Wednesday, April 18, 2007

Phishing Angst in light of VA Tech tragedy

Phishing Angst in light of VA Tech tragedy

Unfortunate but true, there are those individuals that would attempt to profit in a devious and mal-intentioned manner from any tragedy. These threats come in many forms, ranging from phishing scams, spam, websites, fax, telephone and beyond. There will likely be a number mal-intended attempts made to collect money, personal information and the like by many individuals posing as organizations designed to provide a form of aid or funding for the VA Tech tragedy.

The best defense against this type of threat is to simply research the organization that you intend on giving money, support or information to prior to engaging them. If you receive an unsolicited email or something that looks suspicious there are a number of sites that maintain a fairly updated list that can all easily be found through your favorite search engine.

All of this said, if you feel compelled to donate your time, expertise or money in aid of those affected by the VA Tech tragedy then please do so. There are currently a number of well known organizations working to help those affected such as the American Red Cross http://www.redcross.org/article/0,1072,0_312_6578,00.html and VA Tech is also directly accepting donations on their website at http://www.vt.edu/tragedy/memorial_fund.php.

Below is a list of domains that were registered immediately following the Virginia Tech tragedy. It should be noted that at the time of this article none of these domains have been reported as being used in a malicious manner, but please keep an eye out and protect yourself against the many risks associated with identity theft, fraud and beyond.


vatechshooting.com
vatechshooting.net
vatechshooting.org
vatechshooting.info
vatechshooting.us
vatechshooting.biz
vtshooting.com
vtshooting.info
vatechmassacre.com
vatechmassacre.net
vatechmassacre.info
vatechmassacre.biz
vtmassacre.com
vtmassacre.net
vtmassacre.org
vtmassacre.info
virginiatechrampage.com
vatechrampage.com
vtrampage.com
virginiatechmurders.com
virginiatechmurders.net
virginiatechmurders.org
virginiatechmurders.info
virginiatechmurders.us
vatechmurders.com
vtmurders.com
hokieshootings.com
hokiemassacre.com

Best Regards,
JJC

Sunday, April 1, 2007

A few tips for the home user.


The world has become somewhat accustomed to basic physical and personal security over the years; but what of the cyber security realm, from the perspective of the basic home user? In today’s age of online banking, billions of electronic transactions, online shopping, electronic records management and so much more affected by or even wholly controlled by technology it is absolutely imperative that even the home computer user have a basic understanding of cyber security. I have detailed a few basic steps that should be taken to mitigate many common threats.


Virus
- Install and maintain current anti-virus software and signatures. It’s not enough to simply buy an anti-virus application and leave it on your computer. Every day a large number of new computer viruses or virus variants come out, as a direct result of this all of the major anti-virus software companies release updates regularly (sometimes every few hours) that need to be placed on your computer for you to truly be protected. Many anti-virus applications can be configured to automatically download and install such updates. For the cost-conscious user I recommend AVAST http://www.avast.com, it’s free for home users and consistently rates high in independent tests!

Patch
– Ever get that annoying popup from your task bar? Well, it’s not just an annoying message, these things are really important. Though software and operating system manufacturers try to design and build their products using security standards and to the highest of standards they do miss things. These things that they miss result in potential backdoor access to your computer, holes that give the would-be hacker or application access to any and all data that may be on your computer. RedSphere maintains an updated list of patches and vulnerabilities under the News -> Cyber Security section.

Lock
– When you are not using your computer, logout of it or lock it. If you live in a home with multiple family members you should create new and unique accounts for each user of the computer. This will accomplish a few things; first it will create accountability for other users / children, without a unique account you can’t determine who was visiting certain websites or downloading certain applications. Be sure that everyone is educated and informed that they need to either lock the computer or logout of it when they are finished with their session. If they do not do this, another user could do whatever they wanted without being held accountable.

Disconnect
– The vast usage and adoption of high-speed technologies such as DSL and cable modems has made the ever-connected PC a more common thing than not. The more time any computer or system is connected to the internet the more likely it is to be infected by a virus, attacked by a worm or hacked by a hacker. This can easily be mitigated by disconnecting the computer from the internet, this may mean that you edit your dial-up connections, turn off your computer or modem, or even disconnect cables.

Backup
– Even taking all of the steps mentioned above and beyond, there will always be the possibility of data becoming corrupt or otherwise destroyed. Most of us have already experienced at least one or more times data-loss. Whether a program erroring out while we are working on an unsaved document, a hard-disk failing, a virus or worm or even a natural disaster we can protect ourselves cost-effectively and easily. A large number of home computers now have CD or even DVD recorders build into them and include software to create backups. CD and DVD media are but one of many options in the wide world of backup, others include USB Thumb Drives, External Hard-Disks, Network Attached Storage and many many other options.

Be Mindful
– Simply put, use your noggin! What do I mean when I say this, doesn’t everyone use their noggin? Of course they do, but there are so many more implications relative to Cyber Security. Don’t open emails from unknown sources, don’t give anyone your social security number or any other Personally Identifiable Information online, don’t send emails containing confidential information, don't install peer-to-peer software or any of the aforementioned. This topic is a pretty big one and I’ll address in much more depth at a future date!

In closing, there are a great many things that you can do to better protect your data and security and the above list should give you a good start.

Best Regards,
JJC