Motley cabal of online hacker and librarians. All about online hacking and more ...

Posts by blogadmin

Online Hacking Threat More Pervasive than Ever

Feb17
2012 Leave a Comment Written by blogadmin

 Online hacking, cybercrime, cyber terrorism… these words evoke images of credit card numbers and personal identity details  being stolen from massive electronic databases. At most, the imagination stretches to massive DDoS attacks by online hacking organizations such as Lulzsec and Anonymous.

Online Hacking Threat: A Denial of Service Attack on our Most Basic Needs

Online Hacking Threat More Pervasive than EverScary as those scenarios may be, they pale next to the actual possibilities. Picture how dependant your life is on electric power; from illumination and food storage, every basic amenity of modern life runs on power. The lay person has no idea just how vulnerable our daily water supply, power stations, and gas supply lines are to an online hacking attack. And these attacks are very much a real possibility.

Ill-prepared and Under-informed for an Online Hacking Armageddon

Figures reveal that the Homeland Security Department received and acted upon nearly 116 requestedIn 2010 the Homeland Security Department responded to only 116 requests for assistance from its Control System Security Program cyber experts. By September of 2011 there were 342. All of these attacks didn’t originate domestically, either. On Nov. 8 an IP address originating from Russia attacked an Illinois based water utility company, managing to control a Supervisory Control And Data Acquisition system, resulting in a burnout of the associated pump. These types of real world results to online hacking attacks are not unknown. In 2007 an online hacking attack on a diesel generator caused it so self destruct.

At this time, companies in the sights of these types of online hacking attacks can only prevent between 67% and 76% of these types of attacks. They could prevent more but there’s one thing holding them back: money. Right now these companies spend $5.3 billion on protection against online hacking and other cyber attacks. To reach a 95% prevention rate they would have to increase that amount to more than $46 billion, an increase they say their customers won’t approve.

With the very real and national threat posed by online hacking, some would like the government to step in and foot the bill for these improvements. Others may think that this is a private sector issue and the government need not intervene. However, the decisive battles of the next major may very well be fought by cyber-warriors on computer screens rather than surgical commando strikes deep within enemy territory. The question is, are we up to countering the threat of online hacking that goes beyond mere pranks?

Posted in Hacking News, Online hacking - Tagged ,

The Phishing Threat & How it is Used for Online Hacking

Feb10
2012 Written by blogadmin

You must be familiar with the term phishing, or phishing scam. It is an online hacking attack where an individual involved in online hacking tricks a victim into giving away secret information such as log-in details, financial data and so on, without the latter realizing the true nature of the scam.

So you can understand the potential use of phishing to online hacking criminals who wish to perpetrate identity theft. Online Hacking:Phishing The term itself originates from phone phreaking, a word that traces its way to early hacking incidents reported in the media and identity theft cases. Though based on a simple underlying concept, perpetrators can weave an elaborate con aimed at ‘phishing’ the identity details of a target. These may then be used to mail bomb another target, other online hacking activity or even to access the target’s financial data.

Online Hacking: How Phishing Scammers Operate

Phishers try to con you into providing them with sensitive info such as email/ login data, which they can then put into their nefarious online hacking skills and use it to make money out of the system.

One very vulnerable target for phishers is your PayPal account. PayPal is a web-based payment processing system that lets you transfer money to and from your PayPal account with your credit or debit card, thus avoiding the risk of revealing your credit card details to every e-commerce website you shop at.

This does make PayPal a particularly meaty target for online hacking. If you wanted to take money out of other people’s PayPal accounts, all you would really need is their email address and password. Then you sign in to their account, and send the money to an account you have set up.

What phishers will do is email PayPal customers with an email that looks like an official email from PayPal. It will have the PayPal logo and format and will look exactly like official PayPal emails to customers. It may even come from an address that looks like PayPal’s official website. It will go on to say it is a random security check or some other technical procedure and that you are required to type in your user name and password. It will then thank you and say the check or whatever other scheme it claims to be is complete. In the meantime, the phisher will have your password and can clear out your account.

While this is a basic example, there are countless variations of increasing complexity that will be used to try and entice customers to give out bank account details, credit card details or other sensitive information. It can often be next to impossible for the average customer to detect that the email or website is not the official one of the company it is supposed to be from and they are therefore very dangerous.

