How criminals steal your identity online

[FinsnFur]

Criminals look for the weak computers and attack them first. The goal: Steal your identity to use or sell for profit.

Why does it happen? More than 75 percent of computers are not fully protected. Anti-virus software is not installed or kept up-to-date, firewalls are not enabled, and operating systems or other applications are not patched. While the effort required to do this for multiple computers can be overwhelming, the effort is minimal when compared to what’s needed should you have to rebuild and restore your identity, if stolen.

Once the criminal has control of a computer they can browse your file directory and steal documents, photos or other personal information. They can run other attacks such as a keylogger that records your user name and password as you type it. They can install Trojans to perform social engineering attacks (such as fooling you into using an infected USB key) causing you to visit poisoned sites containing viruses. They can also exploit your network and application vulnerabilities using infected PDF files, images, or video and audio clips.

Criminals continue to find new ways to do more damage, with less effort. Now, instead of attacking computers individually, criminals often organize Trojans into “botnets” that automatically collect information from a large number of victims. This information is then sold on the black market and the dollars quickly add up for the criminal.

While the automated attack is lucrative and