How to Avoid being Hacked; Safely browse the Internet

Browse Safely Online

How can I use the browser safely online?

Your browser is an important part of your computer’s security. Keep your browser and security systems (anti-virus software, firewalls, etc.) up-to-date.

Suggested good browsing habits:

  • Read the links you want to click on and don’t assume a link is safe just because you found it in a “safe” way.
  • Don’t install something just because a web page suddenly tells you that you need it.

What are Viruses, Worms and Trojans?

Viruses, worms and Trojans are malicious programs that can infect your computer and change the way it works.

To protect your system from virus/malwares:

  • Be wary of email and instant messaging attachments or files, even if they are from people you know.
  • Scan downloads with anti-virus software before installing them.
  • Ensure your anti-virus software is up-to-date and reliable.

Get rid of spyware on your computer with anti-spyware software.

What is Spyware?

Spyware is software that collects and sends information from your computer without your permission.

To protect your system from spywares:

  • Watch out for unexpected offers, warnings and dialog boxes that suddenly pop up while you’re online. Avoid clicking on them, even to cancel or close them.
  • Be wary of peer-to-peer sharing.
  • Always read the End User License Agreement (EULA) when downloading from trusted sources.

Get rid of spyware on your computer with anti-spyware software.

Should I exercise any precautions while attending my emails?

Emails have been known, to be a major channel for scam and frauds. These emails not only swindle the receiver by creating a circumstance for the victim to pay but at times deploy technical malfunction on users’ computer / devices. Evaluate all emails you receive:

  1. Do you know the sender of the email? If yes, still be cautious before clicking a link. If no, do not click any links.
  2. Are there any attachments in the email? If so, is the attachment an executable (a file with the extension .exe, .bat, .com, .vbs, .reg, .msi, .pif, .pl, .php)? If so, do not click on the attachment. Even if the file does not contain one of the above mentioned extensions, be cautious about opening it. Contact the sender to verify its contents.
  3. Does the email request personal information? If so, do not reply.
  4. Does the email contain grammatical errors? If so, be suspicious.
  5. If you have a relationship with the company, are they addressing you by name? Be cautioned as your company will usually address you by registered name on their system.
  6. Have you checked the link? Mouse over the link and check the URL. Does it look legitimate or does it look like it will take you to a different Web site? Do not open any link which shows a different website other than the company/ official website.

Applying cautions suggested above would assist in avoiding phising, vishing or smishing attack.

Spyware, Protection, Worms, phishing, vishing, smishing, pharming

What is phishing, vishing, smishing, and pharming?

Phishing

Phishing refers to an activity that attempts to fraudulently obtain sensitive information about you. There are several ways scammers will try to obtain sensitive information from you. Sometimes you will first receive an email to lure you into a conversation and then follow that up with a phishing email. At other times, you will just receive a phishing email in the first instance. Once you click on the links provided, it will lead you to a duplicate website (fake) which would ask you to feed in your personal information.

It is highly recommended that all such messages be immediately deleted and do not respond.

Vishing

Similar to phishing only that the mode applied is telephone, instead of email which is used in phishing. Criminals use the phone to solicit your personal information in an effort to steal your identity or commit fraud. Vishing relies on “social engineering” techniques to trick you into providing information that others can use to access and use your important accounts. People can also use this information to pretend to be you and open new lines of credit.

 

Avoid being a victim of vishing by adopting safe practices given below:

  • If you receive an email or phone call asking you to call or share your details, search for the organization’s customer service number and call that number rather than the number provided in the solicitation email or phone call.
  • Forward email received to customer service or security email address of the organization as available on their official website, to confirm whether the mail is legitimate.

It is highly recommended that all such messages be immediately deleted and do not respond.

Smishing

Just like phishing, smishing uses mobile phone text messages to lure consumers in. Often SMS text contain an URL or phone number. The phone number often has an automated voice response system. And again just like phishing, the smishing message usually asks for your immediate attention.

In many cases, the smishing message will come from a masked name or short number instead of displaying an actual phone number. This usually indicates the SMS message was sent via email to the cell phone, and not sent from another cell phone.

It is highly recommended that all such messages be immediately deleted and do not respond.

Pharming

Pharming is another scam where a hacker installs malicious code / malware on a personal computer or server through a website you visited or link you ignorantly clicked. This code then redirects clicks you make on a website to another fraudulent Web site without your consent or knowledge. To avoid pharming, be careful when entering financial information on a website. Look for the key or lock symbol at the bottom of the browser and the web address bar. If the Web site looks different than when you last visited, be suspicious and don’t click unless you are absolutely certain the site is safe.

 

How phishing takes place without you realizing?

You will receive an email which looks as if it has been sent out by an organization you are associated with. Such entity can be your bank, your webmail, or any other institution. The email content & presentation looks similar to any other email received by you from such organization (see figure 1), only that this time they use a link on the body of email which redirects to a hoax website (see figure 2). This page would ask you to enter your details (see figure 3). Once you enter details which are required by the hacker and submit, you are redirected to the actual website (see figure 4).

 

By the time this act is completed you have already lost your personal details to the hacker who can misuse them to his benefit at obviously your cost!!!

hacking, Malware

Do notice that original website displays as in figure 4, the following:

  1. Favicon (an icon associated with a URL that is variously displayed, as in a browser’s address bar or next to the site name in a bookmark list) visible at the tab
  2. Displays a LOCK sign (place your cursor on top of it to display the identifying agency)

 

What safety essentials are suggested for me to practice?

Some tips for you to follow:

  • Do not use the same user name and password for your financial institution and other sites where you may conduct transactions as you use for social or recreational sites. Follow the tips for creating a good password.
  • Use an anti-virus software package and make sure you have it set up to scan your system automatically.
  • Ensure your computer and Internet browser are up to date by running updates as requested. Visit the manufacturer’s Web site and download any updates as needed.
  • Change your user name and password frequently.
  • If you are a victim of identity theft, contact your financial institutions (banks, debit/credit card companies) and get such instruments blocked immediately.

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.