Any suspect email that has even a remote possibility of being a phishing attempt must be immediately notified to the concerned party that is being mimicked; often your bank or credit card company or PayPal account. You need not be a Sherlock Holmes to spot such a scam: no bank or payment processor would ask for your password in an email, so if a purported bank or bank employee requests such information then its time to hit the panic button.

Keep watching this online hacking weblog for the  latest online hacking news.

Posted in Online hacking, Phishing Spam, Spam - Tagged , ,

Malware Protection Tips for the Home User

Feb02
2012 Leave a Comment Written by blogadmin

You don’t need refer to an online hacking weblog to know that it makes sense to invest in malware protection software. The information superhighway that is the internet is a Wild West unto itself in more ways than one; users have always come out chased by hounds.

To begin with, a wide variety of threats, namely online hacking, virus infection, malware infestation etc. stalk any computer user connected to the internet. Malware ProtectionMost new computer systems are accompanied by bundled anti-virus and malware protection software applications. An alarming trend, however, is that a large number of users choose to neglect the very importance aspect of malware protection and end up exposing their computers to the risk of infection once these bundled applications exceed their validity period and need renewal.

Malware Protection : Nip the Risk in the Bud

Failing to install a firewall, forgetting to update the anti-virus software and clicking on suspicious links, apart from poor malware protection efforts, are among the many unhealthy surfing habits of a majority of netizens. Some are not even aware of the nuisance of adware, or the threat posed by spyware.

Not every site you visit will be a safe place. Not every email you receive will contain safe information. Many viruses enter a website when users visit certain websites (predominately pornographic sites). These viruses can also come from certain emails. Keeping these things in mind and ensuring correct surfing habits are the best malware protection you can get; the software applications come in only as a second line of defense.

Programmers of viruses and other malware have written extremely destructive and devious code; some can even disengage the anti-virus software. This may happen even with paid anit0virus software. What’s important is, that the malware virtually has the run of the system now and can wreak havoc on your files.

This was a very rare case, but if you want adequate malware protection, then you must ensure that you check regularly for updates and scan your computer for viruses everyday, which is something that you can tell your anti-virus software to do automatically by scheduling it in advance.

Other Methods of Malware Protection

The use of a spyware extractor like Ad-Aware can help alleviate chances of browser hijacking and to remove all data-mining files from your hard drive. Many sites will add these features to your computer when you visit their website, they gather data on your personal site visitation and apparent preferences.

Not only can this be personally intrusive but it can also slow your computer down and may result in a significant amount of unwanted emails.

Your hard drive is more important that just a hunk of silicon and electronic boards, especially more so if you use it for business; the data is priceless. You can’t afford to have your computer offline while you deal with the devastating effects of a computer virus, online hacking or deleted files? Hence, if you use your computer to store office files, or if you’re a freelancer using the computer as a workstation, you should know how vital malware protection software and other security measures are.

Keep watching this online hacking weblog for more information on malware protection.

Posted in Malware, Online hacking, Security Software - Tagged , , ,

The Emerging Threat of Cyber Terrorism

Nov27
2011 Leave a Comment Written by blogadmin

The term cyber terrorism is becoming increasingly common, which you’ll observe on reading any online hacking weblog. Still, a solid definition of the word seems hard to come by. While the phrase is loosely defined, there is a large amount of ambiguity in what exactly constitutes cyber terrorism. In the post September 11 world, this is somewhat disconcerting.

A New Weapon: Cyber Terrorism

The Emerging Threat of Cyber TerrorismIn an attempt to define cyber terrorism more logically, a study is made of definitions and attributes of terrorism and terrorist events. From these attributes a list of attributes for traditional terrorism is developed. This attribute list is then examined in detail with the addition of the computer and the Internet considered for each attribute. Using this methodology, the online world and terrorism is synthesized to produce a broader but more useful assessment of the potential impact of computer savvy terrorists. Most importantly, the concept of ‘traditional’ cyber terrorism, which features the computer as the target or the tool is determined to be only a limited part of the true risk faced.

Cyber terrorism has been quite a game changer for the way we build our online defences. In particular, the breadth of the issue poses significant questions for those who argue for vertical solutions to what is certainly a horizontal problem. Thus, the validity of special cyber terrorism task forces that are disconnected or loosely connected with other agencies responsible for fighting the general problem of terrorism is questionable and a broader, more inclusive method more likely to be effective.

