Computer Security: Are you Phishing?

Author: Barion Willis

Article:
You can say that the Internet is a short cut for international
networking. By just logging on, you can connect to people all
over the world. They may be people you personally know or people
you just know online. Whatever the case, there is always
somebody on the other end of your Internet connection.

As accessible and easy daily life is now thanks to the Internet,
there are disadvantages from this convenience. Criminal
activities such as eliciting sexual activities on the web are an
example of online problems society has to deal with.

Another online criminal activity is phishing. Phishing is
acquiring personal information like passwords and credit card
details by pretending to be a representative of a company.
Phishing is done through email or instant messaging.

It is called ®phishing because it is similar to the
recreational activity fishing. It for users
personal information such as passwords and financial data.

Phishers create accounts on AOL by using fake algorithmically
generated credit card numbers. These accounts are maintained for
a number of months. Due to the reports of phishing incidences,
AOL has brought in measures preventing this from happening by
securing the data of their users and confirming the information
of those signing up for AOL accounts. Scan your registry for
free at http://www.registry-cleaners-reviewed.info
On AOL, a phisher pretends that he is an AOL employee and sends
out instant messages to a random customer that asks for
passwords of their account. Luring the victim further, the
phisher includes in the message verify your account or
confirm billing information.

Thus, a number of clients get lured in and give off their
password. Once the phisher gains access of this sensitive
information, he can use the victims account for spamming.
Check your inbox and take a look at the spam messages you've
received. Yes, those are real names of people. These people's
accounts have been hacked and are now being used to relay spam
messages.

About the author:
Free Scan! See how many errors your computer has, at
http://www.registry-cleaners-reviewed.info

Computer Security: Scams via Phisher

Author: Hazel Mia

Article:
How this e-mail scam works is through this: usually, you will
receive an e- mail from a service online provider or through a
bank that ill ask you to go click a specific link or visit a
particular website and from there you will be elicited to
provide your personal info.

This type of scam is called phishing.

Basically, this scam is where victims are asked and tricked to
entering all their personal info like passwords, account numbers
to an organization or company that presents itself as
legitimate.

Ingenious scammers who create a site that looks a lot like the
authentic web site do this trick. E-mails are usually used to
invite and bait potential online victims to go to the fake
website.

As much as possible, always be cautious and wary of e-mails that
ask you to click a link and give out personal sensitive info
like bank details.

You should know that any info provided on these fake sites are
farmed and harvested by scammers which they in turn use to steal
the funds from the userЎЇs bank account or steal the identity of
the victim.

Be aware that companies that are legitimate would never ask for
any sensitive info through e-mail.

Never, ever click on these e-mail links. Never give out any info
about you. If there are doubts on the veracity of the e-mail, it
is always best to directly contact the legitimate company.

How to know a scam if you see one? Generally, a scam has the
following characteristics. It makes the promise to give you lots
of money, lots of prizes or a job. Free Scan! See how many
errors your computer has, at
http://www.registry-cleaners-reviewed.info

It also asks you for donations. It also proposes business deals
that are lucrative. It also asks that you provide personal and
very sensitive info. It also asks that you follow a specific
link to a particular website and log in to a particular account.

Educating yourself is an essential contribution against being
vulnerable to fraud as well as any virus or security threat.

About the author:
Scan your registry for free at
http://www.registry-cleaners-reviewed.info

Tips for selling on eBay

Author: John Case

Article:
Tips for Selling on eBay(R)

* The first thing you should do is sign up an account with
Paypal.com. Once your account is set up, follow Paypal's
instructions to verify your address and account. This will help
build buyers' trust in you as a seller. Paypal will help you
easily accept payment from buyers as well as pay wholesale
suppliers securely.

* NEVER respond to an e-mail from Paypal that asks you for your
login information, or asks you to follow a link to a login page.
This is a scam known as "phishing." A typical message might
include scare tactics such as "We have noted an illegal login
attempt to your account" or "You have added a new e-mail address
to your account." If you follow the link, you will be directed
to what LOOKS like a Paypal login page, but your login
information will actually be sent to crooks, who will promptly
use your info to clear out your account. Paypal will NEVER send
you an e-mail asking for your login info. If you receive a
suspicious e-mail, you should forward it to: spoof@paypal.com
and they will reply to let you know if it is authentic or not.

