Find Out Who Is Tracking You

Find Out Who Is Tracking You on the Web with the Firefox Add-On Collusion

 

When you surf the web I’m sure you are aware that your browser stores something known as cookies. These cookies are often used to store settings, such as your user name or preferences, and can save you a bit of time when you revisit sites you’ve been on before.

Cookies can also be used to track you around the web though, typically to enable advertisers to target you with adverts that you are more likely to buy from. And you may just be surprised at just how many of these cookies are tracking you and how many web sites they are linked through.

Well now you can find out how you are being tracked with a visual guide called Collusion which is an add-on for the popular Firefox browser.

Go to Home Page & Enjoy

Laptop tracking & Security Software

Laptop tracking & Security Software 1

Prey Laptop Tracking Software

Example of my Laptop

 

  • 100% geo location aware
  • Prey uses either the device’s GPS or the nearest WiFi hotspots to triangulate and grab a fix on its location. It’s shockingly accurate.
  • Wi-Fi auto connect
  • If enabled, Prey will attempt to hook onto to the nearest open WiFi hotspot when no Internet connection is found.
  • Light as a feather
  • Prey has very few dependencies and doesn’t even leave a memory footprint until activated. We care as much as you do.
  • Know your enemy
  • Take a picture of the thief with your laptop’s webcam so you know what he looks like and where he’s hiding Powerful evidence.
  • Watch their movements
  • Grab a screenshot of the active session — if you’re lucky you may catch the guy logged into his email or Facebook account!
  • No unauthorized access
  • Fully lock down your PC, making it unusable unless a specific password is entered. The guy won’t be able to do a thing!
  • Scan your hardware
  • Get a complete list of your PC’s CPU, motherboard, RAM, and BIOS information. Works great when used with Active Mode.Prey Auto update

Web link   : – http://preyproject.com/

 

Laptop tracking & Security Software 2

menuEnterprise Laptop Tracking and Security

  • Track your laptop fleet in real-time
  • View all of your assets in real-time on a Google map or a live data view, including presence status and IT asset management (ITAM) data.
  • Encrypt and lock compromised devices
  • With RemoteKill™ you can instantly encrypt sensitive data on a compromised device and lock down its hard drive, with or without a network connection

Web link :  http://www.exo5.com/

 

Laptop tracking & Security Software 3

Front Door Software
Protect Your Computer and Your Information!

  • Do you want to increase your chances of recovery from 3% to over 95%?
  • Do you want to protect your information, emails and pictures?
  • Would you like to yell at the thief through the laptop, or have it yell for help?
  • Would you like to track it using Google Maps, and satellite views?
  • (deluxe version includes 3 years)

Web link : http://www.frontdoorsoftware.com/

 

Laptop tracking & Security Software 4

Absolute Software
Every 50 seconds a laptop goes missing. Every day hundreds know the panic laptop theft brings. Only LoJack for Laptops has a dedicated Theft Recovery Team that works to find and recover your stolen laptop, while giving you tools to remotely protect your private and sensitive data.

Absolute’s Investigations team
Absolute’s Investigations team is the only one of its kind in the security software industry. More than 30,000 stolen devices in 100 countries have been recovered through the efforts of the Investigations team and in conjunction with law enforcement worldwide. The team consists of former military servicemen, government intelligence personnel and law enforcement officers. They’re experts in Internet investigations, computer forensics and cyber-crime and are highly experienced in device tracking and recovery. You have the absolute best forces looking out for you

Web link : http://lojack.absolute.com/en/products/absolute-lojack

 

Laptop tracking & Security Software 5

GadgetTrak Laptop Security Software

Mac OS X

Web link : http://www.gadgettrak.com/

Reporting Phishing Site

Reporting Phishing Site Tool 1

The Toolbar community is effectively a giant neighbourhood watch scheme, empowering the most alert and most expert members to defend everyone within the community against phishing attacks. Once the first recipients of a phishing mail have reported the target URL, it is blocked for community members as they subsequently access the URL. Widely disseminated attacks (people construct phishing attacks send literally millions of emails in the expectation that some will reach customers of the bank) simply mean that the phishing attack will be reported and blocked sooner.Why use the Netcraft Toolbar?
Protect your savings from Phishing attacks.
See the hosting location and Risk rating of every site you visit.
Help defend the Internet community from fraudsters.