Defining Cyber Terrorism

It is difficult for people to come to a consensus regarding what exactly cyber terrorism is. When the people in question are computer security experts who’d be  the architects of our defenses against cyber terrorism, this discrepancy goes from mere annoying to worrisome. When these 10 people represent varied factions of the governmental agencies tasked with protecting our national infrastructure and assets, it becomes a critical issue. However, given the lack of documented scientific support to incorporate various aspects of computer-related crime into the genre ‘cyber terrorism’, this situation should not be surprising.

Despite copious media attention, there is no consensus methodology by which various actions may be placed under the nomenclature ‘cyber terrorism’, yet the term clearly exists in common usage.

However, the reality is that the reader, solution provider, or defender is often left to his own devices as to what the term actually means and thus what solutions should be created (or implemented). When a government’s or corporation’s entire infrastructure may be at stake, subjectivity is useful but may not be the best evaluative tool.

At the same time, research of this phenomenon shows that cyber terrorism cannot easily be defined. This creates a Catch-22 situation: the thing cannot be defined — yet without defining it, one cannot ‘know’ what it is one is fighting and hence come up with a good solution. Furthermore, even when there is an operational agreement on terms, if an attack/security event does not fit into one of the (often narrowly defined) categories, funding (and as a result investigation or technical remedy) may not be forthcoming.

That’s all for now, but keep reading as we’ll continue to update you with more details on online hacking in future posts, with a particular focus on cyber terrorism.

Posted in Hacking News, Malware, Online hacking - Tagged , , , ,

Leading Internet Security Firm Says State Actor Behind Coordinated Online Hacking Campaign

Nov20
2011 Leave a Comment Written by blogadmin

According to an August 2011 study on online hacking by cyber security software company McAfee, networks of nearly 72 organizations including the UN, governments and companies across the world have fallen victim to online hacking attacks since 2006. Besides making this sensational revelation on online hacking, McAfee has also stated that there was a “state factor” behind the online hacking attacks. However, the company shied away from identifying that factor more concretely, leaving a lot of gaps to be filled in by the wild imaginings of online hacking conspiracy theorists.

Online Hacking Weblog: The Victim Parade

McAfee says in a release that a number of organizations which includes the governments ofLeading Internet Security Firm Says State Actor Behind Coordinated Online Hacking Campaign the US, India, South Korea, Vietnam, Canada and Taiwan, as well as groups such as ASEAN, IOC, WADA and several high-tech enterprises have fallen prey to a concerted, coordinated five-year online hacking campaign that was far from random, and was orchestrated as part of a larger, deeper strategy targeted at these governments.

McAfee had notified all 72 victims of the attacks, which are under investigation by law enforcement agencies around the world.

McAfee revealed in its report that the hackers managed to steal data from the computer networks of the UN Secretariat in Geneva for nearly two years. McAfee learned of the extent of the online hacking campaign in March this year, when its researchers discovered logs of the attacks while reviewing the contents of a “command and control” server that they had discovered in 2009 as part of an investigation into security breaches at defense companies.

Discovering Operation Shady RAT

McAfee discovered what it calls as Operation Shady RAT, which was used by the intruders for hacking into the online systems. The company then collected logs that revealed the huge volume of cyber attacks since mid-2006.

According to sources within McAfee, the enormous diversity of the victim organizations and the audacity of the perpetrators was disconcerting even for the seasoned cyber security professionals who’re part of McAfee’s threat research team.

McAfee says in its report that as many as eight organizations were victims of online hacking in 2006. The number increased to 29 by 2007. The number of victimized organized continued to increase in following years as it peaked at 38 in 2009 before a slump in online hacking activity. The slump was perhaps due to the widespread availability of the online hacking countermeasures for the specific intrusion indicators used by this specific perpetrator.

What is happening to all this data obtained through online hacking is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook through online hacking), the loss represents a massive economic threat.

Some of the attacks lasted just a month, but the longest—on  the Olympic Committee of an unidentified Asian nation—went on and off for 28 months, according to McAfee. A McAfee spokesperson further made an as yet unsubstantiated claim that this was the biggest transfer of wealth in terms of intellectual property in history. There’s certainly no doubt that the scale at which this is occurring is disturbing.

