A friend of mine asked if online bill pay was safe, or if this meant that once he pays bills online his financial information will get leaked. The answer is online bill pay is as safe as your bank is, so if you already trust your bank, you should be fine. I figured I would drop him a few more tips for stuff to watch out for online, and figured I could share them with "you" as well.
If you bank offers online bill pay, the danger is 0. All "online bill pay" does is you tell your bank the name of the company you want to pay, and your account number with them; if it's a big enough company, the bank will have their info already; if it's a small enough company, the bank will ask you to what address you would normally send the check and the name it would be sent to.
Then when you want to pay someone, you login to your banks website and just check the box for that company and how much you want to pay; if it's one of those big companies the bank just does all the "footwork" as if you had mailed in a personal check; if it's a small company (or even a person, I've sent my brother money this way), they will print a paper check and mail it to the address; then the person you paid will take that paper check and deposit it with their bank to get the money.
Your browser (the piece of software you use to browse web pages, Internet Explorer, or Firefox, or Chrome) does not have the information of "name / bank account number / billing address" so it won't automatically turn it over to a "bad" website.
Common online scams:
You aren't buying from xyz.com; you are buying from a seller on xyz.com, and they are the ones that screw you.
If you go to Walmart.com and buy a DVD player, Walmart isn't going to charge your credit card and send you a box of bricks and say they sent you a DVD player. They have to much to lose to just scam everyone that does business with them. But if you are on a site like ebay.com / craigslist.com and you buy an item that is being sold by "A. Nonymous" and they send you a box of bricks; you can try going after him but they will have cut all ties, and tomorrow will be selling again as "B. Nonymous". Even buying from a small companies website will usually work out just fine; the only thing I would caution you is "if it looks to good to be true it probably is" and if the transaction involves more than 'heres my money and address" then I wouldn't trust it.
A friend of mine goes online and finds some camera shop offering a CRAZY deal on a well known camera model. She pays for express shipping to make sure it will get to my sister in time.
A day later, a "pushy man" calls the house and tries to up-sell my mom. Saying that she really needs to buy a case for the camera, and extra batteries, and doesn't she want an additional lens so she can switch to far off shots. She agrees to some of it, but not all.
A day later (and remember, we wanted this shipped express), the "pushy man" calls back and says he can ship it out that day, but only if she will go to "random camera store review website dot com" and leave a positive review of this online camera store; once it's posted, she should email him the link, and he will have it shipped out overnight.
I'm not exactly sure if it's a "scam" to just forget something; but automatic withdrawals from your credit card/bank will continue until you stop it.
I've gotten surprised more than once by paying another 6 months for an online game I stopped playing a month ago; but at least I can login and still PLAY. I heard a guy mention on a podcast that he discovered he had been paying 30 dollars a month for 6 years to some random website that had since shut down and no longer offered pornography.
Nigerian 419 scam; which is the Spanish Prisoner scam http://en.wikipedia.org/wiki/Spanish_Prisoner
"If you can send me a small amount of money, I can get access to a large amount of money and give you a percentage." Then you give some money, but now more money is needed, etc. Then someone says "hey give me some money and I can get the money you lost back". Basically: Never respond to strangers.
Using your email/twitter/facebook as a zombie
The most common way this manifests itself is you get a message saying something compelling and a link; if you click the link you will either come to a page asking for your login/password to your email/twitter/facebook or a webpage that has some code written in it that can trick your browser into downloading some code to your computer; or fool twitter/facebook into letting someone else post for you.
Then suddenly everyone in your address book / friends list gets the same zombie link, or a link to buy herbal viagra, etc.
You avoid this best by not clicking links in messages without first asking yourself if you think it might be valid.
Common invalid emails that you should be suspicious of the links:
It comes from someone you know, yet the words around it are not typical of the way they would write.
The message seems inflammatory IE: "You look ridiculous in this picture" "Did you not know you were being filmed?" etc.
It comes from someone you do not know.
The message is unexpected.
An email from your bank saying "Click here to login and read this important information"
It might be easier to explain what IS a valid link. If you clicked "Forgot Password" on a webpage and you get an email with a link to click to reset the password, that's probably fine. Otherwise, if I get an email from my bank/credit card that wants me to click a link, I just go to my browser and type in citi.com and then login there.
Using your computer as a zombie: Most often comes up when trying to view a video.
Because video software is still all over the map; it's possible you may have gotten to a website before that told you that you needed to install something before you could watch the video; you agree to install the software because you want to view the video. When you agreed to install the video player update, another small program was added to the computer that allows another person to use your computer for their own wants. This could turn out to be locking up your computer until you pay a "ransom" for it; or maybe using your computer and thousands of others to flood a website with traffic and bring it down.
So what's a red blooded american supposed to do? Just be mindful that if the browser starts to ask you a question like "Do you want to speed up performance?" or "Do you want to update your video player?" You should go down to the taskbar along the bottom of the screen, right click the program and choose "Close" and try a different site. If it starts to ask even more questions, I would just restart the computer.