Why use the Netcraft Toolbar?

  1. Protect your savings from Phishing attacks.
  2. See the hosting location and Risk rating of every site you visit.
  3. Help defend the Internet community from fraudsters.

The Netcraft Toolbar also:

  1. Traps suspicious URLs containing characters which have no common purpose other than to deceive.
  2. Enforces display of browser navigational controls (toolbar & address bar) in all windows, to defend against pop up windows which attempt to hide the navigational controls.
  3. Clearly displays sites’ hosting location, including country, helping you to evaluate fraudulent urls (e.g. the real citibank.com or barclays.co.uk sites are unlikely to be hosted in the former Soviet Union).

Web link : – http://toolbar.netcraft.com/

 

Reporting Phishing Site Online Tool 2
Report Phishing

The APWG collects, analyzes, and exchanges lists of verified credential collection sites, like those used in phishing. This page allows *you* to notify us of a phishing credential collector site. One easy way to do this is to simply forward the suspected phishing email to reportphishing@apwg.org. To better help our back-end system process your submission, you can use the form below and three easy steps:

1. First copy the phishing message header and contents to the text box below.
2. Help us by Identifying the phished Brand.
3. Then click on the submit button.

To efficiently notify us, we ask that you copy both the message HEADER AND message BODY to the input box below. Directions on how to copy the message header and body for many of the popular mail clients follows. Click on your client for instructions.

Microsoft Outlook
Step 1. Open the message by double clicking it.
Step 2. Find the Options panel in the message ribbon (it’s the fourth blue thing at the top of the message.
Step 3. Click on the little arrow in the lower right corner of the Options panel. This should display the header box.
Step 4. Click the mouse anywhere in the “Internet Headers” box.
Step 5. Perform a select all and copy operation.
A. Right click to perform a select all.
B. Right click to perform a copy operation.
Step 6. Click on the close button.
Step 7. Move the mouse to the big empty box, below. Right click and select paste.
Step 8. Move the mouse to a spot in the email message.
Step 9. Perform a select all and copy operations.
A. Right click to perform a “select all”.
B. Right click to perform a copy operation.
Step 10. Move the mouse after your header in the big text box below.
Step 11. Right click for a paste operation.

Mozilla Thunderbird
Step 1. Open the mail message.
Step 2. Go to the View menu and select Message Source.
Step 3. Go to the Edit menu and choose Select All.
Step 4. Go to the Edit menu again and choose Copy.
Step 5. Move the mouse over the big text box below.
Setp 6. Right click and do a paste operation.

 

Web Link: – http://www.antiphishing.org/report-phishing/

Reporting Phishing Site Online Tool 3
Web link : – http://www.phishtank.com/
PhishTank

 

 

 

Other Phishing protection Training Link
Verify Phishing Page & Real Page Online Training

  1. Online Phishing Training
  2. Online Protecting Training

Web link : https://www.phish-no-phish.com/

Report to the Anti-Child Porn Organization

Anti-Child Porn Organization Group 1

The following is the procedure for reporting child pornography cases to the Anti-Child Porn Organization:
1. Go to http://www.antichildporn.org/reportcp.html
2. Click Report! And then Report Child Porn.
3. A form titled “Anonymous Submission” will appear (Figure 11-16).
4. Give the appropriate Web address or FTP address of the pornographic sites.
5. Write details about those sites.
6. Click Submit.

Child Exploitation and Online Protection Centre
Child Exploitation and Online Protection (CEOP) Centre is a U.K.-based anti-child-pornography organization.
It focuses on protecting children from sexual abuse. It targets, tracks, and brings offenders or perpetrators to the court of law with the help of local or international forces. Teams consist of police officers, staff members from or sponsored by corporations, and government and corporate experts.

Think U Know
Think U Know is the education program of the Child Exploitation and Online Protection Centre aimed at young People. It encourages safe Internet browsing and is based around the following three themes:
1. How to safely have fun
2. How to stay in control
3. How to report a problem

 

Anti-Child Porn Organization Group 2

Child crime report
The IWF Web site features a Report Illegal Content Click Here icon on every page to allow users to report illegal Web site content.

