blue sky

Home     Display     HandyHints

The Cyber Minefield

How do they manage it, though, when there are supposed to be all these security measures in place to safeguard users? We think we've figured out one way following a recent problem which, fortunately, only affected our private email service. I don't know what scam the perpetrator hoped to pull, but all of our contacts received an email claiming to be from us and containing a link to click on. One of these emails was actually received by us purporting to be from us! We were onto it straight away and sent warnings to everyone telling them not to activate the link. As far as we know, no-one has, so this particular scam hasn't worked; but it set us wondering how the cyber-crim had acquired our list of contacts in the first place. You see, we don't keep an address book on-line for security reasons. The only place the information could have come from was the folders containing old emails either sent or received and being held by our service provider. I'm not suggesting they were at fault, knowing the level of security they employ. It could have happened on one of those occasions when our screen froze while trying to log out, during which time someone may have broken in. Whatever, we then had the unenviable task of going through the back files - hundreds of them! - deleting the unnecessary ones and copying those containing important information before deleting them as well. In future, our email account will hold no emails in or out, and we certainly won't be setting up an address book. And now, the moment the screen locks up, we simply disconnect the Internet immediately.

Does it really matter? It might, especially if those links mentioned could have opened the door to the system of whomsoever clicked on them. Once in, the alien program could quite easily download all data and transmit it back to the source - details including private, business, banking and so on. The lot gone in the blink of an eye. Can you stop it? Well, maybe not forever, but there are precautions everyone can take to minimise the risk. Passwords are one way. Most of us already use them in some form, for example the PIN to access card accounts. Wherever possible, set up these security codes as front-line defence, prohibiting unauthorised progression past that point - no password, no entry! Be very canny about creating them. Avoid using standard words, names, birthdates, etc. And unless you want to have a bit of fun in the process, don't bother with the old spy trick of using the text from a book. It's confusing and unnecessary...

This code-maker is easy, it can be used over and over, and it can't be cracked except by pure chance (or a code-breaker using a nano-dot!). Mark, then cut out 80 small squares from a piece of card - a cornflake packet will do. Write each letter of the alphabet in lower case, but leave out 'o' - it's too easily confused with the number '0' which will also be omitted. That gives you 25 squares. On the next 25, write the upper case letters, minus 'O'. On the final 30, write numbers 1 to 9 and substitute a dash (-) for zero, this times three. Now all you have to do is place the lot into a suitable container, shake them up, pick one, record it, then drop it back in and shake again for the next character. The string can be as long as allowed and is likely to contain an assortment of upper and lower case letters along with numbers and maybe the odd dash. If you want more dashes, just mark and cut some extra squares. Because the characters are selected at random, there will be no predictable association by you or anyone else. Just make sure you keep your new password safe, or you'll lock yourself out as well!

Passwords and codes, no matter how complex and seemingly indecipherable, should be changed on occasions, preferably on a date also selected at random. Stay clear of the beginning and end of the month and, unless absolutely necessary, don't be on-line when you do this. The other way to stay safe is to sign up with a reputable security manager. Most offer varying levels of service, including the facility to customise your defence against unwanted contacts. Even then, some suspect communications can slip through like the example already mentioned. When in doubt, look at who it's from. Do you know them? Now check the subject matter. Does it have any relevance for you? If it is something vague like: Hey! Hi or Hello, it's likely to be bogus. Don't open it - just delete it. And definitely don't click on an attachment to a suspect email! The main recipient will obviously be you; but when you open the email there may also be a string of other names. This means the same email has been sent to them as well. If you don't know the sender, be immediately suspicious. Even if it is supposed to be from a friend, ask yourself whether they would send a batch email, or forward one from another source? In future, ask your contacts to be specific with their introductory data and save the comic stuff for the email content. And you do the same for them.

Previous page      Next page

Click this Click for PDF file image to view or print complete article.

  Back to beginning of article

Money     Health     Focus     Popcorn     Recipes     eBooks     About     Contact

copyright © 2011-2015  All Rights Reserved