Tips I picked up from my local banker about being internet safe about your info if there isn’t one thing I have learned is that people give out too much info we don’t need to know your address on Facebook or where your tweeting from I mean come on people all a scammer needs today to become you is your address and a birthdate back in my parents days it was your SSN (social security number) and that was it today Spyware and Keylogers are what are on my mind every few mins someone is a victim of identity theft with macs the programmers don’t really target us but who knows it might change Facebook scams are on the rise too also never go to a secured site on a “open” wireless network
How have security breaches evolve in this day of social networks?
Security breaches and threats evolve over time and in tandem with technology. This evolution is closely tracked by cybercriminals waiting to exploit weaknesses in technologies and in human nature. They prey on our curiosity and gullibility, and use psychological traps to lure unsuspecting technology users.
Our interaction with information technology has evolved yet by another leap with the popularity of social media and mobile devices. Whether you’re using a mobile device, a laptop or desktop computer, you’re likely to use social networks more than ever.
Today, users are the content. Driving the growth, and at the same time being driven by it, the explosion in mobile computing is expanding the impact of the social web. And, the way that content is shared and accessed is now the core of a new global culture, affecting and combining the spheres of personal and business life.
Malware scams and exploits targeting social networking websites, applications, devices, and users have proliferated over the last two years and will continue to do so. Likewise, traditional attacks will continue to become more sophisticated to target the most advanced software, hardware and websites.
Are mobile devices safe from attacks?
Smartphone security is the leading concern among IT executives according to a recent study conducted by Forrester Research. 75 per cent said that they were either concerned or very concerned about the security risks associated with the adoption of these devices. Up to 40 per cent of the respondents use or support Windows Mobile, the iPhone, and iPad.
Approximately 150 million people in America will be using smartphones to perform social and personal functions by mid 2011, according to the Nielsen Company. And new mobile operating systems are being accepted at a rapid rate – for example research and intelligence company, International Data Corporation (IDC) expects Android’s smartphone market share to increase from 16.3 to 24.6 per cent between 2010 and 2014.
What is phishing?
Phishing is a common type of spam that can lead to theft of personal details such as credit card numbers or online banking passwords. Phishing attacks work by sending “spoofed” emails that appear to come from a legitimate website, as a bank, credit card company or service provider, or any site which requires users to have a personal identity or account. The email may ask users to reply with their account details in order to “update security” or for some other reason.
The phishing email or link may also direct users to a spoofed website or pop-up window which looks exactly like the real site, but has been set up for the sole purpose of stealing personal information. Unsuspecting people are then often fooled into handing over credit card numbers, passwords or other details.
How can we prevent phishing on mobile platforms?
1. Never respond to emails that request personal financial information.
Banks or e-commerce companies generally personalise emails, while phishers do not. Phishers often include false but sensational messages (“urgent – your account details may have been stolen”) in order to get an immediate reaction. Reputable companies do not ask their customers for passwords or account details in an email. Even if you think the email may be legitimate, don’t respond. Contact the company by phone or through their website. Be cautious about opening attachments and downloading files from emails, no matter who they are from.
2. Visit banks’ websites by typing the URL into the address bar.
Phishers often use links within emails to direct their victims to a spoofed site, usually to a similar address such as mybankonline.com instead of mybank.com. When clicked on, the URL shown in the address bar may look genuine, but there are several ways it can be faked, taking you to the spoofed site. If you suspect an email from your bank or online company is false, do not follow any links embedded within it.
3. Keep a regular check on your accounts.
Regularly log into your online accounts, and check your statements. If you see any suspicous transactions report them to your bank or credit card provider.
4. Check the website you are visiting is secure.
Before submitting your bank details or other sensitive information, there are a couple of checks you can do to help ensure the site uses encryption to protect your personal data: Check the web address in the address bar. If the website you are visiting is on a secure server it should start with “https” ( the ‘s’ stands for security) rather than the usual “http”. Also look for a lock icon on the browser’s status bar. You can check the level of encryption, expressed in bits, by hovering over the icon with your cursor. Note that the fact that the website is using encryption doesn’t necessarily mean that the website is legitimate. It only tells you that data is being sent in encrypted form.
5. Be cautious with emails and personal data
Most banks have a security page on their website with information on carrying out safe transactions, as well as the usual advice relating to personal data: Never let anyone know your PINS or passwords, do not write them down, and do not use the same password for all your online accounts. Avoid opening or replying to spam emails as this will give the sender confirmation they have reached a live address. Use common sense when reading emails. If something seems implausible or too good to be true, then it probably is.
How fast evolving are scammers compared to data protection companies?
Cybercriminals are focusing more and more on social engineering tricks and social sites to find and exploit new victims. As the devices we carry and use, and the functions they offer, evolve and expand into every sphere of our lives, all the dangers posed by connecting to global networks also continue to grow in both scale and sophistication.
Technological defenses against cyber threats have also evolved and improved of course. Well-implemented, quality solutions can provide a very solid protective barrier, including blocking or at least warning users against attempts to trick them. It is vital that users are well educated on what might threaten them, and how best to spot and avoid the scams and tricks.
Understanding of the threats, the threat methods and the tools we can use to protect ourselves now and in the future is the best and simplest way to minimise the danger.
How can people tell a real link from a scam one?
Double check the URLs of websites you visit. The scam link is usually just subtly different from the genuine URL. Example: mybank.com versus mybanking.com
What is the best way to protect your digital identity?
Malware attacks can strike at anytime and from anywhere. Weak passwords, mobile devices and social networks, everyday software, removable media, operating systems and web all pose risk.
Despite the increasing sophistication and availability of alternatives, simple passwords remain the most common form of user authentication. Many online sites and services continue to rely on passwords alone to prove that the person interacting with them is who they claim to be. Weaknesses in this approach represent a serious hole in security.
To prevent hackers from compromising user accounts, passwords need to be as long and complex as possible. They should use multiple character sets (letters, numbers and symbols) and avoid common words and phrases. Passwords should not be repeated from one site to another, and they should be changed regularly, especially for highly sensitive logins such as online banking. In business, hardware-based security methods, such as tokens providing one-time passwords, can help provide a much higher level of security. Banks and other providers of high-risk online services are beginning to implement this type of technology.
Today’s legal system is dealing with cybercrime, but just barely. The best defense should include a combination of common sense decisions and protection software. Businesses and individuals should employ this type of multi-layered approach to avoid becoming the victims of malware.
Here are some tips to avoid being scammed
1. Remember that if something sounds too good to be true, it probably is.
2. Ask yourself — why would you be singled out for a windfall or other special treatment out of the millions of other Internet users. If you can’t find a good reason, it’s probably a scam.
3. Don’t believe everything you read. Just because an email or website is presented attractively doesn’t mean that it’s telling you the truth.
4. Be patient. Too many users end up the victims of Internet crime because they do not stop to think, but instead act on impulse by clicking on a “sexy” link or an interesting looking attachment without considering the consequences.
5. Unless you’re certain of a person’s identity and authority to request such information, never provide your personal information or information about your company.
6. Don’t reveal personal and financial information in email. Be wary of emails that ask you to follow a link to enter such information.
7. If you think an email may not be legitimate, attempt to verify it by contacting the company or organisation directly. But don’t use the contact information provided in the email to make contact, it could be bogus; look up the organisation’s contact information yourself.
8. Double-check the URLs of websites you visit. Some phishing websites look identical to the actual site, but the URL may be subtly different.
9. Be cautious about sending sensitive information over the Internet if you’re not confident about the security of the website.
10. Be suspicious of unsolicited phone calls and emails that ask for information about your employees or other information. It could be a scammer calling.