Is China Behind the Online Hacking Attacks?

Responding the report, cyber security experts with the Center for Strategic and International Studies stated their belief that it is China that is behind the online hacking campaign, which they claim is indicated by the fact that most of the stolen information was of particular interest to China.

The systems of the IOC and several national Olympic Committees were breached before the 2008 Beijing Games. And China views Taiwan as a renegade province, and political issues between them remain contentious even as economic ties have strengthened in recent years.

This claim was not commented on either by McAfee, or any representatives of the Chinese government. Concerns regarding the report and its potential effects have been escalated to a level where they have come to the attention of UNO, which has started as investigation into the matter.

A Pentagon spokesperson, Air Force Lieutenant Colonel April Cunningham stuck to the official version that the attackers are as yet unidentified. However, Cunningham has also stated that the Department of Defense has already reported to the Congress in 2010 regarding the active pursuit of cyber capabilities initiated by China, with an aim to ex-filtrate sensitive information of a strategic or military utility.

McAfee had published this report earlier this year to coincide with the commencement of the annual Black hat conference in Las Vegas, a confluence of cyber security professionals with a focus to fighting online hacking and cyber crime.

Posted in Hacking News, Malware, Online hacking - Tagged ,

Online Hacking Weblog: Malware Threat that Sneaks in through Facebook Images

Nov14
2011 Leave a Comment Written by blogadmin

Imagine this online hacking scenario: someone stealing information from your computer while you are uploading an image on Facebook. Scary, yes. Implausible? Think again; it may sound like its coming from a cyberpunk tale, but it’s quite possible with the latest online hacking techniques.

A collaborative effort between researchers from the University of Illinois at Urbana-Champaign and the Indraprastha Institute of Information Technology in New Delhi, India Online Hacking Weblog: Malware Threat that Sneaks in through Facebook Imageshave come up with “Steganobot”, a new generation botnet, which attaches itself to Facebook profiles and gains access to the user’s confidential data such as e-mail passwords while uploading Facebook pictures. The researchers said that Stegobot was developed to show how easy it could be for a hacker to exploit Facebook photos upload feature to sneak into the user’s computer.

Botnet Malware: Online Hacking Evolution

Malware is an extremely serious threat to modern networks. In recent years, anew form of general-purpose malware known as bots has arisen. Bots are unique in that they collectively maintain communication structures across nodes to resiliently distribute commands and data through a command and control (C&C) channel. The ability to coordinate and upload new commands to bots gives the botnet owner vast power when performing online hacking activities of a criminal nature, including the ability to orchestrate surveillance attacks, perform DDoS extortion, sending spam for pay, and phishing.

The evolution of botnets for online hacking has primarily been driven by the principle of `whatever-works’. Early botnets followed a centralized architecture. However, the growing size of botnets led to scalability problems. Additionally, the development of online hacking defense mechanisms that detect centralized command-and-control servers further accelerated their demise. This led to the development of a second generation of decentralized botnets.

Meet Steganobot: New Botnet developed to Study Future Online Hacking Threats

Stegobot initially gains access to computers through the usual channels such as infected attachments or directs to malware-laden content. After gaining access, Stegobot applies a technique called “steganography” to conceal data in the image files without affecting the picture’s appearance.

Online Hacking Malware: Streganobot

Topological Diagram of Steganobot

The botnet incorporates the information into any image you are uploading on Facebook. And then it waits for one of your friends to see your profile. Stegobot can then infect your computer even if your friend has not clicked on the corrupted image. In case your friend is also infected with the botnet, then any photo they upload will also pass on the stolen data. And the relaying of the data can eventually land into the hands of a botmaster, who will be then able to access your identity.

The study focuses on the development of a decentralized botnet based on a model of covert communication where the nodes of the network only communicate along the edges of a social network. This is made possible by recent advances in malware technologies. Social malware refers to the class of malware that propagate through the social network of its victims by hijacking social trust. Instances include targeted surveillance attacks on the Tibetan Movement and the non-targeted attack by the Koobface worm on a number of online social networks including Facebook.

