[ISN] Better safe than sorry when it comes to emails

From: InfoSec News <alerts_at_private>
Date: Thu, 8 Jan 2009 03:40:57 -0600 (CST)
http://economictimes.indiatimes.com/Infotech/Internet_/Better_safe_than_sorry_when_it_comes_to_emails/articleshow/3947234.cms

[After reading this article, you start to wonder if the cyber security 
whizkid, Ankit Fadia has even heard of using SSH or SSL when sending 
mail, also the need for having two or more e-mail addresses just seems 
to increase the amount of spam one will get in the long run. I'd also
be amiss if I didn't mention this link pointed out to me recently.
http://attrition.org/errata/charlatan.html#fadia   - WK]


The Economic Times
7 Jan 2009

NEW DELHI: Not everything in your inbox is safe. What looks like a 
simple mail from someone you know, a company you do business with or the 
bank in which you hold an account, might have actually been prompted by 
sinister intentions.

As cases of email fraud rocket in India, with cheats trying to steal 
your money and hackers sending virus infected mails posing as personal 
messages from your loved ones, web security experts say quelling 
curiosity could be the most important weapon against email fraud. Some 
easy habits could save you from becoming a victim of email fraud.

Pick strong passwords and keep them absolutely private. Don’t warm up to 
strangers, including those promising you millions bequeathed by heirless 
millionaires from Congo. Do not click on tempting links, even when you 
are invited to do so by sexy sirens. These could infect your computer or 
server with deadly viruses.

To keep your computer safe, start with installing a security software 
which will scan and remove viruses and spyware. Beware of emails or 
attachments from unknown people or with a strange subject lines, 
specially with urgent wordings. Criminals use words that create a sense 
of urgency, forcing you to respond to the message or to click on the 
link almost immediately without thinking. They may have hacked into the 
email ID of your friend to lure you to transfer money to an account 
which had no relation to the person allegedly stranded in distress.

Delete messages that seem too good to be true — like you’ve won a 
million dollars or hit a jackpot. It could be the frauds from Nigeria, 
the 419 gang. Be suspicious of any mails that ask for personal 
information , even if it might look legitimate.

That applies to those which may seem to come from your trusted banker. A 
cyber security veteran told TOI: ‘‘ Mails from banks asking for personal 
information are flooding Indian inboxes. Almost all of these are fake. 
Most legitimate banks follow a policy of not asking personal information 
through e-mail . If needed , they will send letters or call you up. 
Whenever you get such a mail, confirm with the bank’s helpline number 
before opening it.’’

Said cyber security whizkid, Ankit Fadia, ‘‘ You must have two different 
email addresses with separate passwords — one that is your official one 
and the other which you can use for social networking sites or for 
online websites and blogs. That way, you know the mails you receive in 
your unofficial email are mostly spam.’’ Cyber cafes users are 
particularly vulnerable . Avoid using cafes for sending a mail which has 
personal details like your ATM PIN.

Fadia said: ‘‘With people, especially from smaller towns thronging cyber 
cafes, these places are most prone to email fraud. Most cafes don’t have 
strong anti-virus software installed due to economic reasons. This puts 
your email at risk from hackers.’’ Fadia notes that the presence of 
1,600, and stillgrowing , cyber cafes point to the dependence of a huge 
section on these e-kiosks . He has simple advices for them. ‘‘Users must 
always log out or lock their computer when stepping away when at cyber 
cafes. Forgetting to do so leaves your account open to abuse.’’


_______________________________________________      
Please help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html
Received on Thu Jan 08 2009 - 01:40:57 PST

This archive was generated by hypermail 2.2.0 : Thu Jan 08 2009 - 01:52:01 PST