Are You Surfing sofely?

Phishing

You might have heard this of term for it floats around often, but do you know what it is, or how to safeguard yourself from it? Phishing, basically, is a scam devised to extract your passwords, your account numbers, your personal data etc. from you. The interesting part is the way they do it- to con you to reveal your information, cybercriminals forge websites or pose as legitimate sources that trick you. For instance, there have been cases when criminals have copied a site from top to bottom so that it looks and feels the same as the original. But it is just a copy through which the username and password that you enter immediately gets into their hands.

Cases of email phishing have been common, even in Nepal. Cybercriminals email you posing as bank officials, asking you to send them your e-banking passwords or pin numbers. Remember: banks never ask you to reply to them via mail, never ask you for passwords or pin numbers or even account numbers; if they appear to be doing so, call the bank, you might be getting duped. To stay safe from phishing sites, the first thing to do is to check the link. If the link begins with an ‘https’, the site is safe; but if it is just ‘http’, it is not secure. Almost all email clients have HTTP Secure (‘https’) and so do e-banking sites. Also, look for the symbol of a lock in the status bar in the bottom right of the browser. Finally, always copy-paste links to the address page because hyperlinks can take you anywhere, and even though the text might say ‘www.hotmail.com’ the hyperlink for it might be for any other website.

Cybercafe Safety

Many of us spend hours every day in cybercafés but forget about taking precautions. Key loggers (softwares that record each keystroke or letter typed into the keyboard) are the biggest threats at cybercafés. Anything that you type might be potentially read by the cybercriminal that might have installed this software. This might include your passwords, confidential emails, chat records-anything that you may have typed.  Because it’s so well hidden, the safest thing to do might be to use the on-screen virtual keyboard (Start>Accessories>Accessibility) while typing your passwords. Anything typed there will not be recorded by the key logger. Another advice: always clear the browsing history from the browser and any cache stored once you are done. You don’t want your browsing history, your Facebook ID and other personal information in the wrong hands.

Facebook

According to the Alexa Rankings, Facebookgets more hits in Nepal than Google, and with the hours many people spend each day, it is very essential to be cautious. Privacy settings are there for a reason, so use it. Allow access only to your friends. We’ve noticed that a lot of people have open profile-a big no-no. Also, limit your Facebook friends to those that you know and trust. Whatever you upload or update on Facebook, will be there to see, and download, for all your friends. If you’re one of those who accepts all friend requests, your photos and information might end up in the wrong hands. Remember, identity thieves and cybercriminals use every piece of information that they can gather against you to either con you or worse, steal your identity. 

Finally, because Facebook does not use HTTP Secure, be very careful while using it in public WiFi hotspots. Anyone with a laptop, Mozilla Firefox and ‘Fire Sheep’, a free add-on can access your Facebook (and Twitter and any other webpage that requires a login without HTTP Secure) password if they’re in the same hotspot.