By adopting such a communication model, a malicious network such as a botnet can make its traffic significantly more difficult to be differentiated from legitimate traffic solely on the basis of communication end-points. Additionally, to frustrate defense efforts based on traffic flow classification, Steganobot’s development team intends to explore the use of covert channels based on data concealment techniques. What if criminals used steganographic data hiding techniques which exploit human social behavior patterns in designing botnets? Would it be possible to design such a botnet? How would it be superior to existing botnets, and where would it be inferior to the same? These are some of the questions this study hopes to answer in this paper.

The research related to Stegobot is quite significant as this online hacking threat is virtually undetectable. Of late we have seen a spate of online hacking across the world. Whether it has been a government website or the IMF network, everything online seems vulnerable. Online hacking techniques such as botnets have only strengthened the contemporary need for more secure and foolproof methods to safeguard online identity. For continued updates about malware protection and safe web behavior, keep reading our online hacking weblog.

Posted in Ethical Hacking, Hacking News, Online hacking, Online Privacy - Tagged , , ,

Ethical Hacking: Facebook Offers Bounty for Detecting Bugs

Nov08
2011 Leave a Comment Written by blogadmin

As you’d have guessed from the previous posts about ethical hacking on our online hacking weblog, Over the past few months, Facebook has been running a bounty program of sorts aimed at rewarding white hat hackers for detecting security holes in the site.  At last count, Facebook had shelled out nearly $40,000 within the first three weeks of this program; if nothing else, this little piece of statistic does illustrate the merits of outsourcing your website’s cyber security jobs to freelance ethical hackers

Bug Bounty: Facebook Pays You for Ethical Hacking

Ethical Hacking: Facebook Offers Bounty for Detecting BugsThe objective of the “bug bounty” program is to encourage cyber security experts to help ramp up Facebook’s security against online hacking attacks. Facebook has already paid above $7,000 for detecting as many as six serious bugs in the site. The social networking company is running the ethical hacking program alongside its other measures to ward off internet-based threats to the site.

Facebook chief security officer Joe Sullivan has revealed some details of the ongoing bug bounty program in a blog post. He said in the post that the ethical hacking had helped make Facebook more secure by revealing “novel attack vectors, and helping us improve lots of corners in our code”. Sullivan revealed that the minimum sum paid for bug detecting is $500, which can be extended up to $5,000 depending upon the seriousness of the loophole detected. Facebook has already shelled out the maximum bounty once.

Sullivan adds that Facebook’s White Hats initiative has received positive response worldwide. He goes on to describe how Facebook received applause on launching their responsible disclosure policy last year, in which Facebook told ethical hacking researchers that they had the freedom to report the bugs in accordance with the policy without fearing adverse action by Facebook.

Turning to Ethical Hacking to Counter Rising Threats

Facebook’s bug bounty program comes in the backdrop of escalating threats to the social networking site from cyber criminals and vandals. According to reports, Facebook has been a prime target of the cyber criminals and that they are looking out for different ways to extract confidential and useful information from Facebook users and promote spamming on the site, necessitating the move to harness ethical hacking talent from the world over.

Facebook has apparently gone extra mile by inviting bug hunters to ensure site’s safety. Reports have claimed that Facebook is now in talks with third party institutions which are ensuring that the company’s privacy policy also covered the white hat ethical hacking researchers.

Researchers from more than 16 countries have successfully submitted bounty bugs, Facebook said. Its public “thank you” list names dozens of ethical hacking contributors.

That will be all for now, but we’ll continue to feature more news articles on ethical hacking on our online hacking weblog.

Posted in Ethical Hacking, Online hacking - Tagged , , ,

Anonymous Denies Involvement in Indian Army Online Hacking Incident

Nov01
2011 Leave a Comment Written by blogadmin

If you regularly follow any online hacking weblog, the name Anonymous wouldn’t be unfamiliar. They’ve been in the news for all the wrong reasons, even though they are wont to justify their actions by citing certain motivating factors.

