Archive for the ‘Security issues’ Category

2008 Sep 11

Connectivity growing, security still a problem

Posted in News, Security issues by John Post a comment

Server and networking company Akamai has released the second of its quarterly reports investigating The State of the Internet.

Just like the last edition, it examines security issues (including where attacks on websites come from) and significant news items. It also looks at broadband adoption rates and what it calls significant ‘network events’ - I think this include things like outages and connectivity problems.

The report is a fairly interesting look at the state of things online, though it doesn’t seem to contain any really groundbreaking news. You can get it from the Akamai website. A couple of interesting snippets I noticed:

  • In May, hackers used a security hole to gain access to the Epilepsy Foundation website. They posted flashing images designed to cause seizures in site visitors with photosensitive epilepsy. How low can you get?
  • Global internet capacity is expanding significantly, with 16 new undersea cables planned for over the next three years. Amongst others, they’ll link India with the Middle East and Cyprus with mainland Europe. The report says this continued growth is necessary as we continue to watch more and more video online.

It’s worth having a look at the full report if you have a few minutes to spare.

Comments

2008 Jul 10

Back from an enforced absence

Posted in News, Security issues, Tips & tutorials by John 2 Comments

WordPress log in boxRegular readers will have noticed that this blog disappeared a week or so ago. Visitors to this page would have seen a ‘page not found’ message.

The reason for our absence is simple. We had to take the blog offline double-quick when we discovered it had been hacked.

Someone (probably an automated script) had gained access, adding lots of link spam. These links were promoting the kind of products you often get advertised in spam emails.

When viewing the blog normally, you wouldn’t have noticed any difference. But these hidden links were there, advertising all sorts of questionable items. By the way, if you’re here looking for them, we don’t sell any sort of pharmaceutical products.

How it happened

We use WordPress to power our blog. It’s dead easy to use and very powerful - that’s why loads of other blogs use it too. In this case, it looks like the hackers took advantage of a bug in one of the WordPress extensions we had installed and used it to gain access.

The only safe way forward was to assume the worst - that the blog had been completely compromised, and somebody had access to make whatever changes to it they wanted. This might not have been the case, but we didn’t want to risk any further problems. Read the rest of this entry »

Comments

2008 Jun 02

Comcast loses control of its domain name

Posted in Domains, Security issues by John Post a comment

You might have spotted that last week US communications company Comcast had its website redirected by hackers. Normal service has since been restored, but for several hours, people trying to visit comcast.net were met by a message from the hackers in question.

As the story has developed, it’s become clear that the hackers wrestled control of Comcast’s domain name by gaining access to the company’s registrar account. They then simply pointed the domain at their own website.

Exactly how they did this still seems to be unclear, but there’s an excellent chance it was down to some nifty social engineering, or simply guessing the right password for the account. Read the rest of this entry »

Comments

2008 Apr 17

Protect yourself from password hacking

Posted in Security issues, Tips & tutorials by Dave 1 Comment

Passwords and codes are a part of everyday life now. There is no escaping it. However, is are you choosing ones which are strong enough to defeat the new bread of password hacking cyber criminals?

When you have to put a password into multiple systems many times a day, it can be tempting to choose a really simple one, then never change it. Worse, you might write it down on a piece of paper. I’ll put my hands up - I used to be guilty of this.

However, when these passwords can be all that’s protecting your email or your bank account, it’s worth taking the effort to make them hard to break. I’ve learnt there are a few tips that will help you make your passwords stronger and foil those pesky password hacking criminals.

It can be very tempting to use a word or number that’s easy to remember as your password. However, these are very easy to crack, putting your private information at risk from. Here are some tips on how to make a strong, hacking-resistant password that will help improve your security on the internet. Read the rest of this entry »

Comments

2008 Mar 10

Spot the tricks and stop domain name scams

Posted in Domains, Security issues, Tips & tutorials by John 8 Comments

Don’t get conned into handing over cashWe wrote about a typical domain name scam a couple of weeks ago. Since then, a couple of people in the office have been targeted, so we thought we’d revisit the subject in a bit more detail.

Generally, domain scams are tricks to get you to part with money, your domain, or even both. At the very least, they are a headache.

But if you rely on your website for business, they can be much more than that: if you lose control of your domain, the impact of having to change your site’s address can cost you money. Because of this, it’s worth learning how to spot the scams. Here are the three most common.

The urgent letter in the post

This ploy uses an official-looking letter to coerce you into transferring your domain to a different registration company.

  • How does it work?
    You receive a letter through the mail (they use the post because it seems more official) informing you that your domain name is due to expire. These letters often have titles like ‘Domain name expiration notice’, and encourage you to renew your domain.

The notice creates a sense of urgency, often by warning that ‘failure to renew your domain name by the expiration date will result in a loss of your online identity’. However, if you reply, you would not only be renewing your domain - you’d also be transferring it away from your current registrar.

Read the rest of this entry »

Comments

2007 Dec 18

Typo-squatting: is anyone trading on your name?

Posted in Domains, Security issues by Andrew 1 Comment

TypewriterIt’s happened to most of us: you mistype the domain name for a website you wanted to visit, and end up somewhere completely different, often on a site covered in adverts.

These are typo-squatting sites. They exist to make money from people who mistype domain names. The squatters register domains which are common misspellings of brands, products or people.

Each time someone visits by mistake and clicks on an ad, the person running the site profits. And worse, sometimes the content on the site is inappropriate, objectionable or unsafe.

It’s a controversial area, and one which security company McAfee has been investigating. They recently published a big piece of research which lifts the lid on the practice a bit.

It makes for interesting reading - here are a few snippets:

  • Typo-squatting is definitely on the increase. Cases filed with the World Intellectual Property Organisation’s (WIPO) arbitration system increased 25% in 2006.
  • Unsurprisingly, big companies and brands get targeted most. Microsoft reckons that about 2,000 domains containing Microsoft trademark terms are registered every day. Yes, every day.
  • The practice affects every single area of the web, although it’s most prevalent on gaming, airline, mainstream media, adult and technology-related sites.
  • The US is top for typo-squatting, but the UK is second on the list, closely followed by Portugal and Spain.

What you can do 

In practical terms, if you are registering a domain name to promote yourself or your business, it might be prudent to register some common typos as well. This will help guard against typo-squatters in future.

If people start finding your site in significant numbers, eventually the typo-squatters will probably notice it too. So if your site gets a high level of traffic, definitely think about registering some variations on the domain name.

Read the full McAfee report here.

Comments

2007 Jul 06

Gone Phishing!

Posted in Security issues by Dave 2 Comments

“Phishing scams” are a way for cyber criminals to steal confidential information and potentially your identity. Scammers will send out thousands of emails pretending to be credit card companies, banks, online auction site and other organisations.

Phishing emails will normally contain a highly emotive or technical reason why you should visit their site, for example “update your password or your account will be suspended“. A lot of people will just click the link without thinking about it, they will be taken to a site that looks very like the official one, however it is a fake designed to entice them into entering their personal information such as username/password or credit card number.

How to spot a phishing mail

It is remarkably easy to make an e-mail from one person look like it has come from someone different. Here are some simple tips to help you to spot an phishing mail.

  • They ask for personal information such as username, password or credit card number; your bank would never do this.
  • The email address that is has been sent from is not exactly the same as the organisations website.
  • The email has been sent from a free mail system, such as hotmail or gmail.
  • They address you as “Dear customer” or some other non-specific greeting, rather than by your name.
  • They will try to make you think that there is a sense of urgency, i.e. “respond now or your account will be suspended”.
  • The link in the email does not quite match up with the organisations, even one character out and you will be sent off to another website.
  • You were not expecting to get an email from that organisation.
  • The email contains only images, including the text of the mail, this image is one big hyperlink that will take you to the fake site.

How to spot a fake website.

Most modern web browsers will automatic filters that can help to detect fake websites, Mozilla FireFox 2 and Internet Explorer 7 are two examples and can be downloaded for free. They’re not always 100% successful, so here are a few tips to help spot fake sites:

  • Use your instincts, if it looks even slightly wrong then it probably is fake.
  • The Website address is slightly different to the organisations regular address.
  • There is no padlock shown in your browser to show that it is a secure connection.
  • They are requesting personal information such as username, password or other details in FULL when you are normally only asked for some details.
  • Right clicking on a hyperlink and selecting properties should reveal the links true destination.

Ways you can protect yourself

  • Never click on a link embedded in an email, always type the web address directly into your browser.
  • Use a spam filter such as the email defence., this will block many of the fake mails.
  • Don’t give out personal information unless you initiated the contact and you are sure you know who you’re dealing with.
  • If in doubt contact the bank or website owner direct by telephone or email before proceeding.

For more information on this problem the UK Banking industry has set up a site to help you Bank Safe Online

Comments

copyright © 2008 GX Networks Ltd.