Archive for the ‘Security issues’ Category

2008 Apr 17

Protect yourself from password hacking

Posted in Security issues, Tips & tutorials by Dave 1 Comment

Passwords and codes are a part of everyday life now. There is no escaping it. However, is are you choosing ones which are strong enough to defeat the new bread of password hacking cyber criminals?

When you have to put a password into multiple systems many times a day, it can be tempting to choose a really simple one, then never change it. Worse, you might write it down on a piece of paper. I’ll put my hands up - I used to be guilty of this.

However, when these passwords can be all that’s protecting your email or your bank account, it’s worth taking the effort to make them hard to break. I’ve learnt there are a few tips that will help you make your passwords stronger and foil those pesky password hacking criminals.

It can be very tempting to use a word or number that’s easy to remember as your password. However, these are very easy to crack, putting your private information at risk from. Here are some tips on how to make a strong, hacking-resistant password that will help improve your security on the internet. Read the rest of this entry »

Share This

Comments

2008 Mar 10

Spot the tricks and stop domain name scams

Posted in Domains, Security issues, Tips & tutorials by John 8 Comments

Don’t get conned into handing over cashWe wrote about a typical domain name scam a couple of weeks ago. Since then, a couple of people in the office have been targeted, so we thought we’d revisit the subject in a bit more detail.

Generally, domain scams are tricks to get you to part with money, your domain, or even both. At the very least, they are a headache.

But if you rely on your website for business, they can be much more than that: if you lose control of your domain, the impact of having to change your site’s address can cost you money. Because of this, it’s worth learning how to spot the scams. Here are the three most common.

The urgent letter in the post

This ploy uses an official-looking letter to coerce you into transferring your domain to a different registration company.

  • How does it work?
    You receive a letter through the mail (they use the post because it seems more official) informing you that your domain name is due to expire. These letters often have titles like ‘Domain name expiration notice’, and encourage you to renew your domain.

The notice creates a sense of urgency, often by warning that ‘failure to renew your domain name by the expiration date will result in a loss of your online identity’. However, if you reply, you would not only be renewing your domain - you’d also be transferring it away from your current registrar.

Read the rest of this entry »

Share This

Comments

2007 Dec 18

Typo-squatting: is anyone trading on your name?

Posted in Domains, Security issues by Andrew Post a comment

TypewriterIt’s happened to most of us: you mistype the domain name for a website you wanted to visit, and end up somewhere completely different, often on a site covered in adverts.

These are typo-squatting sites. They exist to make money from people who mistype domain names. The squatters register domains which are common misspellings of brands, products or people.

Each time someone visits by mistake and clicks on an ad, the person running the site profits. And worse, sometimes the content on the site is inappropriate, objectionable or unsafe.

It’s a controversial area, and one which security company McAfee has been investigating. They recently published a big piece of research which lifts the lid on the practice a bit.

It makes for interesting reading - here are a few snippets:

  • Typo-squatting is definitely on the increase. Cases filed with the World Intellectual Property Organisation’s (WIPO) arbitration system increased 25% in 2006.
  • Unsurprisingly, big companies and brands get targeted most. Microsoft reckons that about 2,000 domains containing Microsoft trademark terms are registered every day. Yes, every day.
  • The practice affects every single area of the web, although it’s most prevalent on gaming, airline, mainstream media, adult and technology-related sites.
  • The US is top for typo-squatting, but the UK is second on the list, closely followed by Portugal and Spain.

What you can do 

In practical terms, if you are registering a domain name to promote yourself or your business, it might be prudent to register some common typos as well. This will help guard against typo-squatters in future.

If people start finding your site in significant numbers, eventually the typo-squatters will probably notice it too. So if your site gets a high level of traffic, definitely think about registering some variations on the domain name.

Read the full McAfee report here.

Share This

Comments

2007 Jul 06

Gone Phishing!

Posted in Security issues by Dave 2 Comments

“Phishing scams” are a way for cyber criminals to steal confidential information and potentially your identity. Scammers will send out thousands of emails pretending to be credit card companies, banks, online auction site and other organisations.

Phishing emails will normally contain a highly emotive or technical reason why you should visit their site, for example “update your password or your account will be suspended“. A lot of people will just click the link without thinking about it, they will be taken to a site that looks very like the official one, however it is a fake designed to entice them into entering their personal information such as username/password or credit card number.

How to spot a phishing mail

It is remarkably easy to make an e-mail from one person look like it has come from someone different. Here are some simple tips to help you to spot an phishing mail.

  • They ask for personal information such as username, password or credit card number; your bank would never do this.
  • The email address that is has been sent from is not exactly the same as the organisations website.
  • The email has been sent from a free mail system, such as hotmail or gmail.
  • They address you as “Dear customer” or some other non-specific greeting, rather than by your name.
  • They will try to make you think that there is a sense of urgency, i.e. “respond now or your account will be suspended”.
  • The link in the email does not quite match up with the organisations, even one character out and you will be sent off to another website.
  • You were not expecting to get an email from that organisation.
  • The email contains only images, including the text of the mail, this image is one big hyperlink that will take you to the fake site.

How to spot a fake website.

Most modern web browsers will automatic filters that can help to detect fake websites, Mozilla FireFox 2 and Internet Explorer 7 are two examples and can be downloaded for free. They’re not always 100% successful, so here are a few tips to help spot fake sites:

  • Use your instincts, if it looks even slightly wrong then it probably is fake.
  • The Website address is slightly different to the organisations regular address.
  • There is no padlock shown in your browser to show that it is a secure connection.
  • They are requesting personal information such as username, password or other details in FULL when you are normally only asked for some details.
  • Right clicking on a hyperlink and selecting properties should reveal the links true destination.

Ways you can protect yourself

  • Never click on a link embedded in an email, always type the web address directly into your browser.
  • Use a spam filter such as the email defence., this will block many of the fake mails.
  • Don’t give out personal information unless you initiated the contact and you are sure you know who you’re dealing with.
  • If in doubt contact the bank or website owner direct by telephone or email before proceeding.

For more information on this problem the UK Banking industry has set up a site to help you Bank Safe Online

Share This

Comments

copyright © 2008 GX Networks Ltd.

newwww adipex p buy xanax online phentermine 37 5mg purchase tramadol without a prescription extra cheap phentermine order adipex soma san diego herbal phentermine compounding pharmacy buy valium xanax and weight gain 37.5mg phentermine phentermine no prescription phentermine without perscription phentermine free shipping cheapest tramadol online xanax overnight generic xanax cvs pharmacy phentermine on line phentermine overnight generic valium cheapest tramadol available online buy valium no prescription herbal phentermine valium without perscription cheap tramadol soma life valium side effects xanax dosage tramadol online xanax effect soma dosage tramadol prescription phentermine without prescription phentermine 37 5mg mexican pharmacy phentermine 37 5mg phentermine 37.5 mg cod tramadol buy valium online tramadol without prescription soma online phentermine for sale akane soma buy phentermine online buy cheap soma cheap 37 5 phentermine free xanax phentermine 37.5 mg xanax overnight adipex generic how does phentermine work phentermine free shipping xanax and weight gain online discount pharmacy phentermine 37.5 mg diet pills phentermine side effects phentermine price comparison phentermine for sale buy tramadol online purchase valium online without prescription generic adipex adipex side effects adipex overnight soma carisoprodol adipex no prescription valium dosage watson soma tramadol 100 mg no prescription buy adipex online tramadol abuse xanax no prescription discount online pharmacy soma drug no prescription phentermine xanax zoloft tramadol ultram xanax xr dj valium mp3
Close
E-mail It