A review on a post on Internet Security from ecommerze.blogspot.com .

I was going through Mr. Hen e-commerce blog and I was attached to this blog – 1 Million computers in China hit by Viruses and I start reading it.

It was surprised that China was invaded by viruses in only a week time and causes up to 1 million computers to break down and this is a very serious problem. Therefore I start doing some research what was the reason behind.

One of the reasons behind was during the National Day Holiday Week, most people in love to stay at home and serve the internet rather than go hang out on the crowded streets. Where anti-virus expert Jiangmin Co. stats that virus can be pass through by surfing the net, online shopping and even playing online games. Resulted around 118,000 computers crashed on a single day and up to 24,000 types of viruses were detected during the week.

Another reason of this tragedy is due to high unauthorized downloading of films, music and photos of celebrities. As one of the example happen in China on November 20, 2007 was viruses that replacing that appear to be copies of the film Lust, Caution by Ang Lee. Users instead of download the movie, it reflect to be bunch of viruses that invade the computer by causing blue screen to appear and even stealing passwords for website and instant messaging programs ( Infoworld.com ).

As a result, I realize taking a precaution on infection to the computer is one important thing. The lesson learn from the blog was DOWNLOAD LESS unauthorized files where most of the people do now, or otherwise be ready to take any circumstances which will be faced after download the files.

The second lesson is to choose a good anti virus and do not be lazy to update the anti-virus all the time because viruses is increasing everyday and causes your anti-virus to be outdated even in one day. Some good anti-virus software I encounter is:

-William Hong Weei Loon – “Precaution Is Better Than Cure’

How to safeguard our personal and financial data?

In the pre-computer era, people would fall victim to telemarketing scams -- sending cheques or providing credit card numbers in response to fraudulent sales campaigns. This type of fraud has now migrated to the Internet. In order to protect our personal and financial data from being harm, below are the various ways to do it:

• Use a secure Internet browser when you are online

Firefox is one of the secure browsers according to a number of sites that have tested. By using a more secure browser can help protect against from hijacking.

• Clear your memory cache after browsing

After you browse the Web, copies of all accessed pages and images are saved on your computer's memory, the browsing record will grave implications for personal privacy. It’s better to clear the cache after you are done browsing the net. Here are the ways to clear your browser history. If the system asks to auto save your passwords, etc, click NO.

• Keep your e-mail private, use encryption!

E-mail can be easily rerouted and read by unintended third parties which are not a secure medium as many believe. Currently, the exist technologies allow you to encrypt your messages in order to protect their privacy, e-mail programs such as Internet Explorer Outlook and Netscape Messenger. Pretty Good Privacy (PGP) is popular encryption software which is free for non-commercial use.

• Make sure anti-virus and anti-spyware are installed and up-to-date

You can either buy excellent anti-virus programs like Kaspersky Anti-Virus or free programs like AVG. Either way; make sure there is some anti-virus and anti-spyware prgram installed. It is a big mistake for most people that don’t install any anti-spware and anti-virus programs. Some good anti-spyware apps are Windows Defender, SpySweeper, SpywareBlaster, AdWare, and Spybot Search and Destroy.

• Avoid giving out information

Don't publicly give out any information online that could be traced back to you as an individual, such as your real name, your date of birth, your physical address, phone number, place of work or other personally identifiable information, including names of relatives.

• Make sure the URL has an HTTPS instead of HTTP

Look in the address bar of this or other websites or email services. In the website’s address, type in the letter “s” after “http” – this can make your connection to the website more secure, but may not work for all websites or email services.

Reading the few safeguards above, may instill paranoia even in the most fearless web user. Remember, the use of the internet is a great way to make your life easier and can be a safe place as long as you follow some simple common sense rules. We must realize that the people in cyberspace are the same people you encounter every day in the physical reality. Even if you never use a computer, your identity can still be stolen from the paper that your throw out in your trash!

- Carmen Lee Jia Wen -

Phishing: Examples and its prevention methods.

Phishing is the process of attempting to fraudulently acquire sensitive information, such as user names, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. It can trick people into giving up their personal information. Sometimes associated with spy ware. For example, perpetrators may get victims to click on a link that takes them to a Web site where they are subject to a drive-by download. Lalong.com and online-banking are common targets. Phishing is typically carried out by e-mail or instant messaging and often direct users to enter details in a website. Below are the steps to prevent phishing emails and website:

1. Recognize it - If you receive an unexpected email from a bank or credit card company saying that your account will be shut down if you do not confirm your billing information, do not click on any links in the email. Phishers typically have one purpose in mind: to entice people to react immediately by clicking on the link and inputting their password or credit card number before they take time to think through what they are doing.

2. Report it - Contact your bank, if you have unwittingly supplied personal or financial information. You should also report the matter to your local police. They will often take police reports even if the crime may ultimately be investigated by another law enforcement agency.

3. Stop it - Become familiar with the practices of your financial institutions and credit card companies. They normally will not use email to confirm an existing client's information. Keep informed of the latest advisories and steps on how to protect you from identity theft and fraud.

Watch this fun yet informative video about Phishing brought by eBay Canada. Please click this small TV. Enjoy the video clip !!!

Related Link:~

Microsof web page -Pharming: Is your trusted Web site a clever fake?

Economictimes web page - Pharming attack is a new security threat

Wikipedia web page - About phishing

Privacy rights web page -"Phishing" Emails Attempting to Capture Your Personal Information

- Alvin Poon Chee Hau -

The threat of online security: How safe is our data?

Online have gave us a lot of convenient such as making online transactions on paying bills, online shopping, look for informations, etc. Sadly the online security had become an issue recently. As for the most famous threat is Trojan attack, Daniel G. James analyzes that the Trojan attack had been increase, from 2004 till 2006.

Trojan Infections from 2004 - mid of 2006

Statistical Analysis of Internet Security Threats by Daniel G. James

Online Threats is separated to 2 categories which are technical attacks and non technical attacks. Technical attack basically is the need of knowledge to create certain software or program to form a threat. Whereby non technical attacks is using tricks to make users to disclose certain information the attacker wants.

Virus, Trojan horse, worm, Macro Virus are all technical attacks. During May 2000, there was 1 famous worm which named “I LOVE YOU”, where a small piece of code attached to the email (Business Software Alliance) . When user opens the file, it will send an email to everyone in the address book, subsequently causes the victims’ machines to be damaged by overwrite the important files (Wikipedia). This worm started from Philippines and eventually spread within the world in 1 day time traveling across from Hong Kong towards Europe and United States.

One of the most famous non technical attack threats is Phishing. Phishing is intent to cheat a user for sensitive information by using a trustworthy entity in an electronic communication. Bank always been targeted in Phishing, an example of phishing email are such as below.

CitiBank

by Surf The Internet Safely

From all this threats, the attackers intent to get the private information of ours such as our user name and password for our accounts or access code and pin code for our credit cards. Therefore in order to enjoy the internet services, we users have to always take precautions on every items obtained from the internet. We must always predict the unpredictable. Our data will be safe if we take full precautions on all type of attacks from the internet.


-William Hong Weei Loon-