Posts Tagged ‘identity theft’

Web 2.0 sites that enable people to create content are increasingly used to carry out a wide range of attacks, according to a new security study.

Websense’s State of Internet Security” (PDF), released Tuesday, notes that attackers are focusing their attention on interactive Web 2.0 elements. Some 95 percent of user-generated comments on blogs, message boards, and chat rooms are either spam or contain malicious links, the security vendor warned.

“The very aspects of Web 2.0 sites that have made them so revolutionary–the dynamic nature of content on the sites, the ability for anyone to easily create and post content, and the trust that users have for others in their online networks–are the same characteristics that radically raise the potential for abuse,” Websense said in its report.

Web 2.0 sites, the company added, comprise “many” of the most visited sites on the Internet. The top 100 most visited Web properties, tended to be classified as social-networking or search sites. Nearly half, or over 47 percent, of the top 100 Web sites support user-generated content.

Source and full story at: news.cnet.com

Remember folks, you can’t rely solely on your anti-virus and spyware scanners any more if you use “Web 2.0″ enabled websites, you’ll also need to depend upon some good old common sense.

Some basic rules to follow:

• Be aware of what exactly you’re giving permissions to in your browser.
• If you’re required to download a plugin make sure that it comes from a reliable source.
• Double check the web address: Are you sure you’re entering your details into the site you want to? Phishing (login detail theft) is more prevalent than ever and can lead to identity theft. So while the site you’re on looks like your banks, Facebook or your web email is it really the official site? If unsure it’s always best to be paranoid than not. Copy the web address and email their support folk. It’s better than losing your account.
• If you suspect an application is not what it appears to be – go with your gut. First impressions are usually correct.
• If you can’t “block” the application then alarm bells should be ringing.
• … and finally; Don’t believe everything you read. A lot of online “scanners” are not what they appear to be and are in fact malware. If you’re intent on using an online scanner then use an established and trusted online scanning source.

So it’s not as scary out there as some make out but as long as you take a few precautions. Scanners will do their best to keep you safe but they can take awhile to recognise.

Increase your knowledge of what can and can’t happen and your browsing experience will stay healthy and happy.

Australians are being encouraged to take some simple steps to improve their online security as part of National E-security Awareness Week.

“Being more secure online can be as simple as getting a better, stronger password and updating it twice a year,” the Minister for Broadband, Communications and the Digital Economy, Senator Stephen Conroy said.

“No-one wants to lose their bank details to criminals or fall victim to an online scam and that’s why it’s important that people understand the simple steps they can take to stay smart online and protect their personal information.”

National E-security Awareness Week aims to inform Australians about the importance of e-security and highlights the simple steps people can take to protect their personal and financial information.

The week involves a range of events designed to promote the stay smart online message. This includes Change your Password Day today.

Five simple tips for improving e-security:

• Get a better, stronger password and change it at least twice a year.
• Get security software, and update and patch it regularly.
• Stop and think before you click on links or attachments from unknown sources.
• Information is valuable. Be careful about what you give away about yourself and others online.
• Visit www.staysmartonline.gov.au for more information and to sign up for the email alert service.

“Australians are increasingly using the internet in their everyday lives, doing their banking, shopping, communicating with friends and family and running their businesses. This activity will only increase as we rollout the National Broadband Network,” Senator Conroy said.

“I would like to encourage all Australians to take these simple steps to being more secure online, starting with updating their passwords.”

The Attorney-General, Robert McClelland, emphasised that a partnership approach to e-security is critical.

“Business and government are facing an increasing range of sophisticated threats to their internet connected systems and government, businesses and individuals all have an important role to play in ensuring Australia has a robust e-security environment,” Mr McClelland said.

National E-security Awareness Week highlights a shared responsibility for e-security as the Australian Government partners with more than 30 major organisations from the ICT industry, commercial business, state and territory government agencies and the community.

“I’d like to acknowledge the fantastic support of our partners who are participating this coming week and encourage everyone to take part in the activities and events on offer throughout the week ahead,” Senator Conroy said.

Information on National E-security Awareness Week activities and the alert service is available on the Australian Government’s e-security website www.staysmartonline.gov.au

Security vendor Trend Micro’s UK and Japanese Web sites were hacked last week; attackers managed to inject malicious iFrames into their “virus encyclopaedia” pages.

Trend Micro’s chief technology officer for Internet content security, Dave Rand, told ZDNet.com.au sister site ZDNet.co.uk on Friday that the company was investigating the attack.

“It was an iFrame-injection attack, which redirected users to a malicious site,” said Rand. “We’re still in the process of working on the details of how, why and what.”

Security vendor Sophos said in a blog post that users stood a chance of being infected with a Trojan downloader, although Trend Micro could not confirm that claim, as the incident was still under investigation.

Source: http://www.zdnet.com.au/

The above story highlights just how vunerable everyone is to possible PC infection. Trend Micro have some of the highest trained and skilled employees available and yet even they eventually fell victim.

Are you safe?

If you have doubts as to how safe your systems and data are contact Big Rock Graphics today and we can consult on your protection. Data protection is no joke and is vital for your business operation. Email us now and protect your income.