The Threat of Online Security: How Safe is Our Data?

Posted by Pit Ei

Online Security has become an enormous concern to people surfing the Internet, and to people conducting business on the World Wide Web. We have all heard reports of and been affected by online viruses spread through emails, online business scams, online identity theft, and online sexual abuses. So, online security really refers to many aspects of our new online world.

The Scary Part
Just about everybody has heard about computer viruses and “worms” that can infect your PC and wreak havoc on your operating system or files, and very few of us have completely escaped from these forms of online threats. New forms of these threats emerge every day. These viruses and worms are insidious little programs that can take control of your system or email service and cause great annoyance if not damage. Recently new variants of software called spyware and adware have rampaged over the web to monitor and try and take control of your online activities.

Today online security risk for Home PC users has escalated even further due to the many people online via dedicated broadband connections. Some folks remain online 24 hours a day. People who remain connected through such a broadband connection are “sitting on the Internet” and potentially exposed to any hacker out there with a malicious desire to try to access your files.

Another reason security risk has escalated is the increased availability of wireless access and use of wireless home networks. For those that use them, these are great and they're fast! But they do present some risk. The bottom line is that unless your PC and your network is protected, a malicious person could be standing in your driveway and gain access to an Excel file that contains the names and phone numbers of your best friends, or into a Word document that contains a list of your credit cards.

How to Protect Your PC and Data?
Virus Protection

Malicious code such as viruses, worms, and Trojan horses can infiltrate personal computers, allowing attackers to compromise the integrity of software packages or even take control of your computer. It's up to you to protect your critical information.

Fortunately, it’s easy to safeguard your computer against viruses and malicious code. First, install antivirus software to protect, detect, and repair attacks from most viruses. Second, and just as important, ensure that software is up to date. New viruses appear daily. Your antivirus software is only as good as its last update.

Personal FirewallsHackers' virus-like worms are constantly “knocking on doors” looking for available targets. You can help protect your computer by using a firewall. Firewall software on computers protects them from the hazards of the Internet by monitoring the types of activity or attempted activity between the computer and a network. Computers guarded by a firewall can refuse attempted connections that aren't initiated by you or that are suspicious.

SpywareEven computers that are protected by a firewall and safeguarded against viruses can be targeted by spyware. Spyware is software that appears to offer some tangible benefit, but actually monitors your behavior, typically to deliver targeted popup advertising. This illegal access is often used to intercept the user IDs and passwords to your online accounts. So, install anti-spyware software which will help combat and remove spyware from your computer.

Password PrecautionsYour best line of defense on the Internet is your password. No amount of technology can protect you if your password becomes compromised or is easy to guess. Here are a few tips for keeping this personal information safe.

1. Change your password regularly
2. Practice smart password management
- Create longer user names and passwords because they're more secure than shorter ones.
- Refrain from using your name as part of your user name or password because it's too easy to guess.

References:

http://www.online-security-solution.com/

http://www.firstrade.com/public/en_us/knowledgecenter/securitycenter/protectyourself/

How Do You Safeguard Our Personal and Financial Data?

Posted by Qi Ying

How do you safeguard your personal and financial data? Nowadays, computer and internet are very common to everyone. We will rely on computer to save our personal data and using online financial services to do financial transactions such as online banking in order to safe time. Protecting personal and financial information is paramount these days. Criminals are looking for easy ways to get people's personal and financial data to commit identity theft. Therefore, it is important that users take measures to protect their date from lost and damage.

Here are a few approaches on how to safeguard our personal and financial data:
1. Set up a username and password
Set up a username and password for logging on to your computer. This can be done by your administrator and will be separate from the login you enter to gain access to the network. Furthermore, avoid using passwords that are easy for someone to guess, such as the date of birth. Also, never write this information down and never carry it in your wallet. Besides, longer passwords provide greater security than shorter ones. Once selecting a password, change it frequently.

2. Be cautious about providing your information
Don't give your financial information or personally identifying details to organizations you don't know such as bank account numbers, credit card account numbers. Don't disclose the personal financial data on any Web site or online service location, or on the phone, or through the mail unless you receive a secured authentication key from your provider.

3. Install antispyware and antivirus software
Install an antivirus program such as Symantec and Norton antivirus, AVG antivirus or other more in order to protect yourself against viruses and Trojan horses that may steal or modify the data on your own computer. It cleans the computer and protects personal information, financial data. In order for the well protection, you must make sure to keep your virus definitions up to date.

4. Install a firewall
Users can use firewalls to protect their computers and data from unauthorized intrusions. A firewall is a software program designed to allow good people in and keep bad people out. Most new computers come with firewalls integrated into their operating systems. If you have an older computer or use dial up, you may need to purchase a firewall separately and install it yourself.