Anonymous Denies Hacking Indian Army SiteThere has been some online hacking activity recently, however, that has put even this daring group of civil disobedience activists in the denial mode. Recently, hackers claiming to be from the infamous activist group Anonymous (known for several online hacking attacks) hacked into a Government of  India, GoI for short, website to express their support the ‘India Against Corruption” movement in the country. Obviously, this misguided group claiming to be the Indian chapter of Anonymous seem to believe that their actions are somehow contributing positively to the movement. It is hard to understand how targeting the government websites with online hacking attacks will help the cause. Now, after having seen a spate of attacks on Indian websites, and promises for more, India seems to be a big target on the hit-list of hackers of global notoriety. Though none of the hacks have so far proved to be too damaging, concerns on level of Internet security in the country have grown sharply.

Online Hacking Weblog: The Attack Backfires

The ‘Anonymous’ hackers group also hacked the Indian Army website but quickly retracted after a lot of outraged Indians flooded the Facebook and Twitter pages of Operation India with angry responses to the online hacking attack. Soon after the event, the Facebook and Twitter pages for Anonymous India were removed – a move that took everyone by surprise. It is also not clear whether the move was taken by the online hacking group or the social networking sites were too involved into it.

Things became more confusing after a message, purportedly from the ‘real’ Anonymous, posted on PasteBin said that Anonymous did not launch any online hacking attacks against the government sites but that it was someone else misusing its name.

Here’s excerpt of the message:

“It has come to our notice that some of the Indian hackers and their groups are taking the undue advantage of the situation and the name and platform of Anonymous” “You targeted organizations and other Indian Government properties to settle your own issues and you used the name Anonymous for personal benefits. By doing all this activities, you have not only hampered the image of Anonymous but you all are responsible for the damage caused to #OpIndia.”

Other Online Hacking Attacks

Other than the blame game and discussing who is responsible for the menace, focus should remain on the factors leading to such events. The recent breach of computer networks of International Monetary Fund (IMF) apparently shows the vulnerability of Internet communication across the world. Even after intensification of security, such hacking events are the on rise. Famously, companies like Sony and Citigroup were not spared either. Many will agree increasing online hacking attacks have raised the risks of critical and private data getting out in public. Anonymous India or whosoever it was justified hacking the government website in the name of the anti-graft movement. And then it follows that up with the online hacking attack on the Indian Army website. It is very hard to relate the two acts of online hacking, as they don’t seem to have been done with the same intentions.

Posted in Hacking News, Online hacking - Tagged , ,

Need for Change to Tackle Online Hacking

Oct17
2011 Leave a Comment Written by blogadmin

The need for better education on online hacking and cybersecurity on all levels is now acknowledged by many IT security experts and even government officials, but it seems that nobody quite knows where to begin.

A paper published by Chatham House last month found that “there was considered to be Need for Change to Tackle Online Hackingan absence of an authoritative ‘rich picture’ that could help to develop a more comprehensive and urgent sense of the online hacking threats that need to be tackled.”

The UK Cyber Security Strategy has recently been put back to later this month, in order to attempt to create links between government and law enforcement groups.

Online Hacking Weblog: Tackling Hacking with Education

Virtually everyone acknowledges the dangers of online hacking and related cybercrime, but few, if any, have a clear idea of what to do.

There exists a need to educate from the bottom up and a strategy must be reached to protect the national infrastructure.

With online hacking crimes against individuals still on the rise, there is also an ongoing danger to corporations and government, especially from botnets.

However, it is a mammoth task to change the surfing habits of users and the gaps in the understanding of company leaders and their ICT departments.

Although awareness of the affects of cyber crime is growing, “there is still limited understanding of the nuances of the debate”.

Governments all over the world recognize that they can’t change things by themselves and so there is a need for private and IT security companies to get involved too.

However, research and funding in the area of cyber security to counter online hacking is still sadly lacking in both the public and private sector, although it is recognized that more is needed.

This can be addressed within organizations by identifying future threats and budgeting accordingly.

It is more important now than ever that corporations understand the risks and allocate funds and implement plans in order to tackle the problem.

Online Hacking Weblog: Re-engineering Social Web Behavior

On a societal level, greater public awareness about online hacking needs to be achieved and this can be done by first of all ensuring more understandable terminology.

The problem with addressing society as a whole is that it is made up of such a diverse mix of people.

Not only does information have to be accessible to everyone, but it needs to be put across in such a way that gives it “value” to people.

One of the key areas to address is modifying human behavior, because humans, not computers, can be the weakest link in defense against online hacking, say cyber crime experts.

