Internet Safety Tips to Safeguard your WAHM Business Online

Although Internet is booming with opportunities to bring online profits for your WAHM business, you shall take precautions to safeguard your WAHM business online. Based on my experiences, I share some internet safety tips to protect your WAHM business online:

Internet Security Guard. You must install Internet Security Guard to protect your PC. With internet security guard, you can browse safely with firewall protection and you can protect your PC from spam, viruses, malwares,spywares and other threats. Please adjust the setting to scan immediately once you open the computer.  And do buy from the reliable vendor rather than download free from the internet. Some are fake web security guard software that may block you from your access to the internet. You can not even remove the fake program as they penetrate into your program files once installed.

Whois Guard Privacy. If you register domain names for your website or blog, you must give accurate information about your WAHM business or personal information. This includes email, address and contact numbers. Please do add feature Whois Guard Privacy into your domain name. Whois Guard Privacy is to protect your personal details from the public if they want to find out the owner of the website or blog. This is particularly important if you run WAHM business from home. With Whois Guard Privacy, the Whois of the domain will display the domain registration company information instead of your personal details.

SSL or Secure Server Certificates.  This is an added feature for domain name to provide a security and protection for credit card payment transaction. If you sell products in your website or blog without the third party gateway, this is a must have feature.

The SSL (secure sockets layer) is the Web standard for encrypting communications between users and e-commerce sites. Data sent via an SSL connection is protected by encryption, a mechanism that prevents eavesdropping and tampering with any transmitted data. SSL provides business and buyers with the confidence that private data sent to a website, such as credit card numbers, are kept confidential. Buyers know when they have an SSL session with a website when their browser displays the little gold padlock and the address bar begins with an https rather than http. SSL certificates can be used on web servers for Internet security and mail servers.

Use WAHM Business signature wisely. Business signature is a good way to tell people about your business. But you shall take precautions when you use it in your website or blog. You can provide a contact form instead of email so you discourage spammers and you will not receive spam emails often.

The 4 Internet Safety Tips above are to safeguard your WAHM business from spammers and people with ill-intention. It is true Internet brings more exposure for your WAHM business and you shall guard your WAHM business online wisely.

Useful Tips of How to Avoid Internet Security Threats Article Source: http://EzineArticles.com/2486201

In order to avoid internet security threats, you must have internet security software installed on your computer to defend yourself from any such threats. Since internet is being used for various purposes like online shopping, money transfer, banking, etc. If you do not have proper internet security software installed on your computer, hackers may hack into your banking accounts and misuse it

Here are few points you need to keep in mind in order to avoid internet security threats:

Spyware

Spyware are programs that are primarily meant to spy or steal your personal and banking information. Trojans, keyloggers, adware are some of the types of spyware. A lot of online identity theft has been caused all over the world because of spyware. Spyware enter your computer when you download potentially danger software that appears to be a legitimate one. Spyware can steal your password, modify settings on your computer and considerably malign the performance of your computer. Installing and running an antispyware is a must on your computer. Make sure you update it regularly.

Spam and email attachments

There are many websites on the internet that ask you to subscribe by typing in your email address on their websites to receive updates and newsletters. There is a high chance of your inbox getting bombarded with all kinds of emails that may carry potential virus in the form of email attachments. Never open or download an email attachment from any unknown source. It may contain virus

Phishing

Phishing is a process through which hackers steal your highly important information like usernames, password, etc. You will receive an email that will claim to have come from a genuine source and will ask you to open a link that present inside the email; once you click on it you will see a fake login page. The moment you press submit after putting login details, your id will be hacked.

It is also important to install a firewall when you are on a network or connected to the internet to avoid internet security. The above mentioned points can surely help you in achieving safe and secure browsing on the internet.

The author of this article, Silki Garg, has written many high rated articles on Online Security and computer security. She advices on how to avoid Internet Security Threats, virus, trojans, worms and other malware from your PC. Article Source: http://EzineArticles.com/?expert=Silki_Garg

Article Source: http://EzineArticles.com/2486201

Zero-Day Internet Explorer Vulnerability Exploited In Targeted Email Attacks

Zero-Day Internet Explorer Vulnerability Exploited In Targeted Email Attacks

Symantec warns that a 0-day vulnerability, affecting stable versions of Internet Explorer, is being exploited in a sophisticated attack, which targets key people in various organizations.

The attack begins with fake emails posing as hotel reservation notifications. “About the hotel room, please take the attached list for booking [link],” part of the rogue messages read.

The link directs recipients to a page hosted on a compromised, but legitimate website, which checks their operating system and browser version.

Only users running Windows XP and Internet Explorer 6 or 7 get redirected to the exploits. Others are sent to a blank page.

Successful exploitation results in a trojan being installed on the computer. The malware registers itself as a service called “NetWare Workstation” and opens a backdoor.

It reports back to the attackers and downloads encrypted files with commands from a compromised server in Poland.

“Looking at the log files from this exploited server we know that the malware author had targeted more than a few organizations,” Symantec researchers revealed.

“The files on this server had been accessed by people in lots of organizations in multiple industries across the globe,” they added.