Web link : – https://www.iwf.org.uk/

Password Security

What Is Password?

password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (example: an access code is a type of password). The password should be kept secret from those not allowed access.

 

Strong Password choice

A password can be considered strong if it contains following things:

  • It needs to contain special characters such as @#$%^&
  • It must be at least 8 characters long.
  • It must not have any common words such as 123, password, your birth date, your login name and any words that can be found in the dictionary,(This will prevent you from getting hacked by a Dictionary Attack)
  • a variation of capitalization and small letters

Alternatively there is a website named www.strongpasswordgenerator.com which automatically generates a strong password for you, The website allows you to choose a password length and also gives you hints through which you can easily memorize the password

Home Page : https://www.strongpasswordgenerator.com/

 

Online Password Generator

One of the easiest online password generators which can generate a single random password or lists of hundreds of random passwords. You choose the character sets, password length and the quantity to create. Hash values can also be created for your convenience. This password generator is useful for getting a random password for personal use or for generating large lists of default passwords…

Security Statement

Web link: – http://www.surveymonkey.com/mp/policy/security/

Choosing Passwords

Web Link: – http://www.comptechdoc.org/docs/ctdp/howtopass/

Password Policy

Web Link: – http://www.comptechdoc.org/independent/security/policies/password-policy.html

Net banking safe!  

Web Link: – http://www.rediff.com/getahead/2005/apr/13bank.htm

Network Security and Password Policies

Web link: – http://www.nysscpa.org/cpajournal/2004/704/perspectives/p6.htm

Security policies

  • System Security Policy
  • Database User Management
  • User Authentication
  • Operating System Security
  • Data Security Policy
  • User Security Policy
  • General User Security
  • Password Security
  • Privilege Management
  • End-User Security

Web Link: – http://docs.oracle.com/cd/B19306_01/network.102/b14266/policies.htm

Where Do Security Policies Come From?

PDF Download: – http://research.microsoft.com/pubs/132623/wheredosecuritypoliciescomefrom.pdf 

Cyber Crime & Cyber Law (India)

The world 1st computer specific law was enacted in the year 1970 by the German State of Hesse in the form of ‘Data Protection Act, 1970’ with the advancement of cyber technology. With the emergence of technology the misuse of technology has also expanded to its optimum level and then there arises a need of strict statutory laws to regulate the criminal activities in the cyber world and to protect technological advancement system. It is under these circumstances Indian parliament passed its “INFORMATION TECHNOLOGY ACT, 2000” on 17th October to have its exhaustive law to deal with the technology in the field of e-commerce, e-governance, e-banking as well as penalties and punishments in the field of cyber crimes.

 

  • Cyber Crimes Actually Means: It could be hackers vandalizing your site, viewing confidential information, stealing trade secrets or intellectual property with the use of internet. It can also include ‘denial of services’ and viruses attacks preventing regular traffic from reaching your site. Cyber crimes are not limited to outsiders except in case of viruses and with respect to security related cyber crimes that usually done by the employees of particular company who can easily access the password and data storage of the company for their benefits. Cyber crimes also includes criminal activities done with the use of computers which further perpetuates crimes i.e. financial crimes, sale of illegal articles, pornography, online gambling, intellectual property crime, e-mail, spoofing, forgery, cyber defamation, cyber stalking, unauthorized access to Computer system, theft of information contained in the electronic form, e-mail bombing, physically damaging the computer system etc.
  • Classifications Of Cyber Crimes: Cyber Crimes which are growing day by day, it is very difficult to find out what is actually a cyber crime and what is the conventional crime so to come out of this confusion, cyber crimes can be classified under different categories which are as follows:

 

1. Cyber Crimes against Persons:

There are certain offences which affect the personality of individuals can be defined as:

  • Harassment via E-Mails: It is very common type of harassment through sending letters, attachments of files & folders i.e. via e-mails. At present harassment is common as usage of social sites i.e. Facebook, Twitter etc. increasing day by day.
  • Cyber-Stalking: It means expressed or implied a physical threat that creates fear through the use to computer technology such as internet, e-mail, phones, text messages, webcam, websites or videos.
  • Dissemination of Obscene Material: It includes Indecent exposure/ Pornography (basically child pornography), hosting of web site containing these prohibited materials. These obscene matters may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind.
  • Defamation: It is an act of imputing any person with intent to lower down the dignity of the person by hacking his mail account and sending some mails with using vulgar language to unknown persons mail account.
  • Hacking: It means unauthorized control/access over computer system and act of hacking completely destroys the whole data as well as computer programmes. Hackers usually hacks telecommunication and mobile network.
  • Cracking: It is amongst the gravest cyber crimes known till date. It is a dreadful feeling to know that a stranger has broken into your computer systems without your knowledge and consent and has tampered with precious confidential data and information.
  • E-Mail Spoofing: A spoofed e-mail may be said to be one, which misrepresents its origin. It shows its origin to be different from which actually it originates.
  • SMS Spoofing: Spoofing is a blocking through spam which means the unwanted uninvited messages. Here a offender steals identity of another in the form of mobile phone number and sending SMS via internet and receiver gets the SMS from the mobile phone number of the victim. It is very serious cyber crime against any individual.
  • Carding: It means false ATM cards i.e. Debit and Credit cards used by criminals for their monetary benefits through withdrawing money from the victim’s bank account mala-fidely. There is always unauthorized use of ATM cards in this type of cyber crimes.
  • Cheating & Fraud: It means the person who is doing the act of cyber crime i.e. stealing password and data storage has done it with having guilty mind which leads to fraud and cheating.
  • Child Pornography: It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children.
  • Assault by Threat: refers to threatening a person with fear for their lives or lives of their families through the use of a computer network i.e. E-mail, videos or phones.

 

2. Crimes against Persons Property:

As there is rapid growth in the international trade where businesses and consumers are increasingly using computers to create, transmit and to store information in the electronic form instead of traditional paper documents. There are certain offences which affects persons property which are as follows:

  • Intellectual Property Crimes: Intellectual property consists of a bundle of rights. Any unlawful act by which the owner is deprived completely or partially of his rights is an offence. The common form of IPR violation may be said to be software piracy, infringement of copyright, trademark, patents, designs and service mark violation, theft of computer source code, etc.
  • Cyber Squatting: It means where two persons claim for the same Domain Name either by claiming that they had registered the name first on by right of using it before the other or using something similar to that previously. For example two similar names i.e. www.yahoo.com and www.yaahoo.com.
  • Cyber Vandalism: Vandalism means deliberately destroying or damaging property of another. Thus cyber vandalism means destroying or damaging the data when a network service is stopped or disrupted. It may include within its purview any kind of physical harm done to the computer of any person. These acts may take the form of the theft of a computer, some part of a computer or a peripheral attached to the computer.
  • Hacking Computer System: Hacktivism attacks those included Famous Twitter, blogging platform by unauthorized access/control over the computer. Due to the hacking activity there will be loss of data as well as computer. Also research especially indicates that those attacks were not mainly intended for financial gain too and to diminish the reputation of particular person or company.
  • Transmitting Virus: Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worm attacks plays major role in affecting the computerize system of the individuals.
  • Cyber Trespass: It means to access someone’s computer without the right authorization of the owner and does not disturb, alter, misuse, or damage data or system by using wireless internet connection.
  • Internet Time Thefts: Basically, Internet time theft comes under hacking. It is the use by an unauthorized person, of the Internet hours paid for by another person. The person who gets access to someone else’s ISP user ID and password, either by hacking or by gaining access to it by illegal means, uses it to access the Internet without the other person’s knowledge. You can identify time theft if your Internet time has to be recharged often, despite infrequent usage.