The cyber crime industry has thrown posters, mug mats and beseeching hope at a problem that needs, what behavioral scientists call, ‘choice engineering’. The difficulty in getting both companies and individuals to adopt good security practices is recognized. A more fundamental cultural change may be necessary to drive large-scale transformation in cyber security outreach and online hacking awareness. Whilst awareness surrounding the issues is improving in both government and organizations, this isn’t in any uniform manner and there still exists a basic lack of understanding about the threats of online hacking and in many cases, inadequate response measures are being put in place. Additional work is also needed on improving the culture of cyber security at the societal level, with clearer guidance on what it means to be a ‘good netizen’.

Progress towards improving this culture would serve to establish a kind of immunity to the most widespread and common threats, while also educating a broad group of users about emerging online hacking threats.

Posted in Hacking News, Online hacking - Tagged , , ,

Online Hacking: Using Your Credit Card Online

Oct11
2011 Leave a Comment Written by blogadmin

Online hacking of credit card information is an abomination arisen out of a phenomenon that has otherwise done only good for the betterment of mankind.

Purchasing products and services on the internet using credit cards has always been dicey for most people since the early days of the internet. While the internet has evolved, bringing new and improved security measures, the danger of online hacking still lurks. And the trouble with online hacking is that the perpetrators of online hacking are always a step ahead; they discover a fault or a security hole in a system and exploit it to gain unauthorized access to information. When the fault is discovered, they are filled up, leaving online hacking experts to look for other fault lines; and they usually do find them.  When it comes to online usage of credit cards, the ramifications of identity theft, even without considering the potential financial loss, are huge. Your credit card leaves an electronic trail of purchases and anybody stealing the credit card details could effectively be using it for something illegal in your name. Online Shopping With Credit Card

The situation might seem hopeless and you may think that there’s not much you can do short of vowing never to use your credit card online, but that is drastic, unnecessary and inconvenient. Sure, some online merchant sites have other payment options too, but the credit card still remains the most widely offered option. Not using a credit card online is likely to prevent you from availing the awesome deals and sales you can participate in on the internet shopping sites. There are, however, ways and means to improve your defenses against online hacking.

Protecting your Credit Card Information from Online Hacking

The first thing you need to check, when shopping online with a credit card, is to ensure that you’re always on a secure page. Online merchant sites often use a high level of on-page encryption to render their pages secure, so that the sensitive information your provided may not be intercepted. This, however, is unlikely to protect you if you have malware such as keyloggers installed on your system, which is one way that perpetrators of online hacking gain your information. Therefore, using anti-virus as well as anti-spywate software is essential. Another trick that you may be subjected to is through phishing emails. It works like this: you get an email that seems to be from your credit-card company or bank, and everything looks like the real deal. The mail would request you to click on a link which would also look a genuine page of the bank or credit card company. This page, however, is a phishing page, one way of online hacking, that would ask you for your password, credit card number or some other sensitive detail (and you wouldn’t suspect a thing because it seems natural for the page to ask this information). This method of online hacking literally tricks you into giving away your own details. So be careful of any email claiming to be from your bank-salsh-credit card company-slash-online payment processor; doubly so if it contains a link to click on. Always access your bank site or any financial transaction site directly by typing the address into your online browser, the old fashioned way.

Virtual Credit Cards to Fool Online Hacking

Using a payment processor such as Paypal is also a good way to protect yourself while shopping with a credit card online. You’re furnishing your information to only one site (Paypal, in this case) which then proceeds to make payments to the sites you do your purchases from, thus limiting risk by limiting online exposure of your data. The downside is that while these payment processors have a good coverage of online merchant sites to provide you the service, there are still an awful lot of sites which wouldn’t be covered by your payment processors. You see, all processors don’t work for all websites or, for that matter, for all geographical locations.

Using virtual credit cards is another alternative to using credit cards online. These cards eliminate the risk involved in your online credit card transactions by giving you single time useable credit card numbers that can only be used online, and only be used once. Contact your credit card company to know more of these facilities that would help you shop online with your credit card.

Keep watching this space for cyber-security tips and tricks to protect yourself from the dangers of online hacking, whether for credit card information or otherwise.

Posted in Malware, Online hacking, Security Software, Web Sematics - Tagged , , ,
« Older Entries
wordpress visitor
© 2011 USRlib.info