next »

[ÞاÎT®ØN]

Anti hacking tips for home based online business..

Many of us involved in ecommerce choose to work from home - it's a comfortable environment, we can dress the way we want, save time and money in travel and be close to our loved ones.

But if the computer you use to run your online business is the same one your children use for homework and general surfing, this is potentially a very dangerous situation.

A recent security survey reported that 20% of home PC's are infected with viruses and over 80% contained spyware and adware. Frightening figures.

The following are a few anti-hacking tips that will help in keeping your business systems secure.

Don't ignore operating system updates

Practically every day, some new security flaw is found in the most critical aspect of your business - the operating system on which all your other software runs. While it's a major pain in the butt to apply updates and patches so regularly, especially if you access the web via dialup, it's nonetheless of vital importance not to put off performing these tasks as part of regular maintenance.

Don't wait to be alerted via mainstream media of problems that have been discovered - more often than not, these notifications will be delayed. As a part of your daily routine, it's wise to visit the software vendors' site and keep abreast of any critical security updates.

Anti-virus software used *properly*

Install anti-virus software and ensure that it's regularly updated - this is of the utmost importance. Many times I have come across people who believe that because an anti-virus program is installed, they are protected, yet the last time the virus data file was updated was months or even years ago. Even missing one update could bring down your computer and the business you have struggled so long to build.

Also remember to password protect the settings on the software so no-one else can alter protection levels.

Firewall software

Anti-virus software isn't enough - it's also a good idea to install firewall software which will help prevent unauthorized incoming and outgoing communications from your computer while connected to the Internet. In most instances you wouldn't even be aware that these illegitimate probes and scans of your systems are occurring. Port scanning is *very* common and is carried out with a view to finding weaknesses in your system that can then be exploited.

If you are using Windows XP, then you're in luck as there's already an effective firewall included - but it's not enabled by default.

To activate the firewall in Windows XP:

- Go to "Start"
- Go to "Settings", then "Network connections"
- Select your Internet connection
- Click on "Properties"
- Click on "Advanced"
- Check the box in the "Internet Connection Firewall" section

Email software preview windows

Some viruses, called worms, can infect your system without you clicking on attachments - they can execute in the message preview window. Many worms can cause your sensitive information and documents to be transmitted to millions of people. While the preview window is a handy feature, it's safest to turn it off.

To turn off the preview window in Outlook Express:

- Select "View" on the Menu Bar
- Select "Layout"
- Uncheck "Show Preview Pane"

To turn off the preview window in Outlook:

- Select "View" on the Menu Bar
- Select "Preview Pane" if it's not already greyed out
- You may need to repeat this for each top level mail folder

Consider email filtering services

More and more people are turning to 3rd party solutions for filtering email of spam and viruses as their inboxes become inundated with junk. Email filtering can be very effective in dramatically reducing security risks before the mail even has a chance to be collected by your email software. It not only reduces the risk, but also the amount of time and bandwidth used in retrieving your mail.

Regularly remove spyware

If you and your familiar do a lot of surfing and downloading of shareware software, then it's likely you'll also accumulate your fair share of spyware. Spyware is a broad term applied to software applications that monitor your actions and report them to back to a company.

Some software companies use spyware that is incorporated into their software products to gather data about customers, which is often sold to other companies. An excellent free application for removing spyware can be downloaded from Spybot.

Not using it? - unplug it.

Disconnect your computer from the Internet when not in use. The longer you are connected to the Internet, the more opportunity you give for persons to gain unauthorized access. This is especially the case where your ISP provides you with a static IP, which usually occurs in broadband scenarios.

Audit your computer regularly

If your computer is used by others, carry out regular audits of the software on it and research any software that you discover that you haven't installed yourself. It's safest to make it a policy not to allow any software to be installed without your permission. Spybot  again is a very effective tool for detecting and removing software that may be a security risk

Remember that your anti-virus software, firewalls and email filtering services should always be considered your last line of defense against software nasties - the first line of defense should be you.

Kid's *aren't* all computer whizzes

Monitor your children's computer usage carefully. They may seem to be "experts", but more often than not they will have very little idea of the ramifications of some of their actions whilst on the Internet. Close supervision is especially necessary in chat rooms as these are places where Script Kiddies and other undesirable elements of the online community are very active.

Password issues

If you must store usernames and passwords on your system, ensure they are contained in a document that is password protected. It is safest not to store any passwords on your computer. Don't let Windows "remember" passwords for you. Passwords should always be more than 8 characters long and contain a mixture of numbers and letters.

Logging out

Ensure that you log out of online services properly. Failure to do so can allow others who use your computer to gain access to those services and you can be blamed for their activities.