 

3. Cybercrimes against Government:

There are certain offences done by group of persons intending to threaten the international governments by using internet facilities. It includes:

  • Cyber Terrorism: Cyber terrorism is a major burning issue in the domestic as well as global concern. The common form of these terrorist attacks on the Internet is by distributed denial of service attacks, hate websites and hate e-mails, attacks on sensitive computer networks etc. Cyber terrorism activities endanger the sovereignty and integrity of the nation.
  • Cyber Warfare: It refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.
  • Distribution of pirated software: It means distributing pirated software from one computer to another intending to destroy the data and official records of the government.
  • Possession of Unauthorized Information: It is very easy to access any information by the terrorists with the aid of internet and to possess that information for political, religious, social, ideological objectives.

 

4. Cybercrimes against Society at large:

An unlawful act done with the intention of causing harm to the cyberspace will affect large number of persons. These offences include:

  • Child Pornography: It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children. It also includes activities concerning indecent exposure and obscenity.
  • Cyber Trafficking: It may be trafficking in drugs, human beings, arms weapons etc. which affects large number of persons. Trafficking in the cyberspace is also a gravest crime.
  • Online Gambling: Online fraud and cheating is one of the most lucrative businesses that are growing today in the cyber space. There are many cases that have come to light are those pertaining to credit card crimes, contractual crimes, offering jobs, etc.
  • Financial Crimes: This type of offence is common as there is rapid growth in the users of networking sites and phone networking where culprit will try to attack by sending bogus mails or messages through internet. Ex: Using credit cards by obtaining password illegally.
  • Forgery: It means to deceive large number of persons by sending threatening mails as online business transactions are becoming the habitual need of today’s life style.

 

Affects To Whom: Cyber Crimes always affects the companies of any size because almost all the companies gain an online presence and take advantage of the rapid gains in the technology but greater attention to be given to its security risks. In the modern cyber world cyber crimes is the major issue which is affecting individual as well as society at large too.

 

Need of Cyber Law: information technology has spread throughout the world. The computer is used in each and every sector wherein cyberspace provides equal opportunities to all for economic growth and human development. As the user of cyberspace grows increasingly diverse and the range of online interaction expands, there is expansion in the cyber crimes i.e. breach of online contracts, perpetration of online torts and crimes etc. Due to these consequences there was need to adopt a strict law by the cyber space authority to regulate criminal activities relating to cyber and to provide better administration of justice to the victim of cyber crime. In the modern cyber technology world it is very much necessary to regulate cyber crimes and most importantly cyber law should be made stricter in the case of cyber terrorism and hackers.

 

Penalty For Damage To Computer System: According to the Section: 43 of ‘Information Technology Act, 2000’ whoever does any act of destroys, deletes, alters and disrupts or causes disruption of any computer with the intention of damaging of the whole data of the computer system without the permission of the owner of the computer, shall be liable to pay fine upto 1crore to the person so affected by way of remedy. According to the Section:43A which is inserted by ‘Information Technology(Amendment) Act, 2008’ where a body corporate is maintaining and protecting the data of the persons as provided by the central government, if there is any negligent act or failure in protecting the data/ information then a body corporate shall be liable to pay compensation to person so affected. And Section 66 deals with ‘hacking with computer system’ and provides for imprisonment up to 3 years or fine, which may extend up to 2 years or both.

 

Type of Computer Forensic Investigations:

  • Divorce Cases (Email, internet chat sites, social media correspondence and websites visited)
  • Wrongful Termination Disputes
  • Intellectual Property Disputes
  • Acts By Disgruntled Employee(s)
  • Employee Activity (Search for excessive personal browsing during work hours)
  • Employee Theft
  • Business Fraud
  • Cyber stalking, Hacking, Key loggers, Illegal Activity
  • Corporate Employee Embezzlement
  • Industrial Accident, Incident & Negligence Investigations
  • Corporate E-mail Investigations and Correspondence
  • Insurance Fraud Cases Digital Investigations and Computer Forensics
  • e-Discovery
  • Find deleted and hidden data
  • Find Email including deleted email
  • Recover data from reformatted hard drives
  • Find web sites visited
  • Find files transferred or copied
  • Find files downloaded
  • Find instant messages or persons contacted and content of illicit conversations

 

 

