Ways Cyber Criminals Use Your Own Bad Habits Against You

We all make seemly innocent mistakes every single day when it comes to protecting our identity, our personal information, and our finances, without even realizing it. This is the number one reason that many colleges and universities are offering things like a cyber security degree. Prevention is far easier than trying to reclaim or recoup your losses after you’ve been a victim of internet fraud so maybe it’s time to evaluate how many bad habitsyou’re guilty of.

1. Writing down your password.

I am always shocked at how many people keep a “passwords” file right on their computer desktop or written on a sheet of paper tucked under their keyboard or in their wallet. There are a few obvious places that people hide this important information and believe me when I say that thieves are well aware of what they are. 

The Fix- With the necessity of so many passwords for so many things in our daily life, it is definitely possible to lose track of them, and thieves count on this fact. If you absolutely have to write down passwords, use a little creativity. Add them to your address book under a relatives name with your password disguised as the phone number, fax or email address. 

2. Using the same password for everything.

Though you may think of it as necessary or convenient, using the same password for everything leaves you incredibly vulnerable. Once a scammer cracks one password, they suddenly have access to every other site you’ve used it for. Think about that for a second. Scary, isn’t it? 

The Fix- Again, because so many passwords are required these days, it does seem easier to remember a universal one. If you truly have a difficult time remembering multiple passwords, consider creating several different versions of your preferred code rather than just one. Keep them close enough to the original to remember, but individual enough to not be obvious. 

3. Believing what’s too good to be true.

If you’re a gullible person, you are a prime target for thieves. Whether it’s the old scam of a bazillion dollars that you have to help them claim from a foreign country in order to get a big chunk of it yourself, or the always popular buying or selling of online items that don’t really exist or will never arrive. These two alone put millions of dollars in the wallets of internet scammers every single year. 

The Fix- You only need to keep one simple rule in mind. If this “amazing opportunity” requires you to send money in order for it to happen, RUN. There’s a reason it seems too good to be true. IT IS! The elderly are particularly vulnerable to both phone or internet scams so make sure your older loved ones are informed and aware of the risks 

You don’t have to change much to keep yourself safer online. The very best way is to recognize your bad habits and then change them! 

An unofficial guide to Lulz security.

You might have heard something about Lulz security group, “A bunch of computer security experts who recently penetrate web portal of many commercial giants like Sony,Fox etc” and Even CIA’s official pages too.
Here is short bio of Lulz Security
Lulz Security, commonly abbreviated as LulzSec, is a computer hacker group that claims responsibility for several high profile attacks, including the compromise of user accounts from Sony Pictures in 2011. The group also claimed responsibility for taking the CIA website offline.^[1] The group has been described as a "cyber terrorism group" by the Arizona Department of Public Safety after their systems were compromised and information leaked.^[2] Other security professionals have applauded LulzSec for drawing attention to insecure systems and the dangers of password reuse. It has gained attention due to its high profile targets and the sarcastic messages it has posted in the aftermath of its attacks.
At just after midnight (BST) on 26 June 2011, LulzSec released a "50 days of lulz" statement, which they claimed to be their final release, confirming that LulzSec consisted of six members, and that their website is to be taken down.^[3] This breaking up of the group was unexpected.^[4] The release included accounts and passwords from many different sources. Despite claims of retirement, the group committed another hack against newspapers owned by News Corporation on 18 July, defacing them with false reports regarding the death of Rupert Murdoch.
From Wikipedia ( http://en.wikipedia.org/wiki/LulzSec)
Members of Lulz Security Group

• Sabu
• Topiary
• Kayla
• T-Flow
• Avunit
• Pwnsauce
• M_neva
• Joepie91
• Neueon
• Ryan Cleary
• Levitr0n

Sony once again faced a hacking attack.

It seems that Sony corporation is going through a very rough patch as there are several cyber attacks has been done on various online businesses that Sony operates.Right after Online gaming website and PlayStation databases hacked .Online Portal on Sony Music Japan and Sony BMG Greece hacked.

For Hacking Sony Japans Portal and Greece portal popular SQL injection techniques are used and snapshots of both databases are posted online which contained information like Username,Passwords etc.

These constant penetrations by hacker are forcing various organisations to pay attention to their online security.

to read detailed breakthrough on this attacks visit "The Hacker News" Website as they are first post these news online.

Read Full Attack Report.

Facebook Unlike button scam spreading virally.

