Monday, June 14, 2010

Web Security 101

As some of you may recall, my WoW & gmail accounts were hacked a while back. Recently, I've also heard of a spate of email and facebook accounts being hacked. Just about anyone can become a victim now.

Especially with sites like facebook out there, which may have less than adequate privacy measures, it seems that a person's information (and even one's identity) is less safe than ever. (By the way, if you use facebook you should follow the instructions on this site to make sure your information is secure.)

Not a week goes by that I don't hear about one of my friends or acquaintances being the victim of a hacker. The days of lax web security are over.

Let's review some basics when it comes to web security. Passwords should always contain both letters and numbers. Have a different password for every account you have; you don't want all your eggs riding in one insecure basket, no?

Also, try to make your passwords not be a single word, and not be a logical association of words. "God" is a terrible password... extremely easy to guess by a hacking program, and statistically this is a common password. "GodIsGreat" would be another bad choice... a logical association, and no numbers. "GodTaco164Cheetah9" would be a wonderful password, though it might be a bit too long for some accounts. Regardless, you get the idea; random and illogical = secure.

Also remember to be extremely wary of seemingly legitimate messages, even if it appears to be from people or websites that you know. Many times, people can fake who it appears to be sent from. (This is called "spoofing".)

The official-looking email might ask for your account information and password, or perhaps your credit card number. Often they will threaten something if you don't respond quickly. If there is a harsh threat included, be extra careful... that's almost a sure give-away that it is a scam email. (This practice is called phishing.)

Often times, suspect emails will include a link to the official website. You might click on it, and it certainly appears to be the legitimate website... but appearances can be deceiving. What you need to do is be very careful about trusting links. Compare the web address from a link with the one you have bookmarked. Often, though the sites look identical, you can spot a minor difference in the web address. Instead of www.yourbankwebsite.com it might be www.youbankwebsite.com ... which of course would lead to your account information being handed over to hackers if you tried to log in at the latter site.

Remember, some virus programs are even able to send you email from your friends computers (if they've been infected) or else appear to have been sent from someone you know. You must always be very vigilante if you get an email that doesn't make sense, or only contains a line of text and a link. "This is hilarious: (link)", for example, would be very suspicious and I wouldn't click on it until I contacted my friend and confirmed they really did send it.

One last tip: make sure your web browser and operating system is fully up-to-date. (In case you don't follow, a web browser would be Internet Explorer and an operating system would be Windows XP, for example.) Often times, updates will repair some flaws in the security of these programs... so you always want to have them completely updated.

The days of being able to keep your head down and remain lax about your internet security are over. Make sure you're not the next victim!

No comments:

Post a Comment