Threat of online security

Nowadays, many companies as well as individual regardless of the size of the companies, use computer to process and store their important information. Thus, computer securities are very important to make sure that their information have not been misused by others, damage and loss. Similarly, online securities are also very important when an individual or company dispose their information online. For example if a company has their own designed website, they have to protect their website from potential threats, such as phishing, security hacking, information theft, virus, worms and etc.

However, the increasing development of technologies has also sarcastically increase the risk that every computer user has to face. Hacking means gaining unauthorized access to computer files. Everyone who expose to the internet is able to equip themselves with 'hacking' knowledge by making some research online. Internet provides the opportunities for users to share the knowledge without filtering the content. Therefore, everyone can learn the skill that may jeopardize online security via internet and therefore increase the online security risk.Nowadays, the few most famous threats are cybercrime, phishing, internet and network attacks such as computer viruses, worms, Trojan horses and back doors.

Cybercrime is known as online internet-based illegal acts. Hackers, crackers and corporate spies is part of cybercrime, who have advanced computer and network skills that access into computers and networks illegally with the intention to destroy data, stealing proprietary data and information.

An image on cybercrime

Phishing is a scam in which a perpetrator send an official looking email that attempts to obtain your personal information and financial information. In other words, this method is to collect information through fake websites. For example, some phishing email messages ask you to reply with your information, or a pop up window that looks like a website, that collects the information. The damages caused by phishing can be crucial. The following case illustrate potential thereat caused by phishing. One good example of this threat is a case which happened in year 2007. Click here to know in detail.

Images on phishing

Internet and network attack that jeopardize security include macro virus, worm, and Trojan horse.Macro virus is a piece of code that is secretly introduced into a system in order to corrupt it or destroy data. Macro virus such as Melissa and ILOVEYOU were propagated through Microsoft outlook email and whose payloads were delivered as Visual Basic for Application (VBA) programs attached to email messages. Virus attack can damage the operating system, causing the loss of data and other possible losses.

A Worm is a program that runs independently, copies itself repeatedly and consuming the resources of its host in order to maintain itself which it is capable of propagating a complete version of itself onto another machine. The repeatedly copied files use up the available space and slow down a computer operating speed.

Examples of worm

Trojan horse is a program that appears to have a useful function but that contains a hidden function that presents a security risk. Trojan may arrive in the form of file that looks like an interesting game or program. When this program is run, the Trojan program is installed and executed every time the attacked computer is turned on. This particular Trojan horse enable the perpetrator to capture user Ids and passwords, to display, delete messages and upload files on the affected computer.

Examples of Trojan horse

A back door is a set of instruction in a program that allow users to bypass security control when accessing a program, computer, or network. Once perpetrators gain access to unsecured computers, they often install a back door or modify an existing program to include a back door, enabling them to continue access the computers remotely without user's knowledge.

Examples of back door

In conclusion, risks exposed by computer users are increasing with the development of technology. therefore, safeguards developer must be always be up to date to enhance the defenses against online security threats. In the same time, users must be informed about the crucial damages and losses caused by imposing online online security threats.

Read more

Phishing : Examples and its prevention methods

Phishing, this word is quite new to me and it sound like fishing! Phishing is defined by Webopedia is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.

EXAMPLES
One example would be if you received an e-mail that appears to be from your bank requesting you click a hyperlink in the e-mail and verify your online banking information. Usually there will be a repercussion stated in the e-mail for not following the link, such as "your account will be closed or suspended". The goal of the sender is for you to disclose personal and account related information. This type of e-mail scam is also called phishing.

Let me shows another example of what a phishing scam e-mail message might look like.

Example of a phishing e-mail message, including a deceptive URL address linking to a scam website. To make these phishing e-mail messages look even more legitimate, the scam artists may place a link in them that appears to go to the legitimate Web site (1), but it actually takes you to a phony scam site (2) or possibly a pop-up window that looks exactly like the official site.
These copycat sites are also called "spoofed" Web sites. Once you're at one of these spoofed sites, you might unwittingly send personal information to the con artists.

PREVENTION STEPS!
After much study about examples and articles on phishing, this fraud action can be considered a dangerous online activity because they are usually used in targeting banks or other financial organizations that can allow the attackers to earn a considerable amount of money. Therefore, we need to be aware of this kind of fraud and must able to identify it before you get into trouble. So, here are some prevention tips to help you to avoid from getting “fished”!

1. Don't reply to email or pop-up messages that ask for personal or financial information, and don't click on links in the message. Don't cut and paste a link from the message into your Web browser — phishers can make links look like they go one place, but that actually send you to a different site.

2. Some scammers send an email that appears to be from a legitimate business and ask you to call a phone number to update your account or access a "refund." Because they use Voice over Internet Protocol technology, the area code you call does not reflect where the scammers really are. If you need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card.

3. Use anti-virus and anti-spyware software, as well as a firewall, and update them all regularly.

4. Don't email personal or financial information.

5. Review credit card and bank account statements as soon as you receive them to check for unauthorized charges.

6. Be cautious about opening any attachment or downloading any files from emails you received, regardless of who sent them.