* Never respond to an e-mail from eBay that asks for your login
information. Some bogus messages appear to be from interested
buyers. For example: "Is your product still for sale? Let me
know!" or "I sent payment 2 weeks ago! Where is my product?"
Another common message is: "Update your eBay information within
48 hours, or your account will be suspended!" Again, your login
info will be forwarded to scammers who will use your eBay ID to
artificially drive up prices on their own auctions, or use your
eBay ID to run a fraudulant auction in which they collect
payment for an item that doesn't exist. If you receive a
suspicious e-mail, forward it to spoof@ebay.com and they will
let you know if it is authentic. If you want to respond to a
question from a buyer, it is safer to login to your eBay
account, and go to the "My Messages" section, and reply directly
through eBay.

* When buying from a wholesale supplier, ALWAYS pay through a
credit card, or Paypal. NEVER pay for products through Western
Union. Many Western Union clerks do not require ID for the
seller to pick up the money. It is too easy for a wholesaler to
collect the money and not send your order. If a wholesaler
insists on Western Union, simply look for another supplier.

* If you pay a wholesaler through an escrow service, use only
escrow.com. If a wholesaler insists on another escrow service,
simply look for another supplier.

* Before buying from a wholesale supplier, be sure to check
eBay for similar items and calculate if you can sell for a
competitive price and also get a profit. Each and every day, an
average of $86 million changes hands through eBay(R) auctions.
Every day, an estimated 2 million people use eBay(R) to buy
things they can not find in stores, or to get rid of things they
do not use any more in order to make room in their house. But
did you know that 430,000 eBay(R) run a full or part-time
business from their homes? Of course, there are the big product
sellers, who auction off things like new cars, real estate, or
computers. However, there are also normal people running eBay(R)
business from their homes, not only selling things that are no
longer needed around the house, but selling everyday consumer
goods, and making a full-time income from it.

The secret of eBay(R) success is finding products to sell that
match your interests and lifestyle, locating a reliable
wholesale supplier, and mastering the system of putting up
auction pages on eBay(R) in order to keep your seller fees to a
minimum while maximizing your profits.

Here are some tips for selling on eBay:

* Remember that eBay users will buy based on cost as well as
reliability of the seller. If you have a relatively low feedback
score, and you are selling the exact same item at the exact same
cost as a seller with feedback of 3000 or more, you are not
going to make many sales.

* Create e-mail template message to communicate with buyers.
You should make at least three messages: one for when you
receive payment, one for when you send the order, and one to
send approximately two weeks later, to check if everything is
OK. Good communications are essential in building good feedback
ratings.

* Feedback is very important. Always leave positive feedback
for buyers as soon as payment clears. If a buyer has not left
positive feedback by two weeks after the close of the auction,
send a follow up e-mail. Be very careful about leaving neutral
or negative feedback. Even if you have a valid reason for
leaving negative feedback,once you leave negative feedback, the
buyer is likely to retaliate with negative feedback, harming
your reputation. Instead, use eBay's "Send an invoice to buyer"
or "Report an unpaid item" functions.

About the author:
John Case operates http://www.easy-learn-to-earn.com, which
provides free information on making money online.

Psychological Internet Security: Drawing a Spider to the Web

Author: Josh George

Article:

Even if everyone knew exactly what they wanted and where to get
it on the internet, they would not be safe from this.
While antivirus solutions and computer protection software are evolving to identify these scams, many are still evading internet security solutions. These scams can affect everyone and can be summed up in one word: Pharming.

While you have probably heard about pharming as well as the dangers that come from surfing to sites containing pornography, warez (illegal downloads) and other underground-related sites, pharming can virtually affect any topic of any industry. As long as sensitive information
can be extracted from you, pharming scams will be developed. After all, people can act like lemmings on the internet; one by one, they will stumble into the pharming scam
and do exactly what the scam artists want them to do.

So you’re probably wondering what pharming is and how it can compromise your computer
protection and internet security. Simply put, it is like an evolved form of phishing.&nb
sp; Instead of the scam artists trying to convince you to visit a fraudulent site, they just build tons of fraudulent sites and let you visit them through redirection tactics. While the
details of these redirection tactics are beyond the scope of this article, it is important to know that financially-related websites are the primary targets of pharming scams.

As you can understand, it is extremely difficult to identify pharming scams because you have no idea when you visit one. But is this really the case? For many, the warnings literally pop
up in front of their eyes, but they have simply trained themselves to ignore the computer
protection and internet security signs. The question is, are you one of these people?

Answer this: have you ever browsed to a place where you are greeted with an internet security warning stating you just entered a site with an unsigned certificate? If you have, did you simply agree to view the site and not even bother to wonder why there was an unsigned
certificate internet security warning? Well, that warning box could mean the loss of your identity if you are not careful enough. For scammers to set up these pharming websites, they try to duplicate every aspect of the real site as possible, including the certificates. If you ignore these unsigned certificate warnings and enter your personal information, you literally send it all to the scammers.

