The year of scareware
This week also, as promised, I continue the journey into the world’s deadliest places. This is the state of the Internet. Hack attacks are growing at double digit rates every month, break sophistication has reached extraordinary levels, scareware is all over and cybercrime is now a serious career.india Updated: May 21, 2011 19:32 IST
Your online life runs on passwords. Email, Facebook, Twitter, online banking, credit card, e-shopping accounts – all of these and more require a login. And most of us have ridiculously easy passwords. The human mind is programmed to use passwords that make sense to us, that take from our daily lives. Thus names, birthdays and dates are what we make into a password. Easy to remember, easy to type in and also very easy to hack into. Start by having a master password that protects all your other passwords. It is said that the toughest password is a full sentence typed without a space that has one extra number and one extra symbol. Thus ‘ithinknobody$canbreak9this’ is a much better password than ‘rajivm’.
A money transfer, banking transaction, online buying of a product – whatever you do can be tracked and replicated by someone else, fraudulently. That doesn’t mean you should stay away from all online transactions and go back to the middle ages. No bank will ask you for your password on email or sms ever, most e-shopping companies have cash on delivery options, don’t store your credit card info on any of your accounts permanently, don’t go for one-click buys (it takes only 15 seconds to fill in your credit card info every time), use a virtual keypad to enter details, make sure you guard the CVC with your life, take a second level instant password generator account (an on-the-fly 2nd pass word is sent to you by sms) and give your bank a call in the event that you suspect a fraudulent correspondence.
Multiple Online Shenanigans
This section deals with just normal stuff you do all day, every day and why complacency here could be fatal. This segment here could take a whole book, but let’s try and do it as a quick primer.
Shortway to Hell: Don’t click on shortened links on Twitter, Facebook or emails – they could take you direct to malicious websites. Instead, use apps that give you a preview, like tweetdeck and tinyURL.
Inbox time bomb: The sophistication of phishing and malicious emails has reached epidemic proportions. It’s almost impossible to distinguish between them and the real ones from a company that you trust. Go directly to the website you deal with, don't click links from within your email and don’t trust anything that lands in your inbox.
Torrent Terror: Your free movie or top 100 songs could also end up as a download of the best of spyware and viruses. Torrent sites are now known as the most dangerous of them all as there is no vetting of content whatsoever. If you can’t give up on free downloads, then use torrents on a second computer off your network, keep all downloads in one folder, don’t auto launch them, avoid compressed files and use a super- duper antivirus on each before you open them.
Porn Rules: Now for all you pornists. No, I am not going to go all puritan and ask you to stop. All I will ask is that you go for quality porn and get better at your job. Porn sites are big business and run on reputation; thus the big ones won’t hit you with crapware. Stick to those and don’t download any extra software from them, no video codecs and no picture viewers.
AmNotHomeRobMe.com: Broadcasting your location, time and exactly where you are also means you’re telling the world where you’re not. Which means if your smartphone is telling the world you’re out of the country and won’t be back for a week, it’s pretty good information for someone who wants to rob your house at leisure. Avoid location-based apps and sites till a better, more secure model comes about. Else, you may be the mayor of a coffee shop, but may pay a king’s ransom for that privilege.
One more critical thing to be aware of. Get away from the silly notion that none of this can happen to you. The one hundred and fifty million people who were been hacked in the last one month thought so too.
The Pentagon receives over six million hacking and security threats a day
Reported on a PBS Special
Scareware is rising at an “unprecedented rate.” More than 4,85,000 strains of scareware are active right now.
The Anti-Phishing Working Group
90 percent of all email is spam, with an additional 1.11 per cent containing actual malware
There are some straightforward things the industry should be doing right now to fix things (security holes), and I don’t know why they haven't been done yet
Tim Berners-Lee – World Wide Web Founder
Rajiv Makhni is managing editor, Technology, NDTV and the anchor of Gadget Guru, Cell Guru and Newsnet 3.
Follow Rajiv on Twitter at twitter.com/RajivMakhni
- From HT Brunch, May 22
Follow us on twitter.com/HTBrunch
Connect with us on facebook.com/hindustantimesbrunch