Christistmas Thief

[See our Disclaimers page about relying on this website’s contents.]

People all over the country will be registering electronic gifts for warranty purposes and opening new online accounts on December 25. Most of us have done this so many times that we take online account registration for granted. Unfortunately, careless indifference to technology can become our undoing. The technology itself may not hurt us, but thieves and terrorists can use against us.

Most people know that thieves can use birthdates and Social Security numbers to steal identities, but online account usernames and passwords can be just as useful for hackers. Therefore, electronic device users must all guard such information carefully and provide it only when it is necessary for bankers, accountants, attorneys, financial service companies, and government agencies.

Online security may seem simple to some people, but hackers use surprisingly slimy strategies. For example, some popular electronic stores sell devices with preloaded malware that can only be installed before the devices hit the showroom shelves. We know of one case in which a computer tablet purchased from a “big box” store and wrapped in the original packaging as a Christmas gift contained malware that directed all Internet searches to a phishing website (a site that collects confidential data without the user’s permission).

Hackers often set up fake websites (commonly known as spoofing websites) that resemble legitimate websites. The typical victim searches for a product registration website with a search engine and finds a hacker’s very legitimate looking spoof site. The victim takes the bait by clicking on the spoof site without realizing that the victim has landed in a criminal’s lair. Data entry screens on the spoof site ask the hapless victim to volunteer personal information such as usernames, account numbers, passwords, and dates of birth. You can avoid such scams by typing website web addresses into the product registration web address field at the top of the computer screen instead of searching for the website with a search engine.

Speaking of usernames and passwords, some victims invite trouble by using simple passwords (such as family names, addresses, or phone numbers) or using the same password for every kind of Internet login. Other victims invite trouble on websites that use security questions by choosing questions that hackers can easily find on victims’ social media biography pages or websites. Most website registrations have password strength meters that warn users when passwords are too weak. A good strategy for making a strong password is to write a memorable sentence with mixed capital and lowercase letters, make an acronym of the first letter of each word, and then replace some letters with numbers (such as zero instead of the letter O) and symbols (such as ! for the letter i and $ for the letter S).

They say a sucker is born every minute and that it is better to be safe than sorry. If someone asks you to expose your private information, make sure that you need the person to have that information. Gifts are great, but hackers can turn them into curses. Don’t be sorry – be safe.

Jeff R. Hawkins and Jennifer J. Hawkins are Trust & Estate Specialty Board Certified Indiana Trust & Estate Lawyers and active members of the Indiana State Bar Association and National Academy of Elder Law Attorneys. Both lawyers are admitted to practice law in Indiana, and Jeff Hawkins is admitted to practice law in Illinois. Jeff is also a registered civil mediator, a Fellow of the American College of Trust and Estate Counsel and the Indiana Bar Foundation;  a member of the Illinois State Bar Association and the Indiana Association of Mediators; and he was the 2014-15 President of the Indiana State Bar Association.

Find more information about these and other topics at, add us to your Google+ circles, like us on Facebook, follow us on Twitter @HawkinsLawPC or call us at 812-268-8777. © Copyright 2015 Hawkins Law PC. All rights reserved.