BALU.... (CCI STUDENT....) 04 February 2010
Rucha Biju Chitrodia, TOI
The comfort of an internet transaction — be it for transferring funds from a bank account , buying an air ticket or just ordering a bestseller — is matchless.
But, as most of us know and recent spate of internet frauds reinforce, etransactions can be very risky.
Data theft is a reality and will only increase with time. Today banks, for one, are definitely opting for more and more net transactions. Says internet guru Vijay Mukhi, “In America, for instance, banks never liked to deal with you physically because it was expensive . You could get a loan without anybody even seeing you. That kind of trend is starting in India.”
While banks have mostly foolproof security systems in place, such as digital signatures and cryptic keys, hackers always manage to stay ahead of technology. “There are always going to be programming errors in websites that allows the bad guys to know your password,” says Mukhi.
And, they don’t limit themselves to just bank transactions .
Ticker/Social networking sites replace PHISHING
Hackers have moved beyond phishing — where a bogus site or email masquerades as the original to make you part with sensitiveinformation. Altaf Halde, country manager at Utimaco Safeware, a data security company, says these days, hackers prey on social networking sites, which he deems as “the weakest link” as far as data security is concerned. Personal information put up on these sites can be used to crack email id and then password, says Halde.
The other preferred hacker method involves the use of tickers that popup at various websites. If you click on a ticker , you may reach an innocentlooking site which in turn may tempt you to download, say, a simple e-greeting card. This action may release an ‘.exe’ (selfexecutable ) file into your computer . It will keep a track of all the keywords you type in, including usernames and passwords . These trojan programmes can also sneak into your system when you download music or movies at peer-topeer sites (where you share data between individuals). “They simply collect your information and upload it to the hacker.”
Amuleek Bijral, country manager, RSA, the security division of EMC, a security solutions provider, cites a study by InfoWave in February 2007. It says that more than 785,000 people in 2006 were potentially victims of identity theft due to thousands of personal information leaks occurring at numerous large corporations. “The most common reason for these information leaks: internal employees or process issues, not external hackers.”
Some good internet habits that you must internalise. Exercise restraint in the amount of personal information you upload on the web to minimise misuse.
Always check whether a web address begins with ‘http’ or ‘https’ before executing any transaction, advises Mukhi.
‘Https’ means a site is secure and the data you key in, travels to the final destination in an encrypted form. In other words, nobody can access it along the way.
Also, ensure there is a ‘lock’ symbol at the bottom of the browser. Only then key in your user name.
Never click on a link, as the chances of reaching an unknown , potentially phishing site, are higher.
Always key in the site name. Ideally, delete all emails from an unknown source.
If opening one out of curiosity, never give personal data.
Banks, for one, never ask for such information as they already have it.
'While we think twice before giving out personal information to a stranger on the streets, we are quite comfortable doling out information online ,” says Halde.
Don’t shop at an unknown shopping site even if it offers a dream deal.
If still tempted , google the site’s security performance and whether there were any hacking attempts on it.
“Never leave receipts at bank machines, bank wickets, in trash cans,or at unattended gasoline pumps; ensure you destroy paperwork you nolonger need,” says Bijral.
Now, feel safer.