Sec.43 Damage to Computer system etc. Compensation for Rupees 1crore.
Sec.66 Hacking (with intent or knowledge) Fine of 2 lakh rupees, and imprisonment for 3 years.
Sec.67 Publication of obscene material in e-form Fine of 1 lakh rupees, and imprisonment of 5years, and double conviction on second offence
Sec.68 Not complying with directions of controller Fine upto 2 lakh and imprisonment of 3 years.
Sec.70 attempting or securing access to computer Imprisonment upto 10 years.
Sec.72 For breaking confidentiality of the information of computer Fine upto 1 lakh and imprisonment upto 2 years
Sec.73 Publishing false digital signatures, false in certain particulars Fine of 1 lakh, or imprisonment of 2 years or both.
Sec.74 Publication of Digital Signatures for fraudulent purpose. Imprisonment for the term of 2 years and fine for 1 lakh rupees

Protection against Net Banking crime

 

What Is Net Banking

  • E-Bank is transforming banking business  into e-Business through utilizing e-Channels
  • Customers’ requests are:

o   Non-stop working time

o   Using services from anywhere

  • E-channels provide:

o   Working time 0 – 24h

o   Great flexibility

o   Possibility to extend your market
(even out of country)

o   Possibility to process more financial transactions

o   Possibility to lower your transaction cost

 

Major Features

  • A bank customer can perform some non-transactional tasks through online banking,

o    viewing account balances

o    viewing recent transactions

o    downloading bank statements, for example in PDF format

o    viewing images of paid cheques

o    Downloading applications for M-banking, E-banking etc.

  • Bank customers can transact banking tasks through online banking,

o    Funds transfers between the customer’s linked accounts

o    Paying third parties, including bill payments Investment purchase or sale

o    Loan applications and transactions,

  • Financial institution administration
  • Management of multiple users having varying levels of authority
  • Transaction approval process

Type of Net Backing

Two type of net banking

  • Internet Banking

Through a PC that connects to a banking website via modem and phone line (or other telecommunication connection)
and Internet Service Provider

  • Or via wireless technology through PDA or cell phone

 

  • Electronic banking

By using Automated Teller Machines (ATMs),
telephones (not via Internet) or debit cards.(debit cards look like credit card, but using debit card removes funds from your bank account immediately)

Net Banking Security Tips

  • Don’t keep your PIN written down and near your credit or debit card
  • Sign new credit/debit cards as soon as you get them
  • Destroy old cards after expiration
  • Diligently review all bank statements every month
  • Never give your account information over the phone to someone you don’t know
  • Never provide your PIN to anyone. Your bank or credit card company will never request it
  • Make sure you are on the right website.
  • Make sure that the financial institution is properly insured.
  • Keep good records. Save information about banking transactions. Check bank, debit and credit card statements thoroughly every month. Look for any errors or discrepancies.
  • Report errors, problems or complaints promptly
  • Exit the banking site immediately after completing your banking.
  • Always log out when you exit the online banking portal. Close the browser to ensure that your secure session is terminated.
  • Do not have other browser windows open at the same time you are banking online.
  • Don’t select the option on browser that stores or retains user name and password (i.e. Auto Complete).

Advance Tips for net Banking Security

  • Check your bank’s Internet policy.

Some banks have enhanced security features in Internet banking.

  • Avoid easy-to-guess passwords, like first names, birthdays and telephone numbers. Try to have an alphanumeric password that combines alphabets and numbers.
  • Keep your operating system and browser up-to-date with the latest security patches. Install these only from a trusted web site.
  • Keep virus protection software up-to-date.  Back-up key files regularly.
  • Install a personal firewall to help prevent hackers from gaining unauthorized access to your home computer, especially if you connect to the Internet through a cable or a DSL modem
  • Avoid accessing the Internet banking channel at cyber cafes, which are prone to attacks by hackers. Also avoid locations that offer online connections through wireless networks (Wi-Fi), where privacy and security are minimal.

