Don’t be Caught up: How to Clear Your Browser Memory

Your internet browser’s cache stores certain information about web pages you visit, so that they’ll load more quickly in the future. This information include browsing history, saved passwords, auto –fill information etc.

It is considered healthy practice to clear your browser’s memory once in a while even on your own devices as most web sites you visit can track you or even steal your information; you’ll be lucky if such is not used against you.

Clearing your browser memory is pretty simple, which is way more important if you are using a public computer like a cyber café.

On your browser simply press “Ctrl+Shift+Delete” simultaneously.

This opens a dialogue box asking you to select what you want to delete.

Check the boxes you want deleted and click “Ok”

Here are instructions with screenshots on how to clear the cache for all major browsers. If you are unsure of what browser version you are currently using, you can visit whatbrowser.org to find out.

It will be safe to set your browser to clear your cache memory on exit.

Read More

EXPOSED: How to Identify Phishing Scams

Like death and taxes, online scams are inevitable. Among the most widely known flimflams is phishing, in which perpetrators try to steal your private information, such as online-account logins and personal financial data, via fake e-mails, websites, and even phone texts.

A typical phishing solicitation appears to be from a company or service you trust and possibly already do business with, including a bank, a payment service such as PayPal, internet banking or an agency such as the NIMC or a telco.

But a number of telltale signs can help you identify phishing cons. Read on for tips on staying safe and protecting your information.

How to Identify Phish

Here are some ways you can vet an e-mail that makes you suspicious.

• Look for grammar and spelling oddities and errors
• Check the addresses—are they legitimate, or a little off?
• Hover over links within the e-mail to see the real URLs.
• Don’t click on any link in the e-mail; type the given URLs into your browser.
• If you’re unsure of a site, try signing in with the wrong password first. 
• Below are some real-life examples of phish e-mails as well as the warning signs we spotted in each

Common Examples of Phishing Exploits are given below:

Scammers will send you tons of emails like one shown above, but you should be able to tell the this is a scam by looking at the spellings, hovering your mouse on the sender’s name will reveal the actual address of the sender, and a bogus link asking you to fill in some information.

Fake-antivirus attacks are the biggest security trap when you’re using a browser. Here’s what can happen.

The attacker pops up a box like the one above, telling you your PC is infected. You’re convinced to click a “scan” button to “clean up” your PC. This actually installs an exploit that causes problems, such as hiding files, desktop items, documents, and pictures. The attacker then asks for a fee to fix the damage it “finds.”

Fake AV can be cleaned up without paying a fee to the hacker, but it can be a tricky, multi-step process. To avoid the fake-AV trap, learn the messages your own security software gives. And always assume a pop-up warning is bogus, until you check it thoroughly.

Get Knowledge, Be Protected!

Read More

Yahoo! Hacked: Tips To Better Password Security

In light of the Yahoo Voices hack where 450,000 passwords have been compromised, it’s time again to let the world know what they are doing wrong when it comes to passwords. According to CNET:

• 2,295 accounts used 123456 as their e-mail account password.
• 160 accounts used 111111 as their e-mail password and;
• 70 accounts used 000000 as their passwords.

Common Ways Hacks Happen

Dictionary attacks: Avoid consecutive keyboard combinations— such as qwerty or asdfg. Don’t use dictionary words, slang terms, common misspellings, or words spelled backward. These cracks rely on software that automatically plugs common words into password fields. Password cracking becomes almost effortless with a tool like John the Ripper or similar programs.

Cracking security questions: Many people use first names as passwords, usually the names of spouses, kids, other relatives, or pets, all of which can be deduced with a little research. When you click the “forgot password” link within a webmail service or other site, you’re asked to answer a question or series of questions. The answers can often be found on your social media profile. This is how Sarah Palin’s Yahoo account was hacked.

Simple passwords: Don’t use personal information such as your name, age, birth date, child’s name, pet’s name, or favorite color/song, etc. When 32 million passwords were exposed in a breach last year, almost 1% of victims were using “123456.” The next most popular password was “12345.” Other common choices are “111111,” “princess,” “qwerty,” and “abc123.”

Reuse of passwords across multiple sites: Reusing passwords for email, banking, and social media accounts can lead to identity theft. Two recent breaches revealed a password reuse rate of 31% among victims.

Social engineering: Social engineering is an elaborate type of lying. An alternative to traditional hacking, it is the act of manipulating others into performing certain actions or divulging confidential information.

Tips to Make Your Passwords Secure:

Make sure you use different passwords for each of your accounts. (Yahoo, Facebook, Twitter, Google etc)

Be sure no one watches when you enter your password.

Use comprehensive security software and keep it up to date to avoid keyloggers (keystroke loggers) and other malware.

Avoid entering passwords on computers you don’t control (like computers at an Internet café or library)—they may have malware that steals your passwords.

Avoid entering passwords when using unsecured Wi-Fi connections (like at the airport or coffee shop)—hackers can intercept your passwords and data over this unsecured connection.

Don’t tell anyone your password. Your trusted friend now might not be your friend in the future. Keep your passwords safe by keeping them to yourself.

Depending on the sensitivity of the information being protected, you should change your passwords periodically, and avoid reusing a password for at least one year.

Do use at least eight characters of lowercase and uppercase letters, numbers, and symbols in your password. Remember, the more the merrier.

Strong passwords are easy to remember but hard to guess. Iam:)2b29! — This has 10 characters and says “I am happy to be 29!” I wish.

Have fun with known short codes or sentences or phrases. 2B-or-Not_2b? —This one says “To be or not to be?”

Memorize your passwords and PIN codes, never write them down on paper.

Check your password strength. If the site you are signing up for offers a password strength analyzer, pay attention to it and heed its advice.

Read More

Educate Yourself: Cyber Security is Big Business

The cyber security market may reach $870 million by 2017, according to a recent report by the worldwide industry analyst firm IDC. As reported in a recent IBN article discussing the report, IDC indicated there was an increase in Distributed Denial of Service (DDoS) attacks in 2012, which is driving the demand for more proactive solutions to the DDoS problem. But DDoS is only one issue that industries are facing when it comes to cyber threats. In a recent Threat Analysis by security researcher Brett Stone-Gross, Ph.D., with the Dell SecureWorks Counter Threat Unit (CTU), Brett discovered a new Android Trojan Horse called Stels. 

A Trojan horse, or Trojan, is malware (or malicious software) that is installed on a user's computer or mobile device without the user's knowledge. The user unknowingly will activate the malware by innocently performing a desirable function, but instead the function facilitates unauthorized access to the user's computer system, or in this case, mobile device. One of the main purposes of Stels is to steal text messages; these messages may include Mobile Transaction Authentication Numbers (mTAN Numbers) used in Two-Factor Authentication for Mobile and Wire Bank Transfers. The Stels malware can also harvest a victim's contact list, send, as well as  intercept Text Messages, make phone calls (including calls to Premium, expensive  numbers),  and install additional malware packages.

It is apparent that as mobile devices increase in popularity, they become a lucrative target for cybercriminals. The eroding corporate perimeter is becoming more of a playground for malicious activity. As an organization, understanding how the increased adoption of mobile devices affects the security of your network is imperative to understanding that we are no longer bound by a "perimeter" and that defense begins with the user. Education is paramount, but so is embracing the idea that the cyber threats are pervasive and so should be security.

Read More