Don't be too quick to click on links claiming to "Enable Dislike Button" on Facebook, as a fast-spreading scam has caused problems for social networking users this weekend.

Messages claiming to offer the opposite to a like button have been appearing on many Facebook users' walls:

Facebook now has a dislike button! Click 'Enable Dislike Button' to turn on the new feature!

Read Full Story Here [http://nakedsecurity.sophos.com/2011/05/16/facebook-dislike-button-spreads-fast-but-is-a-fake-watch-out/

] 

From Naked Security

Useful video's related to internet security.

Here is a short compilation video's which gives the detailed information about Security,Counter Majors and more.

99 Percent Of Android Devices Are Vulnerable To Password Theft

Researchers at Germany’s University of Ulm have made some unsettling discoveries about the security of the Android platform. According to an article from The Register, the research group located a vulnerability that allows hackers to collect and use the digital tokens saved on a phone after a user inputs credentials for a password-protected service.

The problem seems to be linked to an authentication protocol called ClientLogin, which is present in version of Android 2.3.3 and earlier (aka most Android phones). After a user inputs credentials for services like Twitter, Facebook, or Google Calendar (to name a few), the programming interface retrieves an authentication token, which is sent in cleartext. “Because the authToken can be used for up to 14 days in any subsequent requests on the service, attackers can exploit them to gain unauthorized access to accounts,” claimed the article, quoting University of Ulm researchers.

Read Full Story Here [http://www.mobilecrunch.com/2011/05/17/99-percent-of-android-devices-are-vulnerable-to-password-theft/]

CCAvenue.com Payment Gateway Hacked

CCAvenue.com, South Asia’s biggest Payment Gateway was attacked by ahacker (who used a call sign name of d3hydr8) using a very silly vulnerability SQLInjection.

As per Hacker Regiment, dehydr8 reported the issue to them and they have published the complete database structure as well as a sample records (thank’s for hiding the password field).

A bad thing to notice is that CCAvenue stored passwords in plain text in their database.

Now the question is, will CCAvenue be booked under new rules of IT act which saysThe intermediary shall take all measures to secure its computer resource and integrity of information received, stored, transmitted or hosted shall be ensured.

Source: http://www.mit.gov.in/sites/upload_files/dit/files/due_dilligance4intermediary07_02_11.pdf

Hours spent on twitter a new scam.

Recently we've talk about various online scams,and now for this time spammers move towards twitter,Yes the famous micro blogging site is facing a scam which rapidly growing more and more people are getting trapped by spammers.
As like other earlier online scams this one does the same ,One fine day you got a tweet or status update from your friend like this

I have spent: 23.8 hours on Twitter! See how much you have


Followed by a link It pretend that it has been created to show your spend hours on twitter,After clicking on the link you'll redirected to a rough twitter application which ask your permission to post some messages and as you grant the access it'll post the same message from your twitter account and the application will start showing a processing window which tells that your result is being calculated and then it ask you for your email address to send you the result.Remember never give your email address to this kind of rough application. They might even send your some trojan or malware.


So now and in future don't click on such links they are spams .


We've earlier talk about this kind of scams and how to stay protected from them you can read them here.

Top cyber attacks of this week.

1.Pre-teens at risk after X Factor hackers steal private data from wannabe contestants.

Read It here:http://netncrime.blogspot.com/2011/05/hackers-steal-simon-cowells-x-factor.html

2.Sony admits breach larger than originally thought, 24.5 million SOE users also affected.

Rad it here :http://netncrime.blogspot.com/2011/05/sony-online-entertainment-portal.html

3.LastPass forces users to change master password after network traffic oddity.

Read it here:http://netncrime.blogspot.com/2011/05/lastpass-advised-to-change-its-master.html

4.Osama bin Laden death video scam spreads virally on Facebook.

Hackers Steal Simon Cowell’s X-Factor Details.

Cyber criminals have been on stealing spree of late. Not long after the the theft of more than 100 million user account details from Sony, Fox has confirmed that hackers also breached fox.com and obtained a file of details on 73,000 people who requested information about the X-Factor auditions.
The Fox TV show. which is an Americanized version of a British talent program. begins filming today. The winner of the show gets a $5 million recording contract with Cowell’s Syco music label and Sony Music.

Read Full Story Here: [http://blogs.forbes.com/parmyolson/2011/05/06/hackers-steal-simon-cowells-x-factor-details/]

Courtesy :Forbes