How to protect your account from Phishing attacks

Phishing is a form of social engineering technique used by hackers to gather sensitive information such as usernames, passwords and credit card details by posing as a trustworty person/organization. Since most online users are unaware of the techniques used in carrying out a phishing attack, they often fall victims and hence, phishing can be very effective.

With the dramatic increase in the number of phishing scams in the recent years, there has also been a steady rise in the number of people being victimized. Lack of awareness among the people is the prime reason behind such attacks. This article will try to create awareness and educate the users about such online scams and frauds.

Phishing scams usually sends an email message to users requesting for their personal information, or redirects them to a website where they are required to enter thier personal information. Here are some of the tips that can be used to identify various phishing techniques and stay away from it.

Identifying a Phishing Scam

 

1. Beware of emails that demand for an urgent response from your side. Some of the examples are:

• You may receive an email which appears to have come from your bank or financial organization stating that “your bank account is limited due to an unauthorized activity. Please verify your account asap so as to avoid permanant suspension”. In most cases, you are requested to follow a link (URL) that takes you to spoofed webpage (similar to your bank website) and enter your login details over there.
• In some cases, phishing emails may ask you to make a phone call. There may be a person or an audio response waiting on the other side of the phone to take away your credit cards details, account number, social security number or other valuable data.

2. Phishing emails are generally not personalized. Since they target a lagre number of online users, they usually use generalized texts like “Dear valued customer”, “Dear Paypal user” etc. to address you. However, some phishing emails can be an exception to this rule.

3. When you click on the links contained in a phishing email, you will most likely be taken to a spoofed webpage with official logos and information that looks exactly same as that of the original webpages of your bank or financial organization. Pay attention to the URL of a website before you enter any of your personal information over there. Even though malicious websites look identical to the legitimate site, it often uses a different domain or variation in the spelling. For example, instead of paypal.com, a phishing website may use different addresses such as:

• papyal.com
• paypal.org
• verify-paypal.com
• xyz.com/paypal/verify-account/

 

Tips to Avoid Being a Victim of Phishing

 

1. Do not respond to suspicious emails that ask you to give your personal information. If you are unsure whether an email request is legitimate, verify the same by calling the respective bank/company. Always use the telephone numbers printed on your bank records or statements and not those mentioned in the suspicious email.

2. Don’t use the links in an email, instant messenger or chat conversation to enter a website. Instead, always type the URL of the website on your browser’s address bar to get into a website.

3. Legitimate websites always use a secure connection (https://) on those pages which are intended to gather sensitive data such as usernames and passwords, account numbers or credic card details. You will see a lock icon  in your browser’s address bar which indicates a secure connection. On some websites like paypal.com which uses an extended validation certificate, the address bar turns GREEN as shown below.

In most cases, unlike a legitimate website, a phishing website or a spoofed webpage will not use a secure connection and does not show up the lock icon. So, absence of such security features can be a clear indication of phishing attack. Always double-check the security features of the webpage before entering any of your personal information.

4. Always use a good antivirus software, firewall and email filters to filter the unwanted traffic. Also ensure that your browser is up-to-date with the necessary patches being applied.

5. Report a “phishing attack” or “spoofed emails” to the following groups so as to stop such attacks from spreading all over the Internet:

You can directly send an email to spam@uce.gov orreportphishing@antiphishing.org reporting an attack. You can also notify the Internet Crime Complaint Center of the FBI by filing a complaint on their website: www.ic3.gov.

source-http://www.gohacking.com

read more "How to protect your account from Phishing attacks"

Facebook Privacy Settings [Infographic]

ZoneAlarm, an expert in consumer Internet security, this week published a helpful infographic titled Social Media Safety Belt, in which they explain how to navigate your ever-changing privacy settings. In the image which they describe as “the ultimate primer for your Facebook safety needs”, they recommend the desirable settings for photos, instant personalization, public search, apps, Places, etc.

 Check the full visual here.

read more "Facebook Privacy Settings [Infographic]"

Your Facebook Friends as CAPTCHAs

Web applications often use CAPTCHAs to ensure that real human beings and not bots are using the system. These CAPTCHAs are mostly a combination of words that are distorted enough so that only human eyes can read and solve them.

Facebook is however taking a more social approach to CATCHA solving.

Traditional CAPTCHAs are often hard to solve and therefore Facebook is experimenting with social authentication where you don’t have to recognize letters but images - they’ll show you a few pictures of your friends and ask you to name the person in those photos.

