Do You Know

Creating fake profile of someone is cyber crime?

Creating a fake profile of somebody, which displays his/her original name with their original photo and describing them as “loose characters” or making them degrade in social networking sites is treated as cyber crime.

According to section 67 of Information Technology Act and section 509 of the Indian Penal Code, The Director(s) of Social networking as well as those who created and updated such fake profiles are liable to the same

Skimming scam?

Using credit card in secured Internet is safer than using in restaurants because of skimming scams.

Skimming scam, is a illegal copy of credit card information from the magnetic strip and misuse them.

What is strong password?

A strong Password should have combinations of Alphabets, Numbers and Characters such as c.!@*^&)(~@. Remembering these passwords are very difficult so that remember a passphrase and make a strong password as below.

Consider the following passphrase

" I love my sister for her continous support "
Take all first letters of all words in the above statement

Ilmsfhcs

Replace all even numbers letters as capital letters
Now replace S with $ and H with #

iLm$f#c$

Finally add your favorite two digit number at the end
iLm$f#c$36 is the strong password which is also can be remember.

Phishing

What is Phishing

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT Administrators are commonly used to lure the unsuspecting.

Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication, it may require tremendous skill to detect that the website is fake.

Phishing is an example of social engineering techniques used to fool users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

Different types of Phishing

An e-mail message from a large online retailer or Internet Bank web site announces that an order you recently completed is ready to ship - except that you didn’t order anything or update banking details. So you follow a link in the message that supposedly lead backs to the website spoofed login page.

Link Manipulation

Most methods of phishing use some form of technical deception designed to make a link in an e-mail (and the spoofed website it leads to) appear to belong to the spoofed organization. Misspelled URLs or the use of subdomains are common tricks used by phishers. In the following example URL, http://www.yourbank.example.com/, it appears as though the URL will take you to the Attacker  Database of the yourbank website; actually this URL points to the "yourbank" (i.e. phishing) section of the Attacker  Database website

Filter Evasion

Phishers have used images instead of text to make it harder for anti-phishing filters to detect text commonly used in phishing e-mails

Phone Phishing

Not all phishing attacks require a fake website. Messages that claimed to be from a bank told users to dial a phone number regarding problems with their bank accounts. Once the phone number (owned by the phisher, and provided by a Voice over IP service) was dialed, prompts told users to enter their account numbers and PIN. Vishing (voice phishing) sometimes uses fake caller-ID data to give the appearance that calls come from a trusted organization sometimes

Tips for to avoid phishing attacks

• Never click web links in your e-mail and no bank will ask you to update the accounts through online
• Never provide personal information including your passwords, credit card information, account numbers to unknown persons
• Never keep username, account name and passwords at one place. Always try to remember passwords
• Always use phishing filters at your Internet browser
• Do not click any images in the web sites if you are unsure

Source: ISEA