To help
identify these scams, click File > Properties in your browser and make sure the website is
an actual domain name instead of an IP address. Simply looking at the address bar of a pharming site is not enough, for scammers have ways to cloak it. Also, make sure that
yellow lock is in the bottom right-hand corner of your browser window. That lock signifies SSL, which means your information is being transferred over a securely encrypted channel.

When it comes to additional computer protection and internet security, grab a free legitimate anti-phishing toolbar. Also make sure to install the most current updates for your
antivirus software.

In the end, remember internet security and computer protection means using common sense and judgment when surfing the web. For any sites that require you to enter personal
information, make sure you analyze the website like discussed above. In spending the additional time it takes to do this, you will dramatically increase your computer protection
and online security, all without spending a penny.

About the author:
Josh George has been an active member in the computer and
internet security community since 1998. Writing on the topic and
making presentations to FBI, DoD, and NSA members, his site
provides time-tested best practices and recommended tools for
everyone: http://www.essentialcomputersecurity.com

Enhancing security on your online banking account

Author: Centris Federal Credit Union -

Article:
Crimes like identity theft, credit card fraud and other
Internet-based fraud attempts are on the rise. New terms like
'Phishing' , 'Pharming' and 'Spyware' affects everyone using the
Internet. At Centris, we believe the more you understand about
these new threats, the better equipped you will be to take
precautions to protect yourself. We have provided valuable tips
on everything from Internet threats to how to identify fraud and
to how to report it.

Preventing Account Fraud Protect your accounts. Never
loan your credit or ATM debit card or share your passwords with
anyone who is not authorized on your account. Do not share your
account numbers with anyone unless you initiated the contact.

Report lost or stolen checks or credit cards immediately.
Review new checks to make sure none were stolen in transit. Be
aware of the expiration date on your credit card; if you do not
receive a reissued card before the expiration date, notify
customer service.

Store new and cancelled checks securely and always use
tamper-resistant checks. You can have new checks delivered to a
branch office to be picked rather than your mailbox. Question
suspicious emails or phone inquiries. Unless you initiated the
contact, Centris will not request your personal information
(account number, Social Security number, or mother's maiden
name) through an email, U.S. mail, or by phone.

Guard your ATM and online banking information. Be creative in
selecting PINs, passwords and security codes. Do not use birth
dates, social security numbers, street address or children's
names. Do not store your Pins with your cards

Curtail the use of paper documents. Centris has several options
such as OnLine account access, Free Bill Pay & Presentment and
FREE OnLine eStatements.

Avoid using easily available information like your mother's
maiden name, your birth date, the last four digits of your SSN
or your phone number, or a series of consecutive numbers or
keyboard strokes.

Preventing Identity Theft Don't give out financial
information online or on the phone unless you initiated the
contact, and know the party you're dealing with.

Shred unnecessary financial documents, including old bank
statements, invoices, and unwanted pre-approved credit offers.

Retrieve incoming mail from your mailbox and don't put outgoing
mail in your residential mailbox.

If regular bills or statements stop reaching you, call the
company's customer service. Someone may have filed a false
change-of-address notice to divert your mail.

Receiving suspicious charges on statements? If doubtful call
immediately to resolve the discrepancy.

Keep personal numbers off your checks. Never preprint your
driver's license or Social Security number on your checks.

Never leave your computer unattended while in an OnLine banking
session. When ending an OnLine banking session be sure to select
the "Sign Off" icon to securely log out of your account.

Check your Credit Report

Centris recommends that you check your credit report on a
regular basis.

About the author:
Tim Mogler is the Internet Marketing Specialist at Centris with
over 6 years experience in OnLine Banking products.

New exploits out for DNS Vulnerability in Windows Server

Author: btv raj

Article:
The AntiVirus, AntiSpam and Content Security firm MicroWorld
Technologies urges organizations to be on their guard, as the
number of exploits out for the critical DNS vulnerability in
Windows Server rose to five. The possibility of 'Vanbot' worm
exploiting the flaw is also looked into, says the Security firm.

The flaw in question was made public by Microsoft on last
Thursday, as first reports of it came a day after the Redmond
firm's patch Tuesday. It can be found at
http://www.microsoft.com/technet/security/advisory/935964.mspx.
The flaw is related to the way DNS (Domain Name System) Server
Service uses RPC (Remote Procedure Call) interface.

RPC is a protocol used in requesting a service from a program
located in another computer in a network. An attacker can send a
malformed RPC packet to create buffer overflow in DNS service,
which will allow him to execute arbitrary code on the victim's
computer.

The affected versions are Windows 2000 Server Service Pack 4,
Windows Server 2003 Service Pack 1 and Windows Server 2003
Service Pack 2. Security researchers indicate that the new
Windows Server in the making, code named as 'Longhorn', is also
not insulated from the danger.

Rohini Sonawane, Chief Operating Officer of MicroWorld, says "If
the DNS service is compromised, the intruder can plant Pharming
attacks in the computer, where a legitimate web request can be
re-directed to a malicious spoof website. It means, when you key
in the web address of your bank in a compromised computer, the
request will go to the Phishing site, which will capture all
your confidential banking information and hand them over to the
malware author!"

According to Rohini, a variant of the 'Vanbot' worm known to
exploit many earlier Windows vulnerabilities, is reportedly
exploiting this new found loophole as well. She said MicroWorld
is analyzing these possibilities, even as the firm's products
eScan and MailScan safeguard users against all Vanbot varieties.

Vikas Vishwasrao, a Senior Security Analyst at MicroWorld
suggests that users of MicroWorld's eConceal firewall can block
Port 445 as well as Port 1025 and all Ports above, till
Microsoft releases a patch for the flaw, as these Ports are used
by the RPC protocol. He said an infection can be sensed using
TCP Connection feature of MicroWorld products, as affected
computers will show frantic network activity in IRC traffic as
well as a huge increase in HTTP traffic on non standard ports.



MicroWorld

MicroWorld Technologies (www.mwti.net) is the developer of
highly advanced AntiVirus, Content Security and Firewall
software solutions eScan, MailScan, and eConceal. MicroWorld
Winsock Layer (MWL) is the revolutionary technology that powers
most of MicroWorld products enabling them to achieve several
certifications and awards by some of the most prestigious
testing bodies, notable among them being Virus Bulletin,
Checkmark, TUCOWS, Red Hat Ready and Novell Ready.

For more information, please visit www.mwti.net


About the author:
Btv Raj is the Content Writer and Creative Visualizer of
MicroWorld Technologies.

How to Beat Trojan Virus and Worm Attack

Author: John Noble

Article:
Trojans can erase your disk, send your credit card numbers and
passwords to a stranger or let others use your computer for
illegal purposes like denial of service attacks, crippling
networks for months. Just like the original Trojan Horse that
was built by the Greeks, the Trojan Horse Virus for your
computer is actually something unwanted concealed within
something that seems good and positive. Like sharks in a feeding
frenzy, these hacker mercenaries view Instant Messaging clients
as their personal bank because of the ease by which they can
access your computer via the publicly open and interpretable
standards. They unleash a Trojan horse, virus, or worm, as well
as gather your personal and confidential information, and sell
it to other criminals.

Many major operating system vendors have automatic update
services. Many hardware vendors and other software packages have
followed this trend, incorporating automated update services
into their products. In some cases, the services for automatic
updates run as the local "system" account. This account has the
ability to access and modify most of the operating system and
application environment. If this update service can be infected
than millions of computers can be infected quickly. Hackers
riding piggyback on viruses have only a short window of
opportunity to maximize their gain before the viruses are
detected, neutralized and logged into Virus Definition
databases, 'vaccinating' the system against those strains.
Without continuing system vulnerability caused by virus
infection there is little they can do to further their malicious
ends like stealing personal information, credit card details and
other sensitive and vital data.

Many fine examples of Spyware, Trojan and Worm removal software
are available, but you must be careful you only download a
reputable programme from a reputable site. This is even more
important when using free or evaluation software. This is one
way that your system can be given a Trojan, through software
downloads and installation and obviously the software will not
protect you from its own malicious imbedded Trojan.

Because Instant Messaging operates on peer-to-peer (P2P)
networks, it spawns an irresistible temptation for malicious
computer hackers. P2P networks share files and operate on
industry standard codec (encryption codes) and industry standard
protocols, which are publicly open and interpretable. Most anti
virus software does not incorporate protection for Instant
Messaging services.

There is anti-Trojan software that specifically serves to get
rid of Trojan Horse virus types, and in most cases it is this
type of software you will want to use. You need to be protected
against the most common way that users are infected with a
Trojan program being through the spreading of it through emails.
The sender will send it to the recipient within an email
attachment that might say something like
"complementarytickets.jpg" or something along those lines that
will make you curious and open the file. Another increasingly
popular way that Trojan Horses have been spread to users is
through the ever-increasing instant messenger programs such as
Yahoo Messenger, AIM, ICQ, MSN messenger, and IRC. The one key
to remember about Trojans is that they have to be triggered by
some mechanism and will not spread themselves. For example, you
can have one in your email but you do not open the link then it
will not infect your system.

