Thursday, September 2, 2010
Wednesday, August 11, 2010
Google's Gmail under phishing attack
NEW DELHI: India's 71 million internet and close to 10 million broadband users are increasingly becoming the victims of vicious phishing attacks that can result in identity theft, danger to life and even crippling financial fraud.
On Wednesday, users of Google's email services received a legal notice from the gmail team asking them to update their account details for security reasons.
"Gmail Team is working on total security on all accounts in order to make Gmail better as ever and as a result of this security upgrade we require all Gmail members to verify their account with Google. To prevent your account from disability you will have to update your account by clicking the reply button and filling the space below," the mail read.
The legal notice from Gmail wanted users to refurbish their account name, password, occupation, birth date and country of residence. It also carried a threat that users who did not update their details within 7 days of receiving the warning would lose their account permanently.
However, when contacted, a Googlespokesperson said, "Some spammers send fraudulent mass-messages designed to collect personal information, called 'spoofing' or 'password phishing' . We always advise our users to be wary of any message that asks for your personal information, or messages that refer you to a webpage asking for personal information. Google or Gmail does not send unsolicited mass messages asking for passwords or personal information; even if the message asking for it claims to be from us, please don't believe it."
This information is publicly available in the Gmail support center at http://mail.google.com/support/bin/answer.py?hl=en&answer=8253
According to Rakshit Tandon, consultant safe surfing with the Internet & Mobile Association of India (IAMAI ), "Phishing activity has been on the rise across India since December. The biggest targets for cyber criminals are banking sites followed by free email sites like Gmail and Yahoo and social networking sites like Facebook and Orkut," he said.
The IAMAI runs cyber safety programmes and has already worked with 3,50,000 students in 185 schools across 43 cities and 13 states.
"A schoolteacher in Mumbai lost close to Rs 10 lakh after phishers got into her netbanking account. Internet penetration is going up which is inviting more criminal attacks as awareness levels are very low," adds Tandon.
His advise is to be investigative and use logic (BIUL) when using the Net in order to improve your personal Internet security levels.
On Wednesday, users of Google's email services received a legal notice from the gmail team asking them to update their account details for security reasons.
"Gmail Team is working on total security on all accounts in order to make Gmail better as ever and as a result of this security upgrade we require all Gmail members to verify their account with Google. To prevent your account from disability you will have to update your account by clicking the reply button and filling the space below," the mail read.
The legal notice from Gmail wanted users to refurbish their account name, password, occupation, birth date and country of residence. It also carried a threat that users who did not update their details within 7 days of receiving the warning would lose their account permanently.
However, when contacted, a Googlespokesperson said, "Some spammers send fraudulent mass-messages designed to collect personal information, called 'spoofing' or 'password phishing' . We always advise our users to be wary of any message that asks for your personal information, or messages that refer you to a webpage asking for personal information. Google or Gmail does not send unsolicited mass messages asking for passwords or personal information; even if the message asking for it claims to be from us, please don't believe it."
This information is publicly available in the Gmail support center at http://mail.google.com/support/bin/answer.py?hl=en&answer=8253
According to Rakshit Tandon, consultant safe surfing with the Internet & Mobile Association of India (IAMAI ), "Phishing activity has been on the rise across India since December. The biggest targets for cyber criminals are banking sites followed by free email sites like Gmail and Yahoo and social networking sites like Facebook and Orkut," he said.
The IAMAI runs cyber safety programmes and has already worked with 3,50,000 students in 185 schools across 43 cities and 13 states.
"A schoolteacher in Mumbai lost close to Rs 10 lakh after phishers got into her netbanking account. Internet penetration is going up which is inviting more criminal attacks as awareness levels are very low," adds Tandon.
His advise is to be investigative and use logic (BIUL) when using the Net in order to improve your personal Internet security levels.
Sunday, August 8, 2010
Thursday, July 29, 2010
How to build battery-powered USB charger
Components required: An Altoids tin or any other metal container of the same size. A 9-volt battery. A voltage regulator (available at any electrical/hardware shop). A female USB port (available at any local computer shop).
Make a hole on one end of the tin using a cutter and fit the USB port into it. Use tape to hold them together. Place the battery in the tin. Solder its wires to the regulator and the USB port using the following diagram. Be careful. Use double-sided tape and make sure the battery and the regulator are secured in the tin. Connect one end of your USB cord to the female USB port and the other end to your iPod and you are done. This charger can be used with any USB enabled device.
How hackers snoop on private web browsing
LONDON: Experts have identified how their web browser's 'private mode' setting is also vulnerable to hackers.
Most web browsers offer a private mode, intended to leave no trace of surfing history on the computer.
But Collin Jackson at Carnegie Mellon University in Pittsburgh, Pennsylvania, and colleagues, have found ways to detect which sites were visited with the mode enabled.
Even if private browsing is enabled, details relating to the key remain stored on the computer's hard drive, allowing a hacker to establish that a particular site had been visited.
A hacker could "guess what sites you've been to based on traces left behind," New Scientist quoted Jackson as saying.
These attacks on privacy "do not require a great deal of technical sophistication and could easily be built into forensics tools," he added.
However, Rik Ferguson -- a UK-based security researcher at Trend Micro of Tokyo, Japan -- says that any attacker with the knowledge to exploit the weaknesses would probably look to other attacks first, which may yield more detailed information.
"If someone is capable of tracking your browsing habits in this way, then they are probably also tech-savvy enough to know about commercial spyware which could much more effectively track your computer use," says Ferguson.
Most web browsers offer a private mode, intended to leave no trace of surfing history on the computer.
But Collin Jackson at Carnegie Mellon University in Pittsburgh, Pennsylvania, and colleagues, have found ways to detect which sites were visited with the mode enabled.
Even if private browsing is enabled, details relating to the key remain stored on the computer's hard drive, allowing a hacker to establish that a particular site had been visited.
A hacker could "guess what sites you've been to based on traces left behind," New Scientist quoted Jackson as saying.
These attacks on privacy "do not require a great deal of technical sophistication and could easily be built into forensics tools," he added.
However, Rik Ferguson -- a UK-based security researcher at Trend Micro of Tokyo, Japan -- says that any attacker with the knowledge to exploit the weaknesses would probably look to other attacks first, which may yield more detailed information.
"If someone is capable of tracking your browsing habits in this way, then they are probably also tech-savvy enough to know about commercial spyware which could much more effectively track your computer use," says Ferguson.
Subscribe to:
Posts (Atom)