5. Never open mystery attachments
Never open an attachment or click on a link sent to you by an unknown party. Attachments can contain viruses and links can lead unsuspecting users to dummy sites where they are asked to input financial information.

References:
http://finance.yahoo.com/banking-budgeting/article/103893/Six-Ways-to-Safeguard-Your-Online-Assets
http://www.ehow.com/how_2065985_safeguard-personal-information-work-computer.html?ref=fuel&utm_source=yahoo&utm_medium=ssp&utm_campaign=yssp_art

Phishing: Examples and its prevention methods

Posted by Xingpei


Phishing is an e-mail fraudulent method that attempts to gather personal and financial information such as credit card details, usernames and passwords from recipients. The messages usually appears to come from well known and trustworthy websites. Popular websites that are frequently spoofed are social websites (YouTube, Window Live Messenger), auction sites (eBay, lelong.com.my), online banks (Maybank2u.com), online payment processors (PayPal) and it is typically done through e-mail or instant messaging.

Let me illustrate few classic examples of phishing. 

Illustration 1: eBay

Illustration 2: PayPal

Hints to Spot Phishing Scams

All legitimate institution communication will always greet the user with his or her real name or the name of the email, not just with a generic greeting like, "Dear Accountholder." Other signs that the message is a fraud are misspellings of simple words, bad grammar and the threat of consequences such as account suspension if the recipient fails to comply with the message's requests.

Nevertheless, we should also examine the link provided whether it goes to where it supposes to go. In the example of eBay in Illustration 1, it seems that you are being directed to eBay site for verification https://scgi.ebay.com/saw-cgi/eBayISAPI.dll?VerifyInformation but if you click on the link, you will find that you have been directed to a different site. The best way to avoid this is to copy and paste the link (NEVER click it!) to your address bar.

Preventions

The best way to keep yourself away from phishing scams is to preventing them to go in your mailbox. You may have separate email addresses for different usage, one for financial institutions, one for trusted friends and families and one for public or general use. You have to do everything possible to keep the address you use for financial transactions as private as possible.

Moreover, there are ample of anti-phishing softwares available in the market such as McAfee SiteAdvisor, Kaspersky Internet Security, Norton 360 and etc. Even web browsers like Microsoft Internet Explorer 7, Firefox 2.0 also comes with anti-phishing functions. So, all these may help to keep you away from being the bait.

The last piece of advice to avoid becoming a phishing scam victim is to use your best judgement. None of the financial institution with any sense will email you and ask you to input all your sensitive and private information. In fact, most institutions are reminding and informing customers that “We will NEVER ask you for your personal information via phone or email.”

Video Sharing to clarify on Phishing Scams in Plain English


References:

http://ezinearticles.com/?How-to-Prevent-Phishing-Scams&id=1147318

http://banking.about.com/od/securityandsafety/a/phishingscams.htm

http://en.wikipedia.org/wiki/Phishing

The Application of 3rd Party Certification Programme in Malaysia

Posted by Qiau Hui

The most famous application of 3rd party program in Malaysia is provided by MSC Trustgate.com Sdn Bhd. MSC Trustgate.com Sdn Bhd is a licensed Certification Authority (CA) operating within the Multimedia Super Corridor and was incorporated in 1999. The objective of Trustgate is to secure the open network communications and become the catalyst for the growth of e-commerce, both locally and across the ASEAN region.

Trustgate is licensed under the Digital Signature Act 1997 (DSA), a Malaysia law that sets a global precedent for the mandate of a CA. As a CA, Trustgate offer complete security solutions and leading trust services that are needed by individuals, enterprises, government, and e-commerce service providers using digital certificates, digital signatures, encryption and decryption.

The products and services provided are SSL Certificate, Managed PKI, Personal ID, MyKAD ID, MyTRUST , SSL VPN and so on. Since security is the primary concern of entering into the new Internet economy, the ever-changing paradigm of e-commerce requires a well-mandated security infrastructure. The vision of Trustgate is ‘to enable organizations to conduct their business securely over the Internet, as much as what they have been enjoying in the physical world.’

Why 3rd party is IMPORTANT?
The REASON is there are threats of internet security spreading over the net nowadays. By having the certification from 3rd party, we can ensure that our information traveled over the internet reaches the intended recipients and is safe. Besides, those parties are needed because they can provide e-mail protection and validation, secure online shopping in order to avoid hacked and attacked by Trojan, virus and worms.

With the 3rd party certification program in Malaysia, we will be able to transact on the internet without fear of having our personal data stolen, our information contaminated by third parties, and our transacting party denying any commercial commitment with us. Furthermore, it assists in the development of greater Internet based activities.

Reference: