HomeSecurity-In The Home
Tips and Info concerning the secure use of the internet.
More Than 40 Percent Of U.K. Users Say They Have Been Fraud Victims
44 percent of respondents said they have suffered from bank or credit card fraud, and 42 percent have had their identity stolen. The average amount stolen was nearly $3,000 per person, and 37 percent did not get their money back from the bank.
Do you get e-mail rage?
We hold our breath while cranking out e-mails and doctors confirmed their suspicions. When we hold our breath, the brain is momentarily oxygen deprived and hits the flight or fight response, fueling a more emotional reaction to the words shooting out of our fingers. What can seem like innocent or understandable venting can cost you your job, damage your reputation and crater your chances for promotion… 26 percent of the nearly 600 companies said they'd fired an employee for e-mail misuse.
Google said that between January 2009 and the end of January 2010, its malware detection infrastructure found some 11,000 malicious or hacked Web pages that attempted to foist fake anti-virus on visitors.
If you suspect your bank account has been compromised or spot any activity you have not authorized, follow these guidelines;
- Notify your bank and credit card companies immediately
- Close all affected accounts
- Notify the major credit reporting agencies
- File a report with the Garda Síochána
Security experts warns firms that lower risk flaws are higher risk
Security experts have warned businesses that hackers are moving their focus on flaws designated as high risk by software vendors to flaws normally seen as lower risks. "…they're not going for the normal high risk flaws, they're going for the medium risk ones. In the patch management cycle, the medium risk flaws [considered lower risk] are been patched later." That delay in patching is also being exacerbated by hackers combining the lower risk flaws to create so-called blended threats… By combining two lower risk flaws, hackers can cause high risk threats to an organisation.
Password reset questions dead easy to guess
Hackers stand a one in 80 chance of guessing common security questions such as someone’s mother’s maiden name or their first school within three attempts. …Online research about a subject or a pre-existing relationship makes the chances of figuring out the answer to password reset questions still easier.
Securing Wireless Networks
It is possible for attackers who are within range to hijack or intercept an unprotected connection. … Most network devices, including wireless access points, are pre-configured with default administrator passwords to simplify setup. These default passwords are easily found online, so they don't provide any protection. Changing default passwords makes it harder for attackers to take control of the device…
File sharing networks open door to identity theft
Cyber thieves are targeting their newest identity victims through the use of file-sharing networks. Consumers and their family members need to be wary about with whom they share music, photos or documents online because criminals could be downloading the information stored on personal computers, including Social Security numbers, home addresses and even health information. Users of file-sharing networks can inadvertently expose the contents of entire hard drives containing personal information to others on the network.
What is worth mentioning again, and again, and again, is the importance of applying patches and updates in a timely manner, employing anti-malware security software and keeping it up to date to detect current threats, and continuing to educate users to not click on links or open attachments in messages.
Patchy Windows patching leaves users insecure
Windows users need to patch their systems an average of every five days to stay ahead of security vulnerabilities, according to a study this week. …the average home user needs an average of 75 patches from 22 different vendors to be fully secure. The complexity of patching means that most users are not even in the race, meaning that hackers hoping to exploit software vulnerabilities to infect vulnerable systems stay well ahead of the game.
It's official: Adobe Reader is world's most-exploited app
Adobe's ubiquitous Reader application has replaced Microsoft Word as the program that's most often targeted in malware campaigns… PowerPoint attacks dropped from almost 17 percent in 2008 to less than five percent last year. http://www.theregister.co.uk/2010/03/09/adobe_reader_attacks/
According to a study by research firm Gartner Group, 43 percent of companies were immediately put out of business by a “major loss” of computer records, and another 51 percent permanently closed their doors within two years — leaving a mere six percent “survival” rate.
XP and Windows 2000: Time running out on support
Businesses using Windows XP will need to upgrade to Service Pack 3 (SP3) of the operating system by July in order to continue receiving support from Microsoft.
Mystery/Secret Shopper Schemes
…applicants are requested to provide bank account information to have money directly deposited into their accounts. The fraudster then has acquired access to these victims' accounts and can withdraw money, which makes the applicant a victim of identity theft. No legitimate mystery/secret shopper program will send payment in advance and ask the employee to send a portion of it back.
When you search for breaking news, be aware that attackers often publish links faster than the legitimate media. Get in the habit of using Yahoo! News, Google News, or another trusted service. Only news published by trusted media sources are aggregated onto these services, unlike a regular search using your favorite search engine.