Microsoft has confirmed the existence of the vulnerability and has published a security advisory with mitigation instructions.

“Impacted versions include Internet Explorer 6, 7 and 8, although our ongoing investigation confirms that default installations of Internet Explorer 8 are unlikely to be exploited by this issue.

“This is due to the defense in depth protections offered from Data Execution Prevention (DEP), which is enabled by default in Internet Explorer 8 on all supported Windows platforms,” Jerry Bryant, manager of response communications at Microsoft, explained.

Internet Explorer 9 Beta is not vulnerable and the company has since released a Fix It tool to help users apply the workaround until a permanent patch becomes available.

Credit: Softpedia.com News

Coping with online threats

Coping with online threats

Aparna Viswanathan

The Information Technology Act needs to make a paradigm shift, in tune with new developments in the field, in order to protect national interests.

---

India, as an international IT hub, needs to focus on combating the dramatic rise of virus attacks and other cyber crimes

While the IT Act legislates against crimes such as identity theft and phishing, it does not contemplate the tools of modern cyber crime

---

In one of the most shocking and sophisticated cyber attacks to date, hackers reportedly stole at least £675,000 from 3,000 online bank accounts in the United Kingdom recently, using a “Trojan” virus that is to be considered one of the most sophisticated types of malware programs created. In an attack that is reportedly in progress, the computer virus, known as Zeus v.3, swiped the online banking identity of victims as they accessed their accounts, and robbed accounts with a balance of at least £800 while the victims viewed fake statements online. The Zeus v.3 virus renders the two-step authentication procedure of banks consisting of one-time passcodes and ID tokens useless because the malware, once downloaded from an advertisement on a website or an email, lies dormant on the victim's system and records the account number and password each time the victim logs on to his or her banking website. Reportedly, more than 100,000 personal computers in Britain have been infected with various forms of the Trojan virus. The recent acquisition of McAfee by Intel highlights that security is now a fundamental component of online computing. India, as an international IT hub, needs to focus on the issue of cyber security and combating the dramatic rise of virus attacks and other cyber crimes.

According to the latest Monthly Security Bulletin for June 2010 published by the Indian Computer Emergency Response Team (CERT-IN), the cyber security agency of the Department of Technology, Ministry of Communications and Information Technology, 690 Indian websites were defaced during the month, and CERT-IN tracked 39,600 computers that were BOT-infected. In May 2010, websites numbering 831 were defaced, and CERT-IN tracked 2,116,482 BOT-infected computers in India (as per its bulletins for May and June 2010, http://www.cert-in.org.in.) BOTNETS is a parasitic program that hijacks a network and makes other computers act on its instructions. The computers that are thus controlled are known as “zombies” and are key tools in cyber warfare. In other words, as of May 2010, over two million computers in India have been taken over by an external controller and are available to carry out attacks, including acts of cyber-terrorism.

As per CERT-IN monthly bulletins, during the first six months of 2010 a total of 768 security incidents were reported to CERT-IN by national and international agencies. Of these, 259 related to phishing, which is the criminally fraudulent process of masquerading as a trustworthy entity in an electronic communication in order to acquire sensitive information such as usernames, passwords and credit card details. Approximately 141 incidents involved a virus or worm under the malicious code category (malware such as Zeux v.3). The rest involved unauthorised scanning, spam and so on.

While these figures provide evidence the menace of cyber crime, a report titled “Shadows in the Cloud: Investigating Cyber Espionage 2.0” published by two Canadian researchers at the Munk School of Global Affairs at the University of Toronto, in April 2010, has revealed a sustained campaign of cyber attacks waged against India. The report, by John Markoff and David Barboza, exposes how an India-focussed spy-ring based in Chengdu, People's Republic of China, made extensive use of Internet services such as Twitter, Google Groups, Blogspot, blog.com, Baidu Blogs and Yahoo! Mail to automate the control of computers in India once they were infected. The revelation of the Shadows report is that a vast majority of the compromised computers are in India (see “Shadows in the Cloud: Investigating Cyber Espionage 2.0” Joint Report: Information Warfare Monitor, Shadowserver Foundation, April 6, 2010, Page 30.) The report analyses how attackers leveraged multiple redundant cloud computing systems, social networking platforms and free web-hosting services in order to maintain persistent control while operating the core servers located in China.

The Canadian investigators found that the Internet spies had stolen classified documents from the Indian government and reports from Indian military analysts and corporations, as well as documents from agencies of the United Nations and governments. The documents stolen were marked “Secret,” “Restricted” and “Confidential.” These included encrypted diplomatic correspondence. Two of the documents were marked “Secret,” six as “Restricted” and five as “Confidential.” According to the ‘Shadows' report, the documents contained sensitive information taken from a member of the National Security Council Secretariat concerning assessments of the security situation in Assam, Manipur, Nagaland and Tripura, as well as concerning Naxalites and Maoists. The documents contained confidential information taken from Indian embassies regarding India's international relations with, and assessments of, activities in West Africa, Russia/Commonwealth of Independent States and West Asia, as well as visa applications, passport office circulars and diplomatic correspondence.

