IT Security Blog

A Few Tips to Avoid Phishing

By

phishing example Chances are that when you open your inbox today you’ll find an e-mail claiming to be from your bank, an e-commerce site, or another online site you’ve visited. They might offer you an upgrade to your account, inform you that there’s been changes to their, and asks you to verify your account information. This could be a phishing attempt to get sensitive information like your personal information or passwords. Fortunately, you can avoid getting scammed by taking these precautions:

  • Be suspicious of any email with urgent requests for personal financial information. Phishers are getting more sophisticated in their attempts, so even if an e-mail appears to be legitimate, look for proof that it came from your e-commerce company. They should be personalized and carry information that only you and your company would know. They might show partial account numbers or other verification tools.
  • Use anti-virus software and a firewall, and keep them up to date. Phishers sometimes include script that can track your activities on the internet without your knowledge.
  • Never use the links in an e-mail to go to any webpage. Phishers will redirect you to a bogus site to trick you into logging in your account number and password. Log onto the website by typing in the web address to your browser. At the same time, never call any numbers in the e-mail. It could lead you to a VoIP provider that isn’t connected to your company at all.
  • Never fill out forms in e-mail messages asking for your personal financial information. Your e-commerce company would never ask you to send sensitive information in that manner.
  • Check your bank, credit, and debit card statements regularly to see if all your transactions are legitimate. Report any suspicious withdrawals immediately.
  • Finally, report the phishing attempt you received to your company and other anti-phishing groups.

[tags]phishing,spam,spoof emails,indentity theft,pharming,spam filtering[/tags]

Sharing your computer and keeping your files intact

By

computer sharing

Living at home means that you have to share your computer with other people. In some companies, people also share workstations in case that they have different work shifts. In any case, it is important for you to make sure that your files are safe. Especially those that you use for work and those that contain confidential information.

Here are some tips for you:

  • Make sure you are using a password that is not easy to guess.
    If people know you well enough, they could probably figure out what password you will use. People tend to use passwords based on words, names and dates that important to them. Examples are pets‘ names and anniversaries. If you do this, chances are those who know you will be able to log in your computer using your account. Try changing your passwords every so often and make sure that they will be easy for you to remember but difficult to guess. Think of some cipher for it.
  • Set permissions on your files and directories.
    You could set that your files and directories will only be accessible to you. Do a chmod on them. Then again, whoever has root access will be able to get through. Maybe it would be easy for you to do this if you are the one with root access.
  • Protect your files with passwords.
    Although not everyone agrees with this, some people do this for their own sake. They feel better to have password protected files. A drawback, of course, is that if it has a difficult password to remember, you might as well have deleted your files.
  • Log out of your account or profile.
    If you have set your file permissions that you are the only one who can view, edit and execute the files, it will be pointless if you don’t log out. When you are the one who is still logged on, you leave your entire session open for intrusion.

Hopefully these tips have helped you deal with some of your dilemmas with regards to sharing your computer with other users.

Hiding Identities Online

By

For bloggers and writers, using pen names has been a normal scenario, some of which who would want to keep their identities apart for privacy reasons. While some would not care and would want to gain the due recognition for their work, it entirely depends on what the blog or composition is all about.

Hiding your Identity

Privacy over the Internet is only normal. Who would want to be cited for something which may become a means of ruining their reputation online? Risky is the right term for most people, but upon voicing opinions, making a stand and living by what you believe in despite what critics may eventually say is something that people would want to be known for.

For sure, this may draw varied criticisms and comments, but the bottom line of it all is that it depends on how daring a person can get and up to what extent he is willing to push himself.

[tags]privacy online, identities, pen names[/tags]

The Deal with Linux and Windows Operating Systems

By

Operatings Systems Layout

A lot of workstations and servers will always have the choice of selecting which operating system to used. Without question, Microsoft’s Windows Server Operating Systems is the first thing in mind to be used although Linux has had its share of being the best alternative operating system today.

The deal here would be efficiency and reliability. This is just the backend of most systems and the choice for which operating system to use would all depend on the programming language and database compatibility with regards to OS preference.

There has been a number of programming softwares that are developed and used today. For each one, like Sybase and Visual Basic, software developing companies have gone to the extent of even making special compatibility towards preferred OS of end-users. This serves as a basis for comparison in determining on which platform that preferred programming software would be entirely performing better. This allows flexibility for users and a wider array of possibilities for systems administrators and developers who compile useful executable programs today.

Virtual Private Networking Explained

By


A virtual private network (VPN) is the extension of a private network that encompasses links across shared or public networks like the Internet. A VPN enables you to send data between two computers across a shared or public internetwork in a manner that emulates the properties of a point-to-point private link. The act of configuring and creating a virtual private network is known as virtual private networking.

To emulate a point-to-point link, data is encapsulated, or wrapped, with a header that provides routing information allowing it to traverse the shared or public transit internetwork to reach its endpoint. To emulate a private link, the data being sent is encrypted for confidentiality. Packets that are intercepted on the shared or public network are indecipherable without the encryption keys. The portion of the connection in which the private data is encapsulated is known as the tunnel. The portion of the connection in which the private data is encrypted is known as the virtual private network (VPN) connection.

VPN connections allow users working at home or on the road to connect in a secure fashion to a remote corporate server using the routing infrastructure provided by a public internetwork (such as the Internet). From the user’s perspective, the VPN connection is a point-to-point connection between the user’s computer and a corporate server. The nature of the intermediate internetwork is irrelevant to the user because it appears as if the data is being sent over a dedicated private link.

VPN technology also allows a corporation to connect to branch offices or to other companies over a public internetwork (such as the Internet), while maintaining secure communications. The VPN connection across the Internet logically operates as a wide area network (WAN) link between the sites.

In both of these cases, the secure connection across the internetwork appears to the user as a private network communication—despite the fact that this communication occurs over a public internetwork—hence the name virtual private network.

VoIP and security

By

voip

Do you use VoIP a lot at home or in your office? If you do, you have to make sure that you are updated when it comes to security issues. For one thing there’s spam over IP telephony. Spam doesn’t just come in the form of comments on blogs or email. You could also get it on VoIP. Good thing that there are companies such as Sipera which is trying to crackdown SPIT. It would surely be a hassle if you don’t deal with it because you might get calls for credit card offers and what-not.

One other thing that researchers are concerned about is that VoIP applications like Skype are open to hacker attacks such as denial of service. Cisco has dealt with it with their CallManager. But what about every other application out there? Are they all secure enough to use? That is why maybe it is time to have the specs out in the open so that there could be more people working on making it more secure.

VoIP sure is useful but people sometimes abuse it. Like in the article about phishing and VoIP, phishers try to make things set up so that they could appear as though they are banks and they would make users call a certain number. How terrible to pretend something they are not! Quite sinister, if I may add. That is why people have to be very careful when it comes to such calls. One must validate the claims and check out the source. Checking the background is going to be an essential.

We need to be responsible with the technology that we use. This is especially when we use it for business. We never know who will be affected.