Joan Harwood, treasurer of Dartmouth Fire District No. 3 in Massachusetts, handles an annual budget of about $1 million. While doing some routine online banking for the firehouse in 2010, she discovered that $375,000 was missing from the account.
It turned out that her computer had been infected with a malicious computer program, Zeus Trojan, that enabled hackers to access the account and steal the money. Zeus spies on keyboards and captures keystrokes to swipe usernames and passwords.
Harwood was far from Zeus Trojan's only victim. Using the malware, a cybercrime ring operating out of Russia made off with more than $70 million from online bank accounts.
Cybercrime -- which ranges from bank account hacking to phishing (in which fraudulent emails are sent with the aim of obtaining data or cash from the recipient) -- is vast. According to the Internet Crime Complaint Center, consumers lost more than $525 million to cybercrimes last year -- an 8.3 percent rise from 2011.
A study by McAfee and the Center for Strategic and International Studies estimates that the cost of cybercrime may exceed $100 billion a year. While hackers hone their craft of manipulating computer users, Michael Kaiser, the executive director of the National Cyber Security Alliance, provides seven ways consumers can protect themselves.
1. Maintain a clean machine.
Keep any device connected to the Internet free of malware infections. Make sure you're running up-to-date security software, operating systems and applications -- important, because application updates often include security advances.
2. Have long, strong, unique passwords.
Create a password you can remember but that's difficult for others to guess. Lock your mobile devices and tablets. Thirty percent to half of users have not enabled a password or PIN on their mobile devices.
3. Avoid social engineering.
When in doubt, throw it out. An antenna should go up if a pop-up threatens you to act immediately or else. Do not click!
4. Censor yourself on social networks.
How much of your data is public? What do you post about yourself -- location, habits, plans? Disclosing where you're taking your vacation or turning on the tracker enables identity theft.
5. Use secure websites.
There are simple ways to ensure that a website is secure. Make sure the URL begins with "https," as such sites encrypt log-in information before sending it to the server, thus keeping it safe from hackers. You also can check for an icon that looks like a lock somewhere in the browser window.
6. Back up your files.
Ransomware -- a malware that places restrictions on a computer that can be lifted only when payment is made -- is one of the latest developments in hacking. For example, CryptoLocker scrambles files with essentially unbreakable encryption and demands a ransom to retrieve them. Backing up files on an external hard drive will help keep them safe, even if those on a computer are deleted.
7. Isolate financials.
The best way to ensure that online accounts are safe is to have a separate computer that's used only for banking. An alternative for the average person is to ask about which security services your bank offers, such as multifactor authentication.