From: InfoSec News (alertsinfosecnews.org)
Date: Thu Jan 08 2009 - 03:40:57 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://economictimes.indiatimes.com/Infotech/Internet_/Better_safe_than_sorry_when_it_comes_to_emails/articleshow/3947234.cms

[After reading this article, you start to wonder if the cyber security
whizkid, Ankit Fadia has even heard of using SSH or SSL when sending
mail, also the need for having two or more e-mail addresses just seems
to increase the amount of spam one will get in the long run. I'd also
be amiss if I didn't mention this link pointed out to me recently.
http://attrition.org/errata/charlatan.html#fadia - WK]

The Economic Times
7 Jan 2009

NEW DELHI: Not everything in your inbox is safe. What looks like a
simple mail from someone you know, a company you do business with or the
bank in which you hold an account, might have actually been prompted by
sinister intentions.

As cases of email fraud rocket in India, with cheats trying to steal
your money and hackers sending virus infected mails posing as personal
messages from your loved ones, web security experts say quelling
curiosity could be the most important weapon against email fraud. Some
easy habits could save you from becoming a victim of email fraud.

Pick strong passwords and keep them absolutely private. Don’t warm up to
strangers, including those promising you millions bequeathed by heirless
millionaires from Congo. Do not click on tempting links, even when you
are invited to do so by sexy sirens. These could infect your computer or
server with deadly viruses.

To keep your computer safe, start with installing a security software
which will scan and remove viruses and spyware. Beware of emails or
attachments from unknown people or with a strange subject lines,
specially with urgent wordings. Criminals use words that create a sense
of urgency, forcing you to respond to the message or to click on the
link almost immediately without thinking. They may have hacked into the
email ID of your friend to lure you to transfer money to an account
which had no relation to the person allegedly stranded in distress.

Delete messages that seem too good to be true — like you’ve won a
million dollars or hit a jackpot. It could be the frauds from Nigeria,
the 419 gang. Be suspicious of any mails that ask for personal
information , even if it might look legitimate.

That applies to those which may seem to come from your trusted banker. A
cyber security veteran told TOI: ‘‘ Mails from banks asking for personal
information are flooding Indian inboxes. Almost all of these are fake.
Most legitimate banks follow a policy of not asking personal information
through e-mail . If needed , they will send letters or call you up.
Whenever you get such a mail, confirm with the bank’s helpline number
before opening it.’’

Said cyber security whizkid, Ankit Fadia, ‘‘ You must have two different
email addresses with separate passwords — one that is your official one
and the other which you can use for social networking sites or for
online websites and blogs. That way, you know the mails you receive in
your unofficial email are mostly spam.’’ Cyber cafes users are
particularly vulnerable . Avoid using cafes for sending a mail which has
personal details like your ATM PIN.

Fadia said: ‘‘With people, especially from smaller towns thronging cyber
cafes, these places are most prone to email fraud. Most cafes don’t have
strong anti-virus software installed due to economic reasons. This puts
your email at risk from hackers.’’ Fadia notes that the presence of
1,600, and stillgrowing , cyber cafes point to the dependence of a huge
section on these e-kiosks . He has simple advices for them. ‘‘Users must
always log out or lock their computer when stepping away when at cyber
cafes. Forgetting to do so leaves your account open to abuse.’’

_______________________________________________
Please help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]