More about Net Banking (Internet banking or E-banking)

Cyber Cafe Security & Tips

Software -1

HomePage

Software -2

HomePage

Software -3

HomePage

Software -4

HomePage

Software -5

CCAutoSoft Software

HomePage

Cyber cafe owner Security Tips

Example for Cyber Cafe Maintained Register Form

Cyber Cafe User Safety Tips

  • Always logging Current Web Site
  • Always History Erase
  • Always Use HTTPS
  • Check Cyber café In Keylogger Tool (Every keystroke you make may be recorded – comprising any login information)
  • Network Monitoring Tools may be installed So Don’t Open Personal Account
  •  Saved login information So Don’t Use Net Backing & Any Personal

 

Note: -You Do Not Logging Your Personal Account in Cyber Cafe Because It Not Safe

Example Account: – Net Banking, Personal Email ID, Personal Data related

Avoid Torrents

Avoid Java Drive-By’s what is a Java Drive-by?
A Java Drive-by is a download, but it disguises itself to be a Java applet, or an ActiveX component, and is installed without the user’s notice. The drive-by usually occurs once you open a web page. The user would see that a pop-up would ask them to ‘Run’ or ‘Cancel’. The normal user would typically click ‘Run’, because it they might think the clicking ‘Run’ would continue onto the web page, in actuality, they have just been infected by a malicious file.

 Example of what a Java drive-by could possibly look like:

How do you prevent this?
There are a few ways you can do this.

Disable Java: This can be a tad tedious, but if you’re really that worried, you can disable Java. You also have the ability to disable Java in your web browsers. This should only be used as your last option!

 

Keep your Java Updated: Older versions of Java might have security exploits, which is obviously bad, and we don’t want those! If you keep your Java updated to the latest update, some the the drive-by’s will be detected, and or patched. You can update the latest Java update here. If you do update Java, be sure to remove the previous versions from your computer, as Java does not.

Avoid Torrents and Other Downloads
Why avoid torrents, when you can get all the music you want, for free? Because some files in torrents might be blinded to other files; namely a form of malware. It’s okay to use torrents, but be careful with what you download, and always try to download from a trusted user. Same thing goes for regular downloads, this includes; games, movies, music, pictures, etc. For example, you see a program online you like, and you don’t want to pay for it, it’s possible it can be infected. Be hasty when downloading, it can be blinded with a malware. Before downloading any type of file off the internet, please read the comments about the download if there are any. It could be the thing that prevents you from getting infected. In no way, shape, or form, am I saying stop using torrents, and downloading offline, just be careful.

Cyber awareness Program

  • Cyber awareness Program 
    • How secure is your information

    First, let’s dispel some myths.  Anti-virus software and a password do not keep information secure!  As reported in the article mentioned above, the attack on the White House was a phishing attack.  If you click on that link or open that attachment then the quality of your password may not matter and anti-virus is likely 0% effective against a zero-day attack.  Passwords and anti-virus are necessary, but it is like locking 20-50% of the windows in your house and hoping the burglars do not find the other unlocked windows.  There are lots of holes.  Anti-virus is only about 20% effective.

    • What about passwords?

    If you use a single word a hacker can guess it in about three minutes or less with a dictionary attack!   Once the attacker has one password how many accounts does he have access to, or do you use different passwords for every account?  If you click a link in an email or on a website, there is a high probability it could be a virus that silently downloads in the background.  Then it is game over and no password in the world will protect you!  If that virus happens to be a “keylogger” virus, then the hacker is now collecting every single keystroke of your computer, to include passwords, account numbers, social security numbers, everything!

    If you believe you will never get hacked or suffer a data breach, you are in good company with many other individuals and business-owners who have been convinced they are secure.

    Let me ask you this: how would you know if you were hacked or did suffer a breach?  Does some bell go off on your computer announcing, “You have been hacked?” What you might notice is that your computer or mobile device becomes sluggish, which could be a number of issues, or your anti-virus software tells you it has detected a virus.  So then what; what does that mean?  You take the computer to a computer doctor and have it cleaned and you are back in business, right?  At this point do you know whether anything was stolen?  Probably not; and you will likely assume there are or will be no further issues?

    Here’s the reality.  In most cases you will find out you have been breached from a third party, like a friend, customer, client, or patient.  If you are a business owner it is usually a very unhappy customer, client, or patient possibly looking to sue.  It might be a friend who received a suspicious email from you and is checking to see if you sent it.

    So, what can you do to protect yourself, your business: choose a good IT company, lower risk and reduce or eliminate the liability associated with a breach, and, be cyber astute?

