<
Indo-Canaidan Voice
web voiceonline
Saturday 28 August, 2010
 
Headline
News Roundup
Aroundtown
Movie Review
Events
The Road Rules
Classifieds
Voice Chai Time
Just Kidding
Archive Editions
Write to Editor
About Us
Contact Us
Advertise With Us
 

Top Story

 

Avoiding  Internet fraudsters Scammers and hackers

 

 

By Amit  Dhoodwallah  Internet analyst and scamhunter


There are many ways an account can be compromised/hacked.  A few (but by no means all) of the common ones follow some what in order of frequency used:
Phishing 

 * Never respond to an e-mail that requests your login:password.  Never follow a link that doesn't go to to a known url (for example:  http:\\gmail.google.com\ is NOT the same as http:\\gmail.google.com.junk.ru\).  Be aware that the url printed in the message may not be where the link actually goes so verify before you click.
 Common password usage
 * Using the same password for multiple accounts so if someone breaks into one (like Facebook) they can get into others.  Getting access to an e-mail account can often lead them to Paypal, Ebay, YouTube and many other accounts.
 * Make sure you use a unique password for every site where you have an account.  Especially critical for financial sites, or sites with links to other accounts (like social networking or e-mail sites).
 
Linked accounts
* Related to the above in that one account has information leading to other accounts.  If they gain access then they know about the other accounts too.  This is hard to protect against when a forum or social networking site requires an e-mail address (if they break into the one site, look at your settings, they know your e-mail address too).
* Do not store login:password information in an e-mail account where it can be accessed should the account be compromised.  Also consider a "junk" e-mail address for all forum/web-site registrations so it does not lead back to your primary account.
Failing to log out
 * Failing to close your account on a computer that others have access to (like at work, school, or library) so that anyone else can access your account.
 * Always close your account when you walk away from your computer (even at home for some people).
 
Browser auto-fill enabled
 * Like the above, having the browser configured to enter your login/password automatically so anyone using the computer can gain access to your account.
 * Never use the browser's auto-fill capabilities unless you're on a 100% private, secure, and trusted computer.
 - Clear saved data: 

 * Any computer accessible by others can have a keylogger installed which will capture your login/password for any site you visit.
 * Never log into your account on a public computer (like at a library) and be very cautious using any computer that others have access to (like at work or school).
Trojan/Virus/Malware
 * While not strictly used to steal an account, could do damage to your account or use it to send spam while you're logged in.
 * Always keep virus scanners enabled, and using up-to-date definition files.  Regular use of malware type scanners is good too.

 Password guessing
 * A brute-force method of guessing someone's password, made easier if they know you in real-life, especially if you use a weak password (like a kid's or spouse's name).
 * Follow standard password generation safeguards:  no common words or proper names, no patterns (1234 or qwerty), use mixed case and include numbers or punctuation, etc.

 Server attack
 * When someone compromises a company's server gaining access to account or private information for a large number of users.  This is typically seen in large identity-theft cases.
 * Nothing you can really do about this except deal with only reputable companies with good privacy policies.

 


[Go To Top]
 

 

 
 
 
 
 
 
 
 

© The Voice Group. 2002, All Rights Reserved, Reproduction in any form is prohibited without prior permission