Disasters are a boon to malware...
Whenever there is a big disaster people rush to the Internet to find the latest news. But that can lead them into trouble because malware distributors will quickly put up web pages related to that disaster, but containing malicious code.
Consider the smart phone. At any given moment, it - and therefore your carrier - knows within a few feet exactly where you're standing. It knows when you're stationary or walking - and the direction you're heading. It knows who you stood next to on the transit bus, that you walked through Washington Square today when a political rally took place. It knows what time you went to the polls to vote. It can detect your conversations and background noises. It knows where and when you took every photograph. And it watches your every text and e-mail message. For better or worse, much of this information is being monitored, crunched aggregated and analyzed.
How To Identify Phishing Attacks
Web browsers and security software usually offer built in phishing
protection. These rely heavily on user submissions which means that they protect
well against known phishing sites and attacks but often fail when new phishing
The Phishing Flow Chart
Here is a handy phishing flow chart that can help inexperienced computer users in analyzing potentially dangerous emails.
"Simply because a message appears to come from a friend doesn't mean the recipient shouldn't question its validity. Think twice, ask questions, and don't be so quick to click."
Four Signs of an Easy Victim on Social Networks
… these social networks, by nature of how they work, make it possible for criminals to cyber stalk potential victims. Users at risk for this kind of attack might be a person who has access to something or somebody that the criminal wants. You might be the executive assistant to a corporate CEO, or a human resources representative who has access to all of your company's employee files. You may not think anyone notices, but this makes you a desirable target… (If you work for the government, you are a desirable target- editor)
If Your Password Is 123456, Just Make It HackMe
People favor simple passwords, despite Internet security scares like the recent attacks on Google’s e-mail service.
Security experts say employee awareness and training are a crucial defense. Often, malware infections are a result of high-tech twists on old-fashioned cons. One scam, for example, involves small U.S.B. flash drives, left in a company parking lot, adorned with the company logo. Curious employees pick them up, put them in their computers and open what looks like an innocuous document. In fact, once run, it is software that collects passwords and other confidential information on a user’s computer and sends it to the attackers. More advanced malware can allow an outsider to completely take over the PC and, from there, explore a company’s network.
The Decade’s 10 Most Dastardly Cybercrimes
Greatest security threats to education
Password theft is rampant during the holidays. Thieves use low-cost tools to uncover a person’s password and send out malware to record keystrokes, called keyloggers. Once criminals have access to one or more passwords, they gain vast access to consumers’ bank and credit card details and clean out accounts within minutes. They also commonly send out spam from a user’s account to their contacts.
Job-Related E-mail Rip-offs
Scammers are preying on desperate job-seekers, with the promise of high-paying jobs and work-from-home moneymaking opportunities. Once interested persons submit their information and pay a set-up fee, hackers steal their money instead of following through on the promised employment opportunity.
Online Identity Theft
As bargain hunters surf for deals using free wireless networks at the local cafe, hackers can spy on their activity and steal their personal information.
The security nightmare formula
- Easy-to-guess passwords and password reuse
- Inconsistent patching
- Getting too personal
- Overdose of trust
- Outdated virus protection
- Not using available security products
- “It won’t happen to me” syndrome
Beware of e-mails that appear to come from government e-mail addresses that direct you to a file hosting websites such as rapidshare.com, zeropaid.com, or sendspace.com. Legitimate government business is not conducted on these websites, but Trojan horse viruses are.
The five most frequent Holiday scams
- Fake Holiday eCards: Don't recognize the sender? Delete it. If the email is not addressed to you specifically, delete it. If you're instructed to download an "executable program," delete it.
- Fake Holiday Products: If you don't recognize a company, don't order anything from them until you're sure they really exist.
- PayPal/eBay: Avoid following links that are provided for you in any email, especially if you are unsure of the sender. A frequent trick from spammers during the holidays is a link to a fake eBay or PayPal login page. Rather than follow links in emails, type it directly into your browser.
- Bank Phishing: Banks will never ask for your personal information, or provide your personal information, in an email. Also, keep an eye out for poor spelling and grammar. If you are not specifically addressed in the email, delete it.
- Letters from Santa: Although a nice idea for the kids, do your research. There are many fake companies out there. Check in with the Better Business Bureau to confirm existing companies.
Send mail to
questions or comments about this web site.