Security threats you should know about5 min read . Updated: 05 Apr 2011, 08:46 PM IST
Security threats you should know about
Security threats you should know about
Imagine you’re spending a lazy Sunday afternoon at home just chilling, updating your blog with photos of the new bike you just bought, chatting on Facebook as you do so. Suddenly, you get a call from a friend inviting you out for dinner. You start getting ready and tweet about the plan before you leave your house. On your way, you update your status on Foursquare, expecting to gather a few more friends.
It may seem a little far-fetched today, but isn’t that where we’re headed? Thanks to technology, it’s becoming easier for the nefarious to track our every move. According to the Norton Cybercrime Report: The Human Impact 2010, 76% of Internet users in India have fallen victim to a cybercrime. Of course, “cybercrime" includes getting a virus at some point, but social engineering attacks are on the rise.
A look at the main pitfalls you may face.
Social media scourges
Everyone you know is using social media, and according to comScore, a digital market intelligence and measurement service, India is the eighth largest social networking market in the world.
With increasing integration on our hand-held devices, services such as geo-tagging and geo-location are on the rise. Being careless about your location status makes you all the more vulnerable to attacks, as cyber crooks know where and when you’re travelling. You leave a wealth of information behind for everyone to see.
Geo-location: Never use geo-location services from your home, this is as good as putting posters around the city declaring your address. Follow the same practice for your office.
Phishing: Watch out for suspicious page invites on Facebook even from trusted sources such as your friends. These are fake log-in pages which seek your permission by asking your credentials. Once they gain access to your page they then exploit information, like the pictures and videos you’ve uploaded.
Twitter botnets: Similar to the command-and-control IRC botnets, hackers are now using Twitter to spread specific types of malicious malware on a PC which follows these bots on Twitter. Once these bots are on your system they can be commanded to wipe or steal your data. Make sure the people you follow are not bots, and revoke access to all unused apps on your account, as they could share your feeds with third-party applications you no longer use.
Malware infecting smartphones has increased by 33% in the last year alone. Symbian has been the most loved platform for hackers, but that was till now. With the advent of smartphones and availability of millions of apps, operating systems such as Android are expected to see the most number of attacks this year. Recently Google was forced to pull down 50 apps from the Android market as close to 200,000 users downloaded the DroidDream app.
Gaurav Kanwal, country sales manager, Symantec, says, “As we go beyond the PC to experience the benefits of the Internet, we need to step ahead of cyber criminals in these new environments."
Watch that app: Only download apps which are useful and essential to you. Getting just about every other free app you see online, just to try it out, is not very safe. Also, when installing an app, read the permissions it’s asking for, and if you’re uncomfortable granting it those privileges, don’t download. Get a free antivirus such as Lookout Mobile Security to ensure that unwanted malware doesn’t creep into your phone; keep in mind that the data and contacts on your phone are more important than the data on your PC.
Wi-Fi hot spots: Just because you see an open Wi-Fi network doesn’t mean you need to connect to it. Wi-Fi hot spots are rarely secure, and other devices connected to them with malware infections can easily infect you. Make sure you have antivirus installed on your device and double-check the firewall settings before logging on to unrestricted Wi-Fi hot spots. According to Symantec, four out of 10 smartphone users access and check their bank accounts and make online purchases on mobiles. Using your bank’s phone services over public networks is a strict no-no.
You might tend to ignore the fact that your workplace too poses a few security holes that you’re ignoring. Remember, having good security practices in place at work can not only save your data and your money, but might end up saving your job as well.
Keep it official: Just because you’ve been allotted a PC at work doesn’t mean you can save personal information on it. Never save information such as ATM PINs, Net banking passwords or personal photos and videos on your work machine. Even deleting them does not keep the information safe, as any person can use recovery software and recover deleted information from hard drives.
Portable data: Avoid carrying around sensitive information on your portable drives—either work-related or personal. And if you must, use encryption or at least password protection. The everyday user can also use software such as WinRAR to archive and password-protect a collection of files and folders. It takes a few minutes more of your time, but can save you a lifetime of regret. The most common leaks happen when you lose such drives.
Email scams: Job advertisements are a common method of weaning information from you. An email might promise a job abroad, and ask for your school and college certificates, and passport copies. This information is then used to create fakes, or can be used to open an account in your name to conduct nefarious transactions. Also, never trust email that claims to be from your bank, and asks you to reset your password, or basically asks you to enter any information of any sort. Banks never ask for such details online, so such mails are always phishing and and should be ignored or reported.
If you think you’re safe and secure at home, think again.
Just Win7: Sure Windows 7 has an in-built security tool which seems to work fine against regular adware and malware that you encounter on a daily basis when surfing. However, malware that’s developed specifically to target PCs with only this form of protection is on the rise. Make sure that you use a real-time scanning antivirus solution in conjunction with Microsoft Security Essentials to get a dual layer of protection. Scan your computer at regular intervals and make sure you create a system restore point, so even if your system is compromised you can revert to a previous date.
Fake software: If you happen to download a fake antivirus then you’re in for trouble. Developed to infect your computer, these rogue viruses not only disable all possible options of recovery, but fool you into believing that your PC is infected and you need to pay money in order to get rid of the virus. Applications such as Antivirus Live and Advanced Antivirus Remover are just some of the examples of fake antivirus software. If your PC is infected by such threats, then getting a fake antivirus removal tool is a good option. You can also use SUPERAntiSpyware to remove such malicious malware.
Write to us at email@example.com
This content is brought to you by thinkdigit.com