7. Forward phishing emails to spam@uce.gov – and to the company, bank, or organization impersonated in the phishing email. You also may report phishing email to reportphishing@antiphishing.org. The Anti-Phishing Working Group, a consortium of ISPs, security vendors, financial institutions and law enforcement agencies, uses these reports to fight phishing.

8. If you've been scammed, visit the Federal Trade Commission's Identity Theft website at ftc.gov/idtheft

references:

http://www.webopedia.com/TERM/P/phishing.html

http://www.webopedia.com/DidYouKnow/Internet/2005/phishing.asp

http://www.onguardonline.gov/topics/phishing.aspx

Read more

How to safeguard our personal and financial data?

Last year researcher held a survey to monitor trends in identity fraud and according to the Federal Trade Commission, identity theft is the most reported form of fraud. This happened not only in our country but the whole wide world as well. It involved physical (lost wallet, phone sale) and online (phishing, e-mail scam) methods.

It is crucial for consumers to understand some simple and effective methods to protect themselves against identity theft. Below is a list of precautions which I can think of.

First and foremost, do not carry unnecessary information along during outings. For example, remove excess credit card from your wallet or purse since many of us like to put all the cards inside our wallet. Second, put passwords on all your accounts and do not use common terms such as your birthday date or phone number. Try to make up a fictitious word. It is suggested to combine both numeric and alphabetic characters when creating a password. Third, be cautious on the phone. Do not disclose your personal information over the phone if you do not recognize who is on the line unless you could positively confirm the caller’s identity. If there is any suspicion, confirm with the related organization or institution on how they store your personal information and why it is needed for any application. Do ensure that the information is dispose in a proper way.

Apart from that, avoid from creating the same password all the time. Double-check that all of your utility accounts and financial services have different passwords. If one of the accounts has security breached, it will prevent all of your accounts from being hijacked. Furthermore, please do not store your sensitive data on a mobile computer like laptop or PDA. However if you find that it is necessary to do so, encrypt the information with proper software. Next, report lost or stolen cards immediately and cancel all inactive accounts. Also, do not keep open credit cards that remain unused and unmonitored. If you had applied for a new card and do not receive it in a timely manner, contact your financial institution immediately. Be sure to sign the new cards upon receipt too. Besides that, consumers can also monitor their credit card and account statements online weekly to keep an eye on their transaction. It can prevent from unknown transaction occurs.

On the other hand, if your job is involve in creating documents like secretary or admin staff, do take the responsibility to protect client’s personal and financial data by shred the sensitive documents after using it. This is to ensure information is not accessible when you get rid of it. Moreover, staff should install anti virus software on all computers and change password regularly. All these are to make sure that office information systems such as computer network will not become target for identity thefts.

Last but not least, be aware of e-mail attachments. Even if you are certain they are virus-free, it can cause you to lose data too. The best way is to ignore all these e-mail attachments and junk mails. As a saying goes, prevent is better than cure. Hence hope the above precautions could help to safeguard our personal and financial data.

Read more

Review of a post on Internet Security from My E-Commerce blog

Internet security is really important to me because I had been using the online banking service. I heard from some of my friend saying about their online bank account being hacked and losses in terms of cash occurred. It’s Horrible! So I wish to share some information for that.

Have u ever encounter spam messages in your e-mail or instant messaging device such as MSN, Yahoo Mail etc? There are solutions for all these irritating spams which disturbs your online activities namely anti-spams, which would give a peace of mind. Somehow, these spams may manage to outsmart the anti-spam softwares giving headache to users again. Below are some tips to avoid during daily online activities.

1. Do not open any attachments from an unknown user especially PDF files to prevent PDF Spam
2. Delete any greeting cards from an unknown user to prevent greeting card spam
3. Do not run any emails having .com or .exe at the end of the file name

I believe many of us had been watching free movies and listening to music online for some time. This had been a trend of youngsters nowadays and hackers see this as an opportunity to obtain user’s private data from personal computers

Internet security plays a vital role especially in such unsafe internet surfing environment. More than 1million computer viruses, worms, Trojans and malware were reported by Symantec according to their virus database. Efficient anti-virus software may be required to prevent unnecessary data losses. Known anti-virus software such as Kaspersky lab, Avira, AVG Trendmicro,Symantec and so on are recommended and trusted among user groups.

Since our E-commerce requires us to create a blog for our assignment then I share some info that Bloggers may have to take into consideration some of the security precautions as below to prevent blogs from being hacked

1. Must always keep your personal information private
2. Avoid using same password for all accounts
3. Use 'Alpha-Numeric' passwords ( password consist of word and number)
4. Don't use a password that can be found in your blog.
5. Avoid using public computers (cyber café) for important website
6. Use Anti-Virus software on your computer ( Avira is recommended by me)
7. Register and use your own domain name ( Be unique)
8. Always back-up all your post / content

Read more