The threat of online security: How safe is our data?

As E-Commerce is growing, managing online security is becoming a big challenge on the Internet today. We need to worry about security for our personal computer as threats can come in from any direction.

Below is a list of most common online security threat.
1. Spam mail
By definition, spam is sent without the permission of the recipients.According to survey security-related threats and attack incident 2007 in Malaysia, total 38601 emails is spam. Nowadays, the quality of spam has improved, it can be sent out with attachments-images, PDFs, documents, spreadsheets or videos which may links to malicious sites or malware.

2. Viruses
A computer virus is a dangerous computer program with the characteristic feature of being able to generate copies of itself, and change our computer settings and slow our computer down. The most damaging viruses are the ones that are simply designed to cause as much destruction as possible, such as deleting important files and turning your computer into a worthless wreck.

3. Phishing attacks
A popular method of phishing is to steal consumers' personal identity data and financial account credentials through fake websites. Phishing messages pretend to be from eBay, PayPal, or the like. The scams sent out e-mails to them and ask them to log in the fake websites to disclose information about their financial accounts. If you enter the information, they steal your username and password and you are sunk.

4. Social engineering
Social engineering is a term that describes a non-technical kind of intrusion that relies heavily on human interaction and the act of obtaining or attempting to obtain otherwise secure data by conning an individual into revealing secure information. For example, a person using social engineering to break into a computer network would try to gain the trust of someone who is authorized to access the network in order to get them to disclose information that compromises the network's security.

5. Spyware attacks
Spyware is one of the online threats that is designed to steal information from your computer without your authorization. Spyware is dangerous in that it can steal your personal information, such as documents, passwords, credit card numbers, bank accounts, for the sole benefit of the people behind the spyware.

Reference:

1.Top 10 Online Security Threats To Your PC http://techcruser.blogspot.com/2007/05/online-security-threats-to-your-pc.html

Phishing: Examples and prevention methods

To the point, phishing refers to the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft such as usernames, passwords and credit card details. Before mid-2003, most phishing scams arrived in text-heavy e-mails. They were widespread with spelling errors and poor grammar that tipped recipients off. In September 2003, an e-mail fraudster registers dozens of lookalike domain names, such as yahoo-billing.com and ebay-fulfillment.com. They also create Web sites that contain the names of well-known companies and brands like microsoft.checkinfo.com.

For example:
1. Amcore Bank

2. Pay Pal

3. Amazon.com


4. Citizen Bank
There are some methods to prevent Phishing:
1. Never open an email link, if it claims to be from a bank, or credit card company. Visit the website by logging on to it yourself or simply call to see if indeed the email was sent by the company.

2. Be cautious about opening any attachment or downloading any files from emails you received, regardless of who sent them.

3. Don’t provide any answer if you get calls over the telephone claiming that its from your bank or some other agency and they are trying to get your information. Don't give it out even if you have caller id.

4. Protect your computer from spyware and viruses. Spyware programs can collect many different types of personal information about you like passwords and credit card numbers. Always use firewall, virus and spyware protection software and must update regularly.

5. Change your passwords monthly. It is advise to change your password at least once a month and try to select passwords that will not be obvious to potential hackers.

6. If you get an email or pop-up message that asks for personal or financial information, do not reply or click on the link in the message.

7. Don’t email personal or financial information. Email is not a secure method of transmitting personal information.

8. Review credit card and bank account statements as soon as you receive them to determine whether there are any unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances

References:

1. http://www.fairwinds.org/security/Types/fraud_phish.asp

2. http://en.wikipedia.org/wiki/Phishing

3. http://www.washingtonpost.com/wp-dyn/articles/A59350-2004Nov18.html