In today's online environment it's important to know what risks
lie ahead at each click. Every day millions of people go online
to find information, to do business, to have a good time. We've
been warned lots of times about stealing data -- identity theft,
phishing scams and pharming; we have at least heard of
denial-of-service attacks and "zombie" computers, and now one
more type of online attack has emerged: holding data for ransom.

So in summary what do we need to do? Well we need at least one
constantly updated anti-virus programme from a reputable source.
It must be specified and configured to detect and remove virus,
spyware, Trojans, and worms. We all need to be more careful when
opening emails from unknown senders and most of all, only
download from trusted sites.

About the author:
Independent expert advice by John Noble on PC software &
hardware security and computer maintenance for the home and
small business user. For additional information visit
http://www.pc-tools.us

Theft - Nine Threats & Nine Steps To Protection

Author: Warren Franklin

Article:
Theft - Nine Threats & Nine Steps To Protection

The Bad News: Identity theft is escalating at a torrid pace. It
has become one of the country's top problems. The bad guys are
finding more ways to steal YOUR identity.

The Good News: You can take control of the situation, become
both reactive and proactive guarding yourself against identity
theft.

Identity Theft Is Spreading Faster Than The Worst Case Of The
Flu!

First, let's understand just how bad identity theft has become
in this country:

· The Federal Trade Commission says that there is an underground
market for credit card numbers, social security numbers and ID
documents - organized gangs or web mobs use and sell these
documents for as little as $10 each. Some of these groups
contain thousands of members. The amount of goods and services
purchased with fraudulently obtained personal identity exceeded
52-billion dollars in 2004.

· US Department of Justice states identity theft is affecting
millions of households in the U.S. each year. The cost is
estimated to be six-point-four billion per year. According to
the FTC, an estimated 10 million adults become victims of
identity theft each year.

· The Department of Justice goes on to say that the most common
misuse of identity was through credit cards, accounting for 50
percent of all identity theft. Next in line were banking and
other types of accounts at 25 percent, personal information was
15 percent, and a combination of several types of identity theft
was at 12 percent. The average loss for each identity theft was
$1,290.00. Two-thirds of those surveyed said the theft cost them
money despite credit card coverage.

· A recent State of the Net survey by Consumer Reports which
covered more than 2000 households with Internet Access projects
that American consumers lost more than eight-billion dollars
over the last two years to viruses, spyware and various scams.
The report also shows consumers face a one-in-three chance of
becoming a "cyber victim" about the same as last year. It goes
on to say that consumers lost $630 million over the past two
years to e-mail scams.

· The average person today suffers through two or more
"incidents" with their computer each year - the computer slows
to a crawl, crashes altogether, viruses or spyware take over
systems and more. It's getting worse as computers become more
complex and as we do more with them.

So, Who Is At Risk For Identity Theft?

According to the Department of Justice there are three groups
that are most at risk for identity theft: young adults 18 to 24,
adults who earn $75,000 per year or more and households in urban
and suburban area. Interesting to note that about five percent
of adults who earn $75,000 or more a year are hit with identity
theft.

The continued growth of online fraud and identity theft are
putting an enormous strain on the existing infrastructure for
the Internet as well as our social structure. For example, the
banking community has been complacent about security upgrades
required by the Federal Financial Institutions Examination
Council. They report that every bank in the country has not
complied with their guidelines set for now. In an article
titled, "U.S. Banks Complacent Toward Identity Theft Solution,"
by PR Web, the single largest national security threat is a
terrorist attack on our banking system. An attack aimed
simultaneously at millions of user names and passwords within
banks would shut down our banking system. This would instantly
shut down banks worldwide. Credit/debit cards, checks, calls to
the bank, would not work for at least a matter of days causing
tremendous hardship and a ripple effect from no gas to "I simply
have to take this baby food."

Consider for a moment some of the potential social effects from
this identity theft problem. What if citizens developed a lack
of confidence in our credit card and monetary system causing
economic upheaval similar to what we saw in the "Great
Depression?" I know this sounds radical, but what if you
couldn't trust your identity to anyone anymore? What if you
feared that your money, your identity was going to be stolen?
It's not unthinkable that you would store your money under your
mattress at home or in a safe in the closet rather than possibly
losing it to identity theft. If millions of people lost faith in
our monetary system and the ability to keep their identity safe
and then took all of their money home where they believe it
would be safe, what would happen then?