ALSO SEE: NEW FACEBOOK PROFILE LAYOUT HACK

read more "Your Facebook Friends as CAPTCHAs"

Check working of your antivirus ??

Most of pc are now affected with virus and we all are using different type of antivirus but still our pc is not secure so to check proper functioning of our antivirus there is a simple trick

To Check if your AntiVirus is Working :

• Open Notepad.
• Now Copy this code in the text file….

  X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

• Then save it with the name fakevirus.exe

Now, If the File got Detected Immediately .. It means your Antivirus is working Properly.

Info : This test virus was developed by the European Institute for Computer Anti-Virus Research (EICAR) to provide an easy (and safe!) way to test whether your anti-virus software is working, and see how it reacts when a virus is detected. It is supported by most leading vendors, such as IBM, McAfee, Sophos, and Symantec/Norton.

read more "Check working of your antivirus ??"

Register username for your facebook profile and pages

In twitter you have profile url like www.twitter.com/technowit which is simple and can  easily be remembered. Its simplicity also helps in promoting any product as it prevents going on twitter copying and pasting the profile address. Any person can easily type it whenever needed.

The same can be done with facebook. In twitter the its asked during the registration itself but in facebook it has to be selected afterwards.

You can select username for your facebook profile and also pages that you have created.As I told earlier selecting any username shorts the address and can also be easily remembered.

Its really easy to select the username. Login to your facebook account and visithttp://www.facebook.com/username/. There you will be asked to select username for both the username profile and pages.

Just select and save it.

for Technowit

visit www.facebook.com/technowit

Remember once you have saved the username then their is no turning back that is you can't change it afterwards. If you have any question then visit  Facebook Help center

read more "Register username for your facebook profile and pages"

Protect Your Email from SPAM

Email Spam is basically technique of sending abusive and unwanted emails to people who are not willing to receive it. Like someone has launched a website he will send thousands of emails to thousands of people. This will lead to flooding the email IDs.People spam for many purposes like for increasing their website traffic, for increasing the sale of their products etc. This has been declared illegal in many parts of the world. Many malicious hackers infect computers with viruses and worms and it is called zombie networks. Then these infected computers are used by Malicious Hackers for spamming.

How to protect yourself from SPAM?

1:) You should use SPAM filters to protect from SPAM for example spam fighter.

2:) Don’t reply to the email which looks suspicious to you.

3:) Give your email ID to trustworthy websites for signing for newletters.

4:) If you want to post your email ID post in this format emailaddress(at)yoursite.com or emailaddress[at]yoursite.com

read more "Protect Your Email from SPAM"

What to Do When Your Email Account is Hacked?

It can be a real nightmare if someone hacks and takes control of your email account as it may contain confidential information like bank logins, credit card details and other sensitive data. If you are one such Internet user whose email account has been compromised, then this post will surely help you out. In this post you will find the possible ways and procedures to get back your hacked email account.

For Gmail:

It can be a big disaster if your Gmail account has been compromised as it may be associated with several services like Blogger, Analytics, Adwords, Adsense, Orkut etc. Losing access to your Gmail account means losing access to all the services associated it with too. Here is a list of possible recovery actions that you can try.

Step -1: Try resetting your password since it is the easiest way to get your account back in action. In this process Google may ask you to answer the secret question or may send the password reset details to the secondary email address associated with your compromised account. You can reset you password from the following link

Gmail Password Reset Link

If you cannot find success from the Step-1 then proceed to Step-2.

Step-2: Many times the hacker will change the secret question and secondary email address right after the account is compromised. This is the reason for the Password Reset process to fail. If this is the case then you need to contact the Gmail support team by filling out the account recovery form. This form will ask you to fill out several questions like

1. Email addresses of up to five frequently emailed contacts
2. Names of any 4 Labels that you may have created in your account
3. List of other services associated with your compromised account
4. Your last successful login date
5. Account created date
6. Last password that you remember and many more…

You need to fill out this form as much accurately as possible. It is obvious to forget the dates of last login, account creation and similar terms. However you need to figure out the closest possible date/answers and fill out this form. This is your last chance! The more accurate the information filled out in the recovery form, the more the chances of getting your account back. You may reach the account recovery page form the following link

Account Recovery Form

For Yahoo and Hotmail:

Unfortunately for Yahoo/Hotmail there is no second option like filling out the form or contacting the support team. All you need to do is either answer the secret questions that you have setup or reset the password using the secondary email option.

To initiate the password reset process just click on the Forgot password link in your login page and proceed as per the screen instructions.

I hope this post will help you recover the lost account. 

read more "What to Do When Your Email Account is Hacked?"