Google ad

Monday, May 6, 2019

Stay safe Online

Image result for stay safe online
When dealing with cyber crime, an ounce of prevention is truly worth a pound of cure. Cyber crime in its many forms (e.g., online identity theft, financial fraud, stalking, bullying, hacking, email spoofing, information piracy and forgery and intellectual property crime) can, at best, wreak havoc in victims’ lives through major inconvenience and annoyance. At worst, cyber crime can lead to financial ruin and potentially threaten a victim’s reputation and personal safety.
It’s always wise to do as much as possible to prevent cyber crime by following the Online Safety Basic steps given below:
ONLINE SAFETY BASICS

Spam and Phishing

Cyber criminals have become quite savvy in their attempts to lure people in and get you to click on a link or open an attachment.

Malicious Email

A malicious email can look just like it comes from a financial institution, an e-commerce site, a government agency or any other service or business.
It often urges you to act quickly, because your account has been compromised, your order cannot be fulfilled or there is another urgent matter to address.
If you are unsure whether an email request is legitimate, try to verify it with these steps:
  • Contact the company directly – using information provided on an account statement, on the company’s official website or on the back of a credit card.
  • Search for the company online – but not with information provided in the email.

Spam

Spam is the electronic equivalent of junk mail. The term refers to unsolicited, bulk – and often unwanted – email. Here are ways to reduce spam:
  • Enable filters on your email programs: Most internet service providers (ISPs) and email providers offer spam filters; however, depending on the level you set, you may end up blocking emails you want. It’s a good idea to occasionally check your junk folder to ensure the filters are working properly.
  • Report spam: Most email clients offer ways to mark an email as spam or report instances of spam. Reporting spam will also help to prevent the messages from being directly delivered to your inbox.
  • Own your online presence: Consider hiding your email address from online profiles and social networking sites or only allowing certain people to view your personal information. 

Phishing

Phishing attacks use email or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses.
Image result for phishing

Spear Phishing

Spear phishing involves highly specialized attacks against specific targets or small groups of targets to collect information or gain access to systems. For example, a cyber criminal may launch a spear phishing attack against a business to gain credentials to access a list of customers. From that attack, they may launch a phishing attack against the customers of the business. Since they have gained access to the network, the email they send may look even more authentic and because the recipient is already customer of the business, the email may more easily make it through filters and the recipient maybe more likely to open the email.
The cyber criminal can use even more devious social engineering efforts such as indicating there is an important technical update or new lower pricing to lure people.

Spam & Phishing on Social Networks

Spam, phishing and other scams aren’t limited to just email. They’re also prevalent on social networking sites. The same rules apply on social networks: When in doubt, throw it out. This rule applies to links in online ads, status updates, tweets and other posts. 

Tips for Avoiding Being a Victim
  • Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email.
  • Before sending or entering sensitive information online, check the security of the website.
  • Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. Check out the Anti-Phishing Working Group (APWG) to learn about known phishing attacks and/or report phishing.
  • Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date to reduce risk of infection from malware.

What to Do if You Are a Victim

  • Report it to the appropriate people within the organization, including network administrators. They can be alert for any suspicious or unusual activity.
  • If you believe your financial accounts may be compromised, contact your financial institution immediately and close the account(s).
  • Watch for any unauthorized charges to your account.
  • Consider reporting the attack to your local police department, and file a report with the Federal Trade Commission or the Internet Crime Complaint Center.
  • Protect Yourself With These STOP. THINK. CONNECT.™ Tips
  • When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cyber criminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete or – if appropriate – mark it as junk.
  • Think before you act: Be wary of communications that implores you to act immediately, offers something that sounds too good to be true or asks for personal information.
  • Make your passphrase a sentence: A strong passphrase is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces!
  • Unique account, unique passphrase: Having separate passphrases for every account helps to thwart cyber criminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passphrases.
  • Lock down your login: Fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passphrases are not enough to protect key accounts like email, banking and social media. 
  • Malware and Botnets
  • Viruses
  • Viruses are harmful programs that can be transmitted to computers and other connected devices in a number of ways. Although viruses differ in many ways, all are designed to spread themselves from one device to another and cause havoc. Most commonly, viruses are designed to give the criminals who create them some sort of access to the infected devices.
  • Spyware
  • The terms “spyware” and “adware” apply to several different technologies. The two important things to know about them are that:
  • They can download themselves onto your device without your permission (typically when you visit an unsafe website or via an attachment).
  • They can make your computer do things you don’t want it to do, such as as opening an advertisement you didn’t want to see. In the worst cases, spyware can track your online movements, steal your passphrases and/or compromise your accounts.
  • Botnets
  • Botnets are networks of computers infected by malware (such as computer viruses, key loggers and other malicious software) and controlled remotely by criminals, usually for financial gain or to launch attacks on websites or networks.
  • Image result for botnets and malware
  • If your computer is infected with this malware and part of a botnet, it communicates and receives instructions about what it’s supposed to do from “command and control” computers located anywhere around the globe. What your computer does depends on what the cyber criminals are trying to accomplish.
  • Many botnets are designed to harvest data, such as passphrases, Social Security numbers, credit card numbers, addresses, telephone numbers and other personal information. The data is then used for nefarious purposes, such as identity theft, credit card fraud, spamming (sending junk email), website attacks and malware distribution.
  • Ransomware
  • Ransomware is a type of malware that accesses a victim’s files, locks and encrypts them and then demands the victim to pay a ransom to get them back. Cyber criminals use these attacks to try to get users to click on attachments or links that appear legitimate but actually contain malicious code. Ransomware is like the “digital kidnapping” of valuable data – from personal photos and memories to client information, financial records and intellectual property. Any individual or organization could be a potential ransomware target.
  • Protect Yourself With These STOP. THINK. CONNECT.™ Tips:
  • Keep security software current: Having the latest security software, web browser and operating system is the best defense against viruses, malware and other online threats.
  • When in doubt, throw it out: Links in email, social media posts and online advertising are often how cyber criminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.
  • Protect all devices that connect to the internet: Along with computers, smartphones, gaming systems and other web-enabled devices also need protection from viruses and malware.
  • Plug & scan: USBs and other external devices can be infected by viruses and malware. Use your security software to scan them.

  • SOURCE AND FOR OTHER GUIDELINES FOR ONLINE SAFETY:
  • https://staysafeonline.org/stay-safe-online/online-safety-basics/