We generally can't control what happens outside of our personal
environment, what happens at a bank, corporation or the
government seems so far out of reach. There are, however, steps
that we can take that will give us a better chance of protecting
our personal information. The first step is identifying the
threats and then taking steps to protect ourselves.

Below, I have identified nine identity theft threats and nine
steps to protect our identity in today's society.

Nine Threats To Your Identity

Here are nine of the most popular ways for thieves to steal your
identity. Some of these are personally preventable and others
are out of our control:

1. Stolen Company Data. Your personal information is stored on
computers at stores where you shop, at your insurance company,
your accountant, and more. It almost seems like a common
occurrence where a company is hacked into and their customer's
information is stolen. This happens so often now that the crimes
are rarely reported and don't make the front page anymore.

2. Social Engineering. Identity Thieves are very clever. They
will invent any way possible to fool you into giving your
identity out. It's called social engineering because the thief
uses common social situations to get the information they want.
Like a seemingly innocent phone call supposedly from your credit
card company asking for your personal information.

3. Dumpster Diving. Identity thieves get a lot of their victims'
information out of garbage cans and recycle bins from old credit
card statements and other personal documents thrown out
carelessly.

4. Mail Theft. Your mail can contain valuable information:
bills, banking information, credit cards, investments and more.
Personal mail can often be stolen right from a mailbox.

5. Financial Account Hijacking. Once a thief has your personal
information they can take over your personal accounts. You might
not know about their activity for months.

6. Credit Card Magnetic Strip Theft. These clever crooks have
tools to steal information off the magnetic strips on your
credit card.

7. Discarded Computers. Your old computer really can tell
stories. Even though you erased your hard drive crooks have
tools to reclaim your personal information and use it against
you.

8. Spyware and Viruses on Computers. You may not be familiar
with the term 'malware.' It's a term that covers all of the
hacker tools that can cause harm on your computer. These tools
include spyware, keylogger tools, Trojan horses and more.

9. E-mail and Internet Scams. Cyber thieves are getting more and
more creative using scams like Phishing, Pharming and fancy
come-ons to entice you to give them your personal information.

There Are Four Ways You Can Approach Protecting Your Identity...

One way is to do nothing and hope that identity thieves don't
harm you.

Second, you can be reactive. Reactive simply means that you are
responding to all the material that comes your way. You are
checking your credit card and bank statements to make sure
nothing peculiar is on them. And if you do find something
strange you contact your bank or credit card company
immediately. Reactive also means that you are checking your
credit report when you apply for credit or a loan.

Third, you can be proactive. A proactive approach is a more
aggressive way of protecting yourself against the bad guys. You
are constantly looking ahead and evaluating before giving out
valuable information.

And fourth, combine reactive and proactive approaches. This is
the best way to ensure you identity protection.

Nine Critical Steps To Proactively Protecting Your Identity...

Here are your 'Nine Proactive Steps To Identity Protection:"

1. Begin to operate on an "I have to know everything" approach
when you give out your personal information. Only give out your
personal information to people you know and trust.

2. Protect your Social Security Number, credit card and other
financial information. Do not give this information out over the
phone unless you initiated the call or as we stated above are
talking to a trusted individual from a trusted company.

3. Cancel all of your unused accounts including banking, credit
card, licenses and permits.

4. At least once a year, if not more often, update and check
your credit report and Social Security Earnings and Benefits
Statement to make sure everything appears as it should.

5. Protect your mail. Make sure you have a secure locked mailbox
to receive all of your mail. Always mail your payments and
checks from a secure Post Office Box or from the Post Office.
And, if you have a Post Office Box at the Post Office never
discard your mail in a garbage can. Always bring your entire
mail home.

6. Always crosscut shred all bank statements, credit card
applications or information and important documents before
discarding to recycle or the garbage. It is best to stir up the
shredded documents to make it even harder for identity thieves
to steal your information.

7. Purchase identity theft insurance. This will cover any losses
incurred while recovering your lost identity once a crook has
stolen it.

8. Invest in professional grade protection for your computer.
The best protection available today comes from Managed Internet
Security Service providers. The best security services include
best-of-breed corporate grade security software for your
computer, as well as unlimited service and support from trained
security pros. Make sure it is the same kind of service that is
used by major corporations around the world. Frankly, the
over-the-counter and free security software programs available
don't keep up with today's professional cyber thief. If those
popular programs worked, why do we see the cyber-crime problem
growing at a progressively faster pace?

A managed professional Internet security program should have the
following technologies installed: A bi-directional or dual
Firewall that prevents information from coming in or going out
of your computer without your permission, anti-virus protection
that is updated daily, and malware protection that is updated
daily. Malware consists of spyware, adware, Trojan horses,
keyloggers and more. It constantly changes so you will need a
technology that keeps up with the professional hackers who want
your identity. Your best bet is to find a professional security
service that affordably manages all this for you.

9. Beware of e-mail scams like Phishing and Pharming. Phishing
is an e-mail that looks like it came from a bank or business
claiming you need to take care of a problem or your account will
be closed down. It takes you to a page to fill out your personal
information. Meanwhile, Pharming is redirecting your computer
from a legitimate to a fake web site. For example, you may think
that you are going to your banking site, but instead are
redirected to a site that looks like your banks web site, but is
hosted by an identity thief.

Identity theft continues to grow at a torrid pace. Millions of
people in the United States will lose their identity to thieves
in the coming year. Many of them will suffer for years trying to
clean up the mess that was left behind.

The bad news is we can't control all of the identity threats we
face each day. The good news is there are reactive and proactive
steps we can take to protect ourselves against personal tragedy.



About the author:
Warren is engaged in the cause of educating and protecting
people who use the Internet about the threats they face and the
inadequacy of the solutions they trust, and over a two-year
period has become an expert on PC Security and a passionate
advocate of Internet safety. Find out more his campaign for
personal and Internet security go to his web site at
http://www.completeinternetprotection.com

"Phishing" On The "Pharm": How Thieves Combine Two Techniques To

Author: John Young

Article:
Bob squinted at the email and began to read:

"Dear eBay User, as part of our security measures, eBay Inc. has
developed a security program against fraudulent attempts and
account thefts. Therefore, our system requires further account
verification..."

Security Measures. A threat to suspend his account to prevent
"fraudulent activity". The email went on to say that there were
"procedural safeguards with federal regulations to protect the
information you provide for us."

Bob clicked the link and was confronted with an authentic
looking logon page, just waiting for him to input his user name
and password and confirm what ebay supposedly didn't know.

He almost did it. The page looked absolutely authentic, and he
had already been "set up" by the email message. His fingers were
poised over the keyboard when he happened to glance at the URL.

There was something very, very wrong with it.

"PHARMING" TO FLEECE SHEEP

The art of "pharming" involves setting up an illegitimate
website that is identical with its legitimate prototype, for
example the ebay page Bob was almost suckered into using, and
redirecting traffic to it.

"Pharmers" can do it in two ways:

1.By altering the "Hosts" file on your computer. The Hosts file
stores the IP address of websites you have been accessing. By
inserting a new IP address into the database field corresponding
to a website, your own computer can be redirected to the
pharmer's website. Any information you give the bogus site is
immediately hijacked by the pharmer.

2.Hijacking the DNS (Dynamic Name Server) itself. A DNS matches
the names of address with their IP addresses. If this server can
be coerced into assigning new IP addresses to traditional names,
all computers using the name resolution provided by the DNS
server will be redirected to the hijacker's web site.

Once that happens, it's time to be fleeced.

DOWN ON THE PHARM

"Pharmers" hijack your "hosts" file or DNS servers using
Spyware, Adware, Viruses or Trojans. One of the most dangerous
things you can do is to run your computer without some form of
Internet Security installed on it.

Your security software should be continually updating its virus
definitions, and be capable of warning you if something has been
downloaded from a web site or through email. It should be able
to remove it, "quarantine it", or tell you where it is so that
you can remove it by hand.

You should also have Spyware and Adware programs installed, and
be aware of any change in Internet browsing patterns. If your
home page suddenly changes, or you experience advertising pop
ups (which may pop up even when you are not hooked up to the
Internet), you should run a Virus, Spyware or Adware scan.

Thanks to the efficacy of these protection programs, pharming is
a lot more difficult than it used to be. It isn't as easy to
hijack a computer as it once was.

So, the "pharmers" have teamed up with the "phishermen" to get
you to visit the bogus web page yourself, and enter all the
information they need.

PHISHING TO CATCH YOU ON THE PHARM

As Bob discovered, the page he had been taken to by the bogus
email message was identical to the ebay logon page. Identical in
every way except for the URL.

Out of curiosity, he checked the URL for the ebay logon by
accessing ebay directly and clicking on the logon link. The two
URL's were nothing alike, except the bogus one did have the word
"ebay" in it twice - just enough to make it look authentic.

By combining the two techniques, the phishermen/pharmers had
avoided the high tech problems associated with downloading a
Virus that could get past his protection software. They had gone
straight for the throat.

Bob's throat.

YOUR ONLY REAL IDENTITY THEFT PREVENTION AND PROTECTION

The only real protection against the pharmers and phishermen is
YOU. There are three things you must consider when you read any
email demanding information:

* Why do they want it? Be extremely skeptical when they say they
have to "update their records", "comply with federal
regulations", or prevent fraud. They are the ones initiating the
fraud.

* Why can't this be done at the website? Why not invite you to
access the website directly and provide this information? The
answer is because the bonafide company doesn't need an update.

* What does the URL look like? Is it a series of subdomains some
of which have the name of the bonafide company? Most likely the
subdomain is set up with a free hosting company.

* Have they provided partial information about you as a
guarantee that the email authentically comes from the legitimate
source? Be very careful of this one. This technique is effective
for "pretexting", impersonating a person or company, and was
used in the Hewlett Packard scandal to collect information. Just
because they know your first and last name (and any other
information - known only to the legitimate source) doesn't mean
the email is legitimate. They probably hijacked the information
off the server.

THE BOTTOM LINE

The bottom line is: don't provide any information at the behest
of an email, no matter how authentic it looks, or how authentic
the page it directs you to looks. If you must log in, do so at
the parent site itself.

Your Identity Theft prevention and protection is, in the final
analysis, up to you.

Don't be the next sheep fleeced by the pharmers who caught you
with the phisherman's hook. Being dropped naked into their
frying pan is NOT a fate you want.

About the author:
John Young is a writer with a scientific and technical
background living in California. At the age of 62, he is the
father of four, grandfather of 13, and lives with his wife and
cat "Bear". Please check out his latest book on Identity Theft
http://www.youridentitystolen.com For some suggestions on Fire
Walls, Virus, Spyware and Adware protection software visit his
"California Software Shop" at http://www.pcreveal.com

Pharming

Author: Josh George

Article:
Even if everyone knew exactly what they wanted and where to get
it on the Internet, they would not be safe from this. While anti
virus solutions and computer protection software are evolving to
identify these scams, many are still evading Internet security
solutions. These scams can affect everyone and can be summed up
in one word: Pharming.

While you have probably heard about pharming as well as the
dangers that come from surfing to sites containing pornography,
warez (illegal downloads) and other underground-related sites,
pharming can virtually affect any topic of any industry. As long
as sensitive information can be extracted from you, pharming
scams will be developed. After all, people can act like lemmings
on the Internet; one by one, they will stumble into the pharming
scam and do exactly what the scam artists want them to do. So
you're probably wondering what pharming is and how it can
compromise your computer protection and Internet security.
Simply put, it is like an evolved form of phishing. Instead of
the scam artists trying to convince you to visit a fraudulent
site, they just build tons of fraudulent sites and let you visit
them through redirection tactics. While the details of these
redirection tactics are beyond the scope of this article, it is
important to know that financially-related websites are the
primary targets of pharming scams.

As you can understand, it is extremely difficult to identify
pharming scams because you have no idea when you visit one. But
is this really the case? For many, the warnings literally pop up
in front of their eyes, but they have simply trained themselves
to ignore the computer protection and Internet security signs.
The question is, are you one of these people? Answer this: have
you ever browsed to a place where you are greeted with an
Internet security warning stating you just entered a site with
an unsigned certificate? If you have, did you simply agree to
view the site and not even bother to wonder why there was an
unsigned certificate Internet security warning? Well, that
warning box could mean the loss of your identity if you are not
careful enough. For scammers to set up these pharming websites,
they try to duplicate every aspect of the real site as possible,
including the certificates. If you ignore these unsigned
certificate warnings and enter your personal information, you
literally send it all to the scammers. To help identify these
scams, click File > Properties in your browser and make sure the
website is an actual domain name instead of an IP address.
Simply looking at the address bar of a pharming site is not
enough, for scammers have ways to cloak it. Also, make sure that
yellow lock is in the bottom right-hand corner of your browser
window. That lock signifies SSL, which means your information is
being transferred over a securely encrypted channel.

When it comes to additional computer protection and Internet
security, grab a free legitimate anti-phishing tool bar. Also
make sure to install the most current updates for your anti
virus software. In the end, remember Internet security and
computer protection means using common sense and judgment when
surfing the web. For any sites that require you to enter
personal information, make sure you analyze the website like
discussed above. In spending the additional time it takes to do
this, you will dramatically increase your computer protection
and online security, all without spending a penny.

Article provided by: http://www.particlearticles.com

About the author:
Josh George has been an active member in the computer security
and Internet security community since 1998. He has made many
presentations to groups that involved members from the FBI, DoD,
and NSA and hopes to now help personal and small business users.

This is so cool

I'm mobear410!

This is the 3D me.
Make your own,
and we both get Coinz!

I just had to share this. Isn't technology kool?