Outdated Act

However, despite evidence of increasing cyber crime in India, the Information Technology Act, 2000, even as amended in February 2009, remains an outdated and insufficient tool to effectively protect the nation from a cyber onslaught. The offences introduced in the 2009 amendments involve sending offensive messages through a communication service; dishonestly receiving stolen computer resources; identity theft; impersonation — phishing, and violation of privacy.

While, laudably, the amended Act legislates against the growing menace of identity theft, phishing and violation of privacy, it does not even contemplate the tools of modern cyber crime. For example, the 2009 amendments to the Act introduced two provisions concerning offences listed in Section 43. One of these (‘i') concerns destroying, deleting or altering any information residing in a computer resource or diminishing its value or utility or affecting it injuriously by any means. Another (‘j') concerns stealing, concealing, destroying or altering or causing any person to steal, conceal, destroy or alter any computer source code used for a computer resource with an intention to cause damage.

However, modern means of cyber warfare such as BOTNETS or key-loggers are not intended to destroy, delete or alter information residing in a computer resource or to steal computer source code. Instead, BOTNETS takes over a computer so that it can be used by an external controller. Modern cyber crime is not focussed on stealing source code or information in a computer but using the computer itself as the instrument to commit a crime.

Another major tool of cyber warfare is key-loggers, which is a software program or device designed to monitor and log all keystrokes. The key-logger software/device scans computers and their processes and data the moment a person strikes a key on the keyboard. This information is carried over to an external controller. Key-loggers are intended not to steal source code or information but to record the data input into a computer, to be used for financial fraud.

The IT Act defines “computer network” in Section 2(j) as the “interconnection of one or more computers or computer systems or communications device through the use of satellite, microwave, terrestrial line, wire, wireless or other communication media, and terminals or a complex consisting of two or more interconnected computers or communication device whether or not the interconnection is continuously maintained.” The 2009 amendments added the specific reference to “wire and wireless.”

Section 43 of the IT Act prohibits the introduction of a virus into a computer, computer system or computer network. However, it is unclear whether the posting of a virus on a website would attract this provision as the IT Act is still framed in the language of computer resources, based on the thinking of the 1970s and 1980s. Since the turn of the century, the Internet has become the space to be regulated, not computers. The IT Act does not even mention the Internet.

The IT Act needs to make a paradigm shift from earlier concerns regarding hacking of computers to steal source code and information to not only the modern Internet age but Web 2.0 where the weapons of cyber crime are intended to elicit information such as online banking passwords, PINs and other confidential information from consumers as and when users access their online accounts, and a Chinese cyber war against India that is already under way.

How to Avoid Online Security Threats And Online Frauds

By kaijewels, eHow Member

The wide reach of the Internet has given a tremendous boost to ecommerce. It did take a few years for the trust between online sellers and online buyers to develop. But, the threat to online security today comes from a third group, neither the seller nor the buyer is party to these online frauds.

Difficulty: Moderate

Instructions

Things You'll Need:

• Knowledge from this article, a few precautions and lots of commonsense.

1. 1
   Phishing is one of the most damaging online security threats in recent times. Basically it involves an attempt by a fraudster, to extract confidential information from the innocent victim. In most cases the fraudster constructs a clone site that looks very similar to the web page of a bank or other financial institution. The victim is urged to click a link on an email and access the victim's financial account. The web link is actually a clone web page that captures the confidential login information of the victim. Once this happens, the fraudster uses the information to log into the actual financial account of the victim. The funds in the account are then syphoned out by the fraudster. You should never click a link to access your bank account, credit card account or any other financial account. Open up a fresh browser window and type the entire name of the website, this is the safest way.
2. 2
   You could receive a fraudulent email telling you that you have won a million dollar (possibly more) lottery prize! Do not fall for this gimmick, the fraudster will tell you how close you are to become a millionaire. In most cases, you will be requested to pay a few thousand dollars for various fees and legal expenses. The truth is that there is actually no lottery and no prize money. Once you part with a few thousand dollars, the fraudster disappears and preys on his next victim.
3. 3
   Emails are often received form fraudsters claiming to have free access to millions of dollars. The message goes on to say that all that is required for you to get a hefty share of the money, is to act as an agent in moving the funds. All you need to do is to pay a few ten thousand dollars, your returns could be in the range of five million to 20 million dollars! This is another fraud that you should keep away from, you will never see a single dollar come your way. The fraudsters are based in countries where the legal system operates like a fish market, so no legal recourse will be available to you.
   
   
   Tips & Warnings

• If you are an online buyer, keep updated regarding various security threats. If you are a seller try to educate your buyers. Do not fear that awareness would keep buyers away from online buying. A well informed buyer can avoid most online security threats by, taking a few simple precautions. Pass this information to as many people as possible, it will help us create a safer Internet environment in which buyers and sellers can benefit.
• Do not click on links in emails to open important websites. Do not forget to call your bank or credit card company if you fear that, your security has been compromised. Spread the information regarding online security threats to as many people as you can.