The fight against viruses, script kiddies and other online parasites isn't getting any easier for those of us involved with ecommerce; and as the years go by, more and more of our time and money will be spent on dealing with the darker side of the web.

Beware of phishing

What is phishing?
Phishing is a type of deception designed to steal your identity. In a phishing scam, a malicious person tries to get information like credit card numbers, passwords, account information, or other personal information from you by convincing you to give it to them under false pretences. Phishing schemes usually come via spam e-mail or pop-up windows.

How does phishing work?
A phishing scam begins with a malicious user who sends out millions of fraudulent e-mail messages that appear to come from popular Web sites or from sites that you trust, like your bank or credit card company. The e-mail messages, and the Web sites they often send you to, look official enough that they deceive many people into believing that they're legitimate. Believing that these e-mails are legitimate, unsuspecting people too often respond to the e-mail's requests for their credit card numbers, passwords, account information, or other personal information.

A scam artist might put a link in a fake e-mail that appears to go to the legitimate Web site, but actually takes you to a scam site or even a pop-up window that looks exactly like the official site. These copies are often called spoofed Web sites. Once you're at one of these spoofed sites or pop-up windows you might unwittingly enter even more personal information that will be transmitted directly to the person who created the spoofed site. That person can then use this information to purchase goods, apply for a new credit card, or steal your identity.

5 ways to help protect yourself from phishing
Just as they do in the physical world, scam artists will continue to develop new and more sinister ways to trick you online. But following these five steps can help you protect your personal information.

1. Never respond to requests for personal information via e-mail or in a pop-up window. If in doubt, call the institution that claims to be the sender of the e-mail or pop-up window.

2. Visit Web sites by typing the URL into your address bar.

3. Check to make sure the Web site is using encryption.

4. Routinely review your credit card and bank statements.

5. Report suspected abuses of your personal information to the proper authorities.


Step 1: Never respond to requests for personal information via e-mail

Microsoft and most legitimate businesses will never ask for passwords, credit card numbers, or other personal information in an e-mail. If you do receive an e-mail requesting this kind of information, don't respond. If you think the e-mail is legitimate, contact the company by phone or through their Web site to confirm. See Step 2 for the best ways to get to a Web site if you think you've been targeted by a phishing scam.

Step 2: Visit Web sites by typing the URL into your address bar

If you suspect that an e-mail from your credit card company, bank, online payment service, or other Web site you do business with is not legitimate, don't follow the links to the Web site from an e-mail message. Those links may take you to a spoofed site that might send all the information you enter to the scam artist who created the site.

Classic examples are Phishing emails that claim to come from Ebay and Paypal
Even if the address bar displays the correct address, don't risk being fooled. There are several ways for hackers to display a fake URL in the address bar on your browser. Newer versions of Internet Explorer make it more difficult to spoof the address bar, so it's a good idea to visit Windows Update on a regular basis and update your software. If you don't think you'll remember to update or if you prefer to have the updates downloaded automatically, you may be able to configure your computer for Automatic Updates.  Windows Automatic Updates.

Step 3: Check to make sure the Web site is using encryption
If you can't trust a Web site by the address bar, how do you know it's likely to be secure? There are a few different ways. First, before you enter any personal information, check to see if the Web site uses encryption to transmit your personal information. In Internet Explorer you can do this by checking the yellow lock icon on the status bar as shown in the following illustration.
Secure site lock icon. If the lock is closed, then the site uses encryption.

This symbol signifies that the Web site uses encryption to help protect any sensitive personal information-credit card number, Social Security number, payment details-that you enter.

Double-click the lock icon to display the security certificate for the site. The name following Issued to should match the site you think you're on. If the name differs, you may be on a spoofed site. If you're not sure whether a certificate is legitimate, don't enter any personal information. Play it safe and leave the Web site.

To find out more ways to determine if a site is safe, read How Internet Explorer Keeps Your Data Safe.
 



Step 4: Routinely review your credit card and bank statements
Even if you follow the three steps above, you may still become a victim of identity theft. If you review your bank statement and credit card statements at least monthly, you may be able to catch a scam artist and stop them before they cause significant damage.

Step 5: Report suspected abuses of your personal information to the proper authorities
If you feel you have been a victim of a phishing scam, you should:

Immediately report the scam to the company that's being spoofed. If you're unsure how to contact the company, visit the company's Web site to get the correct contact information. The company may have a special e-mail address to report such abuse. Remember not to follow any links in the phishing e-mail you received. You should type the known Web site address for the company directly into the address bar in your Internet browser.

[41.w4r10r]

nice tips posi

[d3c0d3r]

nice tips bro

[gαмєя]

Nice tips bro
TFS   

[...::[ SONiC ]::...]

great work ÞاÎT®ØN