Security

Use the information below to protect yourself and your company from the pitfalls of internet trading. Worldbizonline will give you all the information you need to guard against these trading challenges to make your online experience enjoyable and profitable.


We have isolated the following areas that need to know about. So arm yourself today. Just click on one of the main topics below and you will be taken to the correct area on the page.

Essentials

Look for information about security on websites.
Websites should tell you how your financial account numbers and other personal information are safeguarded during transmission, and whether or not that information is protected if it is stored. Usually the information is encrypted (scrambled in a private code) so no one else can read it.

  • Don't believe websites that claim that your financial or other personally sensitive information doesn't have to be encrypted.
     
  • It's important for a website to provide details about how your information is protected during transmission. It should specify the safety precautions taken to prevent outsiders from "hacking" into its customer databases, and employees from abusing the information.

Do business with companies you know and trust
Be sure you know what the company is and where it is physically located. Businesses operating in cyberspace may be in another part of the country or the world. Resolving problems with companies that are unfamiliar can be more complicated in long-distance or cross-border transactions.

Watch the address bar at the top of the computer screen
At the point that you are asked to provide your financial account information, Social Security number, or other sensitive personal information, the letters at the beginning of the address will change to either "https" or "shttp," depending on the security system the website uses. To make sure you can see the first letters, highlight the address, click either the right or left arrow key (it doesn't matter which), and click the home key.

  • If you're not sure whether it's safe to give your payment or other sensitive information online, you may be able to provide it by telephone or some other offline method.
  • If you have any questions about a website's security practices, contact the site directly to ask.

Your browser may show you that the information you give on a website is secure
Look for a symbol at the bottom of your computer screen, such as a broken key that becomes whole or a lock that closes. The Help section on your browser software or in your manual should describe any feature that confirms that proper security is being used. Don't send your credit card number or other sensitive information by email, since it is not usually secure.

  • Contact your software manufacturer if you can't find information on security in the Help section of your browser or in your manual
  • If your browser doesn't include a security detection feature, consider updating it to one that does.

 

Security for youth

Don't say you're older than you are. Worldbizonline membership does not have an age limit, but you must provide your true age. Please do not misrepresent your age.

Worldbizonline is a public space. Members shouldn't post anything they wouldn't want the world to know (e.g., phone number, address, IM screen name, or specific whereabouts). Don't post anything that would make it easy for a stranger to find you, such as your local hang out. It's always fun to post pictures but remember that what you might consider a harmless picture of you and your friends in your uniforms at a school football game, is actually a map telling a stranger exactly where to find you.

Don't post anything that could embarrass you later or expose you to danger. Please remember that Worldbizonline is public and many people have access to what you post, including potential employers, colleagues, teachers, and peers that you might not even know. You shouldn't post photos or info you wouldn't want adults to see or people to know about you.

Protect your privacy. People aren't always who they say they are. Be careful about adding strangers to your friends list. It's fun to connect with new Worldbizonline friends from all over the world, but avoid meeting people in person whom you do not fully know. Remember that you don't really know who is on the other end of an internet connection.

Harassment, hate speech and inappropriate content should be reported. If you encounter inappropriate behavior, inform your parents or a trusted adult and report it to Worldbizonline or the authorities.

Don't get hooked by a phishing scam. Phishing is a method used by fraudsters to try to get your personal information, such as your username and password, by pretending to be a site you trust. If you suddenly start receiving abnormal bulletins or messages from a friend, they might have been phished. Check with them before opening any files or clicking on any links. If you think you, or a friend, are a victim of phishing, change your password immediately.

Avoid in-person meetings. Don't get together in person with someone you "meet" online unless you are certain of their actual identity. Talk it over with an adult first. Although it's still not risk-free, arrange any meetings in a public place and bring along friends, your parents, or a trusted adult.

Think before you post. What's uploaded to the net can be downloaded by anyone and passed around or posted online pretty much forever. You shouldn't post photos or info you wouldn't want adults to see or people to know about you.

Cyberbullying
Cyberbullying411.com has provided the following tips to educate yourself and your friends about cyberbullying and how to address it in the real world.

