theft will only get worse, and cyberthieves will become even craftier at stealing and covering their tracks. There's a familiar saying in the computer underground: if you're a good hacker, everyone knows your name, but if you're a