    • In choosing a good IT company, check their references;

    Ask to speak to current customers; the company should be comfortable supporting traditional networks as well as applications in the cloud; and, it’s imperative they be very familiar with various cyber security laws/standards such as HIPAA and PCI.  Are they going to monitor your network for threats and intrusions?

    • Risk and liability management.  

    Once you have your network set up and security implemented, like anti-virus, passwords, changing all default/factory passwords, implement three critical components:
    a). Have a security assessment done, which includes: Review of current security and some recommendations;
    b) Review and/or drafting of current policies and recommendations; and,
    c.) Cyber security awareness training for all employees (a requirement under the Security Rule).

    These steps will lower the risk of a cyber-incident/data breach, and reduce or eliminate your liability if one does occur.  Why, because as a business owner you can confidently claim you have implemented security, can show it in a policy, trained your employees, and basically have done the best you can.

    Cyber Awareness

    • Using your Smartphone for banking can be risky. The security is just not up to par yet.
    • When banking online, close all other windows and ensure the bank window URL comes up as Https.
    • If using public Wi-Fi, like hotel, coffee shop, airport, library, use a proxy that allows you to encrypt all your data so hackers cannot steal it.
    • If the data you collect process and store is sensitive, encrypt it.
    • If emailing sensitive data, like financial information, use secure or encrypted email.
    • Always log out of any account, especially banks, social media, etc. Simply closing the window leaves you logged in and hackers can potentially get in.
    • Do NOT click on links in emails. Many are fake and will take you a fake site, like a fake Face book site where hackers will steal you data.
    • Do NOT click on the “unsubscribe” link in emails. In many cases the email may be fake and by clicking unsubscribe you are legitimizing your email and will be put on a spam list.
    • Passwords protect all mobile devices.
    • Use Strong Passwords
      Use different user ID / password combinations for different accounts and avoid writing them down. Make the passwords more complicated by combining letters, numbers, special characters (minimum 10 characters in total) and change them on a regular basis.
    • Secure your computer
      • Activate your firewall
        Firewalls are the first line of cyber defense; they block connections to unknown or bogus sites and will keep out some types of viruses and hackers.
      • Use anti-virus/malware software
        Prevent viruses from infecting your computer by installing and regularly updating anti-virus software.
      • Block spyware attacks
        Prevent spyware from infiltrating your computer by installing and updating anti-spyware software.
    • Be Social-Media Savvy
      Make sure your social networking profiles (e.g. Facebook, Twitter, Youtube, MSN, etc.) are set to private. Check your security settings. Be careful what information you post online.  Once it is on the Internet, it is there forever!
    • Secure your Mobile Devices
      Be aware that your mobile device is vulnerable to viruses and hackers.  Download applications from trusted sources.
    • Install the latest operating system updates
      Keep your applications and operating system (e.g. Windows, Mac, Linux) current with the latest system updates. Turn on automatic updates to prevent potential attacks on older software.
    • Protect your Data
      Use encryption for your most sensitive files such as tax returns or financial records, make regular back-ups of all your important data, and store it in another location.
    • Secure your wireless network
      Wi-Fi (wireless) networks at home are vulnerable to intrusion if they are not properly secured. Review and modify default settings. Public Wi-Fi, a.k.a. “Hot Spots”, are also vulnerable. Avoid conducting financial or corporate transactions on these networks.
    • Protect your e-identity
      Be cautious when giving out personal information such as your name, address, phone number or financial information on the Internet. Make sure that websites are secure (e.g. when making online purchases) or that you’ve enabled privacy settings (e.g. when accessing/using social networking sites).
    • Avoid being scammed
      Always think before you click on a link or file of unknown origin. Don’t feel pressured by any emails. Check the source of the message. When in doubt, verify the source. Never reply to emails that ask you to verify your information or confirm your user ID or password.
    • Call the right person for help
      Don’t panic! If you are a victim, if you encounter illegal Internet content (e.g. child exploitation) or if you suspect a computer crime, identity theft or a commercial scam, report this to your local police. If you need help with maintenance or software installation on your computer, consult with your service provider or a certified computer technician.

    Source : Google