In general, cyberbullying is bullying or harassment that happens online. Much of it is similar to what you might have experienced offline in schools, homes, or the community, but has the additional aspect of the internet.

Cyberbullying can take the form of a message on email or instant messaging (IM) or a social networking site from someone who is threatening to hurt you or beat you up.

It could be a profile made by someone pretending to be you. Or, someone hacking into your profile and writing comments pretending they're from you.

Cyberbullying occurs in many different places online, including instant messaging, social networking sites, email, and chat rooms. The most common place bullying occurs online is over instant messenger, but it also can occur via other new technologies.

If you are being cyberbullied or threatened online in any way, there are things you can do to stop it:

Ignore the person. Sometimes the easiest thing to do is to ignore the person and go on about your business.
Block or delete the person. If it is happening on IM or some other place online that requires a 'buddy list,' you can block certain users based upon their username, or delete them if they are in your buddy list. You can also block emails that are coming from specific email addresses.
Logoff if the harassment is bothering you. With you no longer online, the bully may find someone else to harass.
Change your information. If someone has phished your profile, change your password. If someone repeatedly sends you messages (like, 'add me to your buddy list' over and over), consider changing your username or email address.
Contact Worldbizonline if a profile was created about you without your knowledge. You can phone Worldbizonline’s help center directly to report the fraudulent profile. Or, go to the forum director in your primary category to report the fraudulent profile.

If you are upset about what is being said, talk to someone you trust. Don't feel like you're alone.

When to talk to adults

Many times, teens are able to take care of the cyberbullying on their own. But sometimes it gets out of hand, and it's helpful to talk to an adult about what is going on. If you feel scared or overwhelmed, maybe even trapped, it's definitely time to talk to an adult.

If you don't feel comfortable speaking with a parent, seek out other adults or authorities like a teacher, coach, school counselor, a youth group leader, or other adult family member such as an aunt or uncle.

For more information and resources about how to stop cyberbullying, please visit the following sites:
http://www.cyberbully411.com
http://www.isolutions4kids.org

Security for parents

Is your child on Worldbizonline?

First and foremost, it's important to have an open dialogue about internet use and online safety with your children. Experts recommend setting boundaries for internet usage just like any other medium, such as TV or the phone. Ask your child about how they use the internet, what social networking sights they have joined, and who they connect with while on online. Let your child know that you are interested in seeing their Worldbizonline profile and who their contacts are.

You can also search for your child on Worldbizonline using our search functionalities. Simply enter in their first and last name (or their email address) and review the search results to see if your child is on the site.

Talking to youth about safe internet usage

Talking with your kids about appropriate behavior is just as important online as it is in the real world. Having an open dialogue is the best way to help your kids make safe choices in relation to their use of online communities.

After you've looked around the site and you know a little bit about why your child is using Worldbizonline, you can begin a discussion with them about their use of the site. Ask them what kind of information they have posted. Ask them to show you what their Worldbizonline page looks like and to identify who they’re in contact with. Have them take you through what they typically do on Worldbizonline. These are the same questions you ask when they come home from school—just applied to a different space.

Remind your child that the rules for the online world and the offline world are very similar. For example, your child knows to be wary of strangers when they leave the house, and they should do the same for those they meet online. Your child would never blindly open the door to the house without first verifying who is knocking and why, and they should do the same for those they meet online before adding them as friends. The rules you have taught your child about staying at the mall or walking home from school do translate to the online space, so be sure to have these conversations with your child.

Please remember that your role is critical when it comes to communicating and enforcing safety guidelines.

Tips for parents 

Worldbizonline offers following tips for parents to begin a dialogue about safe web practices with your kids:

1. Start a conversation

Talk to your kids about why they use Worldbizonline, how they communicate with others, and how they represent themselves online. Recognize the importance of social networking in their daily lives, similar to that of cell phones, email, or instant messenger, and express an interest in understanding the role it plays.

Ask them why they like being online and who they hang out with online. Ask them to show you their friends, what they are listening to, and what interests them on Worldbizonline.

2. Report inappropriate behavior

Harassment, hate speech, and inappropriate content all violate the Worldbizonline Terms of Use and should be reported. If your kids encounter inappropriate behavior, they should report it to you, the authorities and/or Worldbizonline, as the situation merits. To report a problem, contact the Worldbizonline support center.

3. Talk about Worldbizonline and the internet

Worldbizonline, like the rest of the online world, is a public space. Members shouldn't post anything they wouldn't want the world to know (e.g., phone number, address, IM screen name, or specific whereabouts). Tell your teens they should avoid posting anything that would make it easy for a stranger to find them, such as their local hangouts.

Remind them not to post anything that could embarrass them in the future or expose them to danger. Although Worldbizonline is public, youth sometimes forget that the information and photos they post are accessible to others.

4. Remind youth to be cautious

Just as in the offline world, people aren't always who they say they are. Remind your teens to be careful about adding strangers to their friends list. It's fun to connect with new Worldbizonline friends from all over the world, but members should be cautious when communicating with people they don't know.

Encourage teens to be themselves, but to exercise the same basic safety principles they do in the physical world. They wouldn't chat with a stranger at the mall or give someone they don't know their cell phone number. Remind them that reckless online behavior can be just as dangerous.

They should talk to you if they want to meet an online friend in person, and if you think it's safe, any meeting should take place in public, with friends or a trusted adult present.


Credit card security

United States federal law limits your responsibility for unauthorized credit card charges on a US credit card to US $50. Most credit card companies don't require any payment if you report the problem as soon as you discover it. You also can challenge unauthorized use of your debit card or withdrawals from your bank account. Your legal rights in those cases aren't the same as with credit card charges, but your bank or debit card company may voluntarily offer greater protection.

  • Check your credit card and bank account statements promptly to spot mistakes or unauthorized charges. If you keep your account records online, look at them regularly.
  • In addition to mathematical errors and purchases you didn't make, you can dispute credit card charges if you never received the goods or services or they were misrepresented.
  • Notify your credit card issuer or bank immediately if you find any problems.
  • Some online services are charged to consumers' telephone bills. If anyone else uses your computer and agrees to such charges, you may be held responsible. Tell every person who has access to your computer not to download programs, even if they are advertised as free, without checking with you first. Contact the telephone company and your state public utility commission to find out about your rights regarding disputed telephone charges.

 

Overpayment Scams

Thinking of selling a car or another valuable item through an online auction or your newspaper’s classified section? If so, the Federal Trade Commission (FTC), the US consumer protection agency, wants you to know about check overpayment scams.
According to FTC officials, the scams work like this: Someone responds to your posting or ad, and offers to use a cashier’s check, personal check, or corporate check to pay for the item you’re selling. At the last minute, the so-called buyer (or the buyer’s “agent”) comes up with a reason for writing the check for more than the purchase price, and asks you to wire back the difference after you deposit the check. You deposit the check and wire the funds back to the “buyers.” Later, the check bounces, leaving you liable for the entire amount.
The checks are counterfeit, says the FTC, but good enough to fool unsuspecting bank tellers.
In a different version of the scam, the FTC says, consumers get a check that has their “winnings” from a lottery. They’re asked to pay taxes or fees. Sometimes, the sender claims to be trapped in a foreign country without any way to cash the check. Either way, federal officials say, if you deposit the check, you’ll lose.
Here’s how to avoid a check overpayment scam:

  • Know who you’re dealing with. In any transaction, independently confirm the buyer’s name, street address, and telephone number.
  • Don’t accept a check for more than your selling price, no matter how tempting. Ask the buyer to write the check for the correct amount. If the buyer refuses to send the correct amount, return the check. Don’t send the merchandise.
  • Consider an alternative method of payment. As a seller, you can suggest an escrow service or online payment service. There may be a charge for an escrow service. If the buyer insists on using a particular escrow or online payment service you’ve never heard of, check it out. Visit its website, and read its terms of agreement and privacy policy. Call the customer service line. If there isn’t one or if you call and can’t get answers about the service’s reliability, don’t use the service. To learn more about escrow services and online payment systems, visit www.ftc.gov/onlineshopping.
  • If you accept payment by check, ask for a check drawn on a local bank, or a bank with a local branch. That way, you can make a personal visit to make sure the check is valid. If that’s not possible, call the bank where it was purchased and ask if the check is valid. Get the bank’s phone number from directory assistance or an internet site that you know and trust, not from the person who gave you the check.
  • If the buyer insists that you wire back funds, end the transaction immediately. Legitimate buyers don’t pressure you to send money by Western Union or a similar company. In addition, you have little recourse if there’s a problem with a wire transaction.
  • Resist any pressure to “act now.” If the buyer’s offer is good now, it should be good after the check clears the issuing bank.
  • Throw away any offer that asks you to pay for a prize or a gift. If it’s free or a gift, you shouldn’t have to pay for it. Free is free.
  • Resist the urge to enter foreign lotteries. Most foreign lottery solicitations are phony. What’s more, it’s illegal to play a foreign lottery through the mail or the telephone.

source:  www.ftc.gov 

Viruses and other threats

Avoid catching a "virus" on your computer.
Don't open email attachments from strangers. There may be a virus planted in the attachment that could damage your computer programs or your files. It also could expose sensitive information you may have stored in your computer, such as financial accounts, to prying eyes. If the message looks like it's from someone you know but the heading seems strange, check with that person before opening the attachment. Delete suspicious messages. Viruses also may be hidden in programs you download from the internet. Consider using and regularly updating anti-virus software on your computer that can alert you to possible infection.

  • Don't forward email attachments or programs you've downloaded to others unless you're sure they're virus-free.
  • If your computer has caught a virus, you may be able to use anti-virus software to clear it. Some viruses can't be easily removed. Depending on the problem that a virus has caused, you may need to delete all the programs from your hard drive and reinstall them or replace some hardware. Contact the manufacturer of the affected systems for advice.

Take extra security precautions when you have broadband internet access.
Broadband services, which provide consumers faster access to the internet, are increasingly available through telephone companies, cable companies, and by satellite. If you have broadband service, you're always connected to the internet when your computer is turned on.

  • When you're connected to the internet through broadband service you're more vulnerable to "hackers" who may try to get financial and other personal information that is stored in your computer.
  • You can protect yourself by using a "firewall," special software that creates a barrier so unauthorized people can't get into your computer system.
  • If you are not using your computer for extended periods of time, make sure you turn it off. A hacker cannot access a computer that is not on.

Source: www.nclnet.org


How to identify and eliminate a Trojan horse on your PC
A Trojan horse is a destructive program that masquerades as a benign application or upgrade. Most Trojans are delivered via emails, online services, and downloads, such as free games, applications, movies, and greeting cards. Many of us don't realize how vulnerable we are.

How Trojan horses work
Trojans vary in the nefarious acts they perform once inside a machine. They can initiate harmless pranks that display a cute, obscene, or political message. They can steal your passwords or personal financial information and relay them to an identity thief via the internet. They can even become "logic bombs" that erase all your data and try to damage hardware.

Once inside your computer's operating system, Trojans can track keystrokes; this allows usernames and passwords to be collected and sent from your system without your knowledge. And, if you think you don’t have anything valuable on your machine, think again. Most personal data is now stored on our computers, including full names and addresses, credit card and financial information, Social Security numbers, personal photos and letters, and more. This can be enough for someone to steal your identity or impersonate you.

Experts warn that one of the areas of increasing risk is malicious files, masquerading as legitimate downloads, being posted on the internet. Adult newsgroups are particularly dangerous, since many users believe that the files they are downloading are simply .jpeg or .mpeg files, but are actually are remote-access Trojan horses that provide access to your PC.

How to spot Trojan horses before they get in
First, beware of "executable" file attachments, which contain extensions such as .exe, .vbs, and .bat. Some Trojans have multiple extensions, such as "LOVE-LETTER-FOR-YOU.TXT.vbs." When this occurs, pay close attention to the extension at the end—it's the only one that counts.

Take proactive protective measures, including:

Set up and maintain firewall security. Install a firewall that scans both inbound and outbound communications. Subscribe to an anti-virus software service. Hundreds of viruses are discovered each month, so you need to be continuously protected. With a McAfee product, you download the software only once, and, from that point on, you receive continuously updated protection via the internet at no extra charge. Always be certain of both the source and content of every file you download. In other words, be sure that you trust the person, company, or file server that created or sent you the file. To put it simply, don't accept candy from strangers. Even if a file comes from a friend, make certain it is innocuous before opening it. Many Trojans can automatically send themselves to everyone in your email address book. Beware of hidden file extensions. By default, Windows hides the last extension of a file, so "susie.jpg" might actually be "susie.jpg.exe"—an executable Trojan. To reduce your chances of being tricked, "unhide" those pesky extensions. Back up your files regularly. If a virus destroys your files, at least you can recover them from back-ups.

Disconnect your modem and turn off your computer. Always-on isn’t always better.

Source: www.mcafee.com

Email frauds and scams

Understanding and protecting yourself from common email frauds and scams
The most common form of email fraud is “spoofing” or “phishing.” You may receive emails (view example below) that look like they are sent from Worldbizonline.com but, in fact, are not. These emails might ask you to enter sensitive information into a form or direct you to a website that looks similar to Worldbizonline.com where they ask for information in order to commit identity theft.

General email greeting
Most fraud emails will begin with a general greeting such as "Dear Worldbizonline User." However, emails sent by Worldbizonline will always include a personalized greeting in the form of either your name or Worldbizonline Member ID.

Urgent account emergency
Fraud emails often stress urgency and claim that your account will be suspended or terminated if you don’t provide or update your personal information right away. Therefore, be very cautious when responding to an email that states you need to provide information in order to maintain, enable or make changes to your account. Look out for urgent requests to update account information, and do not provide sensitive information in an email.
Worldbizonline will NOT ask you for the following information in an email communication:

  • Your Social Security number or tax identification number.
  • Your bank account information and credit card number, PIN, or security code.
  • Information to identify you such as your mother's maiden name, birth city, or pet's name.

Moreover, forms requesting information within an email are typically a clear indication of fraud.

Do not click on links in a fraud email
Always remember that website address links can be forged. Do not click any links listed in an email that you suspect to be fraudulent. We suggest typing the address from the link into the address bar at the top of your browser and pressing "Enter." This way, you can ensure you'll be directed to your intended website destination and spammers can't validate your email address.

Fradulent web page
When accessing Worldbizonline.com, our website addresses can be identified by the following format:
http://www.worldbizonline.com/[extendedname]

Do not "Unsubscribe" from a fraud email
Do not "Unsubscribe" or "Reply" to be removed from any suspected fraud email. Many spammers claim to offer an "Unsubscribe" function used to actually confirm that your email address is valid and working in order to continue to spam you in the future.

What do I do if I receive a fraud email?
When it comes to email, you are in control. You can protect yourself by not providing any personal or sensitive information in a suspicious email. If you think you have received a fraud email or if you are unsure if an email is legitimate, you can check your account status in My Account Tools, or contact one of our service representatives through the Worldbizonline Contact page.

Tips when doing due diligence

  1. If the supplier usually sells products in a completely different line, take care as you may be dealing with a fraudulent company. For example, a clothing supplier who also sells brand-name mobile phones.
  2. Always remember, if it seems too good to be true, it probably is. If the prices of the products are 50% lower than the normal market price, there is a chance that the products sent will be counterfeits or defective.
  3. If a potential business partner claims to be a Worldbizonline supplier, use the company name they provide and find their company website on Worldbizonline.com. We recommend you contact the supplier directly on Worldbizonline.com. Confirm the company details and genuine email address. Some fraudsters will misuse the name of suppliers to commit fraud.
  4. If the supplier insists on Western Union payment only, then choose another supplier. Serious suppliers will always offer a selection of payment methods. Western Union is not the recommended payment method for transferring money to strangers.
  5. Use the company name, email address, or telephone number to do a Google search. If this company's information or website is listed under different company names, it is most likely they are not serious.
  6. Search the Worldbizonline.com forum to find out if there is any negative feedback against this company. 

Phishing, pharming, and spoofing

What is phishing?
Phishing is a method of fraudulently obtaining personal information by sending spoofed emails that look like they come from trusted sources. Whether you're a casual web surfer or immersed in a cyber lifestyle, all internet users are under assault by phishing emails, pharming sites, and crime ware. Because cyber criminals use botnets—groups of hijacked PCs—to launch untraceable spam-based phishing attacks, the number of phishing and pharming schemes has grown immeasurably. Criminals are using blended or multifaceted attacks—which combine multiple crime ware techniques—to steal identities and hijack systems, often fooling even savvy users.
Financial services are by far the most targeted industry. Indeed, cyber prowlers frequently build fraudulent web sites that closely mimic legitimate banking and Wall Street sites, tricking users to turn over their online account names, passwords, Social Security numbers, and other personal information.

Phishing tricks
When they set up a fake website, phishers attract users through spam or targeted emails, hoping to get lucky and find real customers of the hijacked bank, e-retailer, or credit card company. The emails can be extremely convincing, such as a message from eBay saying that your credit card has been declined, or from Citibank saying that they have detected unauthorized activity on your account. The messages frequently feature logos, colouring schemes, and company mottos ("Avis: We Try Harder") that seem legitimate.
One example is a spam email that claimed to be from BBC News. It introduced a news story of interest, with a "Read more…"link to lead users to a fake BBC News site. The fraudulent site looked exactly like the real BBC News site's pages and carried real news stories copied from the BBC site. These fake web pages exploited the unpatched "Create Text Range" vulnerability in order to download and install a keylogger, which monitored users’ activity on various financial websites and sent the captured information back to the hacker.

Pharming techniques
Pharming uses Domain Name Service (DNS) hijacking to misdirect users to a fake site by altering the DNS for the target website. Or, the system redirects users to authentic web sites through phisher-controlled proxies that can be used to monitor and intercept keystrokes. 

The spoofed sites collect credit card numbers, account names, passwords, and Social Security numbers. They do this by either displaying a popup to steal the information before sending the user to the real site, by using a self-signed certificate to fake authentication and get the user to trust it enough to enter personal data on the spoofed site, or by painting over the address and status bar of the browser to trick the user into thinking they are on the legitimate site so that they enter their information.

Crimeware—deceptive downloads
Phishers use tricks to install crime ware on consumers' computers to steal information directly. In most cases, you don't know you are infected, and only see a slight slowdown in computer performance, or notice blips in operation that they attribute to normal software glitches. Computer security software is a necessary tool to prevent crimeware from installing if you get caught in an attack.

In a deceptive download ploy, Trojan keyloggers and other spyware piggyback onto legitimate software, or the hacker can corrupt a legitimate site using bad scripts so that the software downloads secretly in the background when the user visits a site they trust. Phishers also use social engineering to persuade users to download the software from their site directly by convincing them that the software is something that they want, such as a screensaver or music download program.

Once the crimeware is installed, you are in trouble. It can cause the browser to launch spoofed sites, it can hijack the PC's host file to redirect the computer to spoofed sites, and it can use keystroke loggers and screen scrapers to record and send stolen data back to the hacker. Crimeware also installs rootkits that execute under the radar and hide the presence of the spyware, or can turn the PC into a remote-controlled bot ready to launch a massive spam campaign or Denial of Service (DoS) attack.

Phishing trends
By all accounts, phishing attacks are on a steep rise. Tens of thousands of unique phishing cases surface each year, and these numbers are growing exponentially. New phishing sites are also seeing a similar growth trend, as well as password-stealing malicious code URLs. The United States hosts the most phishing sites, followed by China and the Republic of Korea.

Phishers are narrowing their focus and targeting attacks against large financial and e-commerce firms; for example, out of every hundred brands that are hijacked, approximately five account for 80 percent of all phishing campaigns. Also, as eBay and large financial institutions take more proactive measures to combat phishing, criminals are moving downstream to credit unions and other companies that might not be as technologically savvy. As people become smarter about phishing, attacks will be less like spam and, instead, take more advantage of targeted weaknesses.
Source: www.mcafee.com

 

Reporting fraud to Worldbizonline

If you have any doubt whether an email is from Worldbizonline or whether an email you receive in your Worldbizonline inbox looks suspicious, help us keep our community safe by reporting it immediately. You can also report companies advertising on Worldbizonline through the same channel.