Tuesday, February 23, 2010

Internet Landmines - what can a click do?

It is unbelievable how much harm a single click can do. Yet many people flirt around innocently with the internet, unaware of the dangers that are out there. In a lot of ways internet is like an area filled with landmines and any step of yours can be lethal.

Time is premium for most people these days and most of us assume and neglect some critical aspects of internet browsing. In a recent survey, it was concluded that more than 90% of internet users click “OK” or “YES” without reading the content. When installing software, most people in their haste to install their product, click “Next” without reading what they are signing up for, this becomes a habit beyond a point. This is exploited by some of the hackers.

Just a small wonder- have you ever read the term and conditions while signing up for mail account or while installing software? Answer it yourself :)

Many types of software are designed to send back information to the server computer on a regular basis. This information can vary between internet user patters to system resource usage patterns. Even many popular security software products send such information, which is later populated to develop a better product. But sometimes other malicious software might send out vital information such as your credit card information, SSN, or even bank account number and some other important documents which may be stored in your PC for your personal use.
In spite of advancement in the online security technology, there are many sites that pose various levels of threat to the computers. If you have a proper security system installed in your computer, you will be warned. But many people take this lightly, but without your knowledge your security is compromised.

This happens, mostly in case of firewall software’s – when there is a some network trying to access your computer, most of them don’t even have look at what message is being shown in the pop-up and just click “Allow” – sometimes a traffic which needs a “Deny” would be allowed.

Since most of the world, other than Europe and North America, is only recently getting acquainted with the internet. There are many unaware users on the internet. It is not difficult to get the hang once you have been browsing for a while, but initially people trust most of websites what they see, as most of them for a fact lack experience and are unaware about the online security threats.

So here is a little important information that computer users can follow.

• Read and Think before you click “Yes” or “I Agree”
• See if the website has got a “Privacy Policy”
• Always trust sites which are verified by Third Party i.e. having SSL certificate.
• Be careful about phishing attacks through email – You many receive a email claiming it to be from bank, but actually sent by a hacker.
• Always have a look at the link address once before clicking on items. If the link address does not match with the parent site, it is better to avoid such a link.
• Never click on suspicious links.
• Read the security alerts/ pop-ups, before you proceed to click “Access” “Yes” or “Deny”.
• Do not provide your personal information over chat to unknown persons.
• Do not share your passwords
• Have a Virus Scanning Software.

Wednesday, February 10, 2010

Day-to-Day activities that increase risk of ID theft

Everyday activities like using their phone, browsing the web and shopping can increase their risk of becoming victims of identity theft.

Steven Domenikos, CEO of IdentityTruth shares his list of 8 everyday activities that increase an individual’s risk for ID theft – I thought you may be interested in sharing these with your readers?

Phone Home: Smart phones are more popular than ever. In the rush to grab a piece of the pie, phone vendors and carriers will perhaps sacrifice security for market share. While Apple vets all iPhone apps, some others - notably Android Market - do not. Fake banking apps have been discovered on Android Market and have been subsequently removed – but not before they were downloaded and used by an unnamed number of victims.

Apple, of course, is vulnerable as well. With the lion’s share of the Smart Phone market, the successful release of a rogue application, even if only for a few days, would result in a huge payoff for the perpetrators. A May 2009 survey conducted by Trend Micro revealed that 1 in 5 Smart Phone users admitted to having been the targets of phishing scams.

Staying Connected: It seems that everyone has at least one profile on a social networking site - and many people have more than one. Besides the spam friend requests that are received, presumably in an effort to get past the spam email filters, there are the add-on helper applications that pose just as much a danger as the rogue smart phone apps referenced above.

The data contained on these sites when combined with information contained on school re-union sites, resume and job-search sites and other public information could be used to build personal profiles, and enable identity thieves to steal your whole persona.

Check that URL: In October 2009, ICANN approved the user of non-western characters in web addresses. Beginning in mid-2010, one will begin to see addresses in Arabic, Greek, Hindi, Japanese, Korean, Cyrillic and others. With certain foreign characters looking like western characters, it is easy to see that the scam artists will use these to impersonate valid sites. Surely the security software will eventually catch up. But in the meantime, users will need to beware.

It’s in the mail: When you receive applications for “preapproved credit cards in the mail” be sure that you open and shred the enclosed materials before throwing them away. According to the US Department of Justice: Criminals may retrieve those applications to try and activate the cards for their use without your knowledge. Also, if your mail is delivered to a place where others have ready access to it, criminals may simply intercept and redirect your mail to another location.

Longer Log-ins: A recent report from Imperva shows the most commonly used passwords, including “123456” and “iloveyou”. Having such an easy-to-guess password – and worse, using it for multiple websites/services – makes you easier to target. Choose complex passwords that include both letters and numbers, never use the same password for more than one website, and change your passwords frequently – at least every 3 months.

To reply?: If you get an email from any institution - be it your bank, your credit card company or the IRS asking that you reply with sensitive personal information do not respond under any circumstances. These phishing emails are still used by identity thieves preying on people that are too trusting, or too rushed to think twice.

Trash that: Dumpster Diving is not an Olympic sport – it is a practice by which criminals comb through trash looking for personal financial information – cancelled checks, bank statements, credit card statements and more. Be sure to shred any and all documents containing any personal information before throwing them away.

Shop till you drop: Double check all receipts from stores and ATMS – they may contain account information that identity thieves can use. Also, try to avoid kiosk ATMs - those freestanding units often do not have cameras and are statistically more likely to be infected by skimmers (electronic devices that allow thieves to record account and PIN numbers).

Always check if there is a SSL Certificate (https://) present in the website while you do Online Shopping. Not only in a shopping site, but also check if the page is secure in case you provide your confidential and personal details.

Is taking a Bank Loan Good or Bad?

Definitely taking a bank loan shouldn't be a choice for you and should be the last resource if you need to. You may be wondering, why am...