Ticker/Social networking sites replace PHISHING

Hackers have moved beyond phishing — where a bogus site or email masquerades as the original to make you part with sensitiveinformation. Altaf Halde, country manager at Utimaco Safeware, a data security company, says these days, hackers prey on social networking sites, which he deems as “the weakest link” as far as data security is concerned. Personal information put up on these sites can be used to crack email id and then password, says Halde.

The other preferred hacker method involves the use of tickers that popup at various websites. If you click on a ticker , you may reach an innocentlooking site which in turn may tempt you to download, say, a simple e-greeting card. This action may release an ‘.exe’ (selfexecutable ) file into your computer . It will keep a track of all the keywords you type in, including usernames and passwords . These trojan programmes can also sneak into your system when you download music or movies at peer-topeer sites (where you share data between individuals). “They simply collect your information and upload it to the hacker.”

Amuleek Bijral, country manager, RSA, the security division of EMC, a security solutions provider, cites a study by InfoWave in February 2007. It says that more than 785,000 people in 2006 were potentially victims of identity theft due to thousands of personal information leaks occurring at numerous large corporations. “The most common reason for these information leaks: internal employees or process issues, not external hackers.”

How to dodge them: Restrain personal info

Some good internet habits that you must internalise. Exercise restraint in the amount of personal information you upload on the web to minimise misuse.

Always check whether a web address begins with ‘http’ or ‘https’ before executing any transaction, advises Mukhi.

‘Https’ means a site is secure and the data you key in, travels to the final destination in an encrypted form. In other words, nobody can access it along the way.

Also, ensure there is a ‘lock’ symbol at the bottom of the browser. Only then key in your user name.

 

 

How to dodge them: Avoid unfamiliar sites

Never click on a link, as the chances of reaching an unknown , potentially phishing site, are higher.

Always key in the site name. Ideally, delete all emails from an unknown source.

If opening one out of curiosity, never give personal data.

Banks, for one, never ask for such information as they already have it.

'While we think twice before giving out personal information to a stranger on the streets, we are quite comfortable doling out information online ,” says Halde.

 

 

 

How to dodge them: Google the site's history

Don’t shop at an unknown shopping site even if it offers a dream deal.

If still tempted , google the site’s security performance and whether there were any hacking attempts on it.

“Never leave receipts at bank machines, bank wickets, in trash cans,or at unattended gasoline pumps; ensure you destroy paperwork you nolonger need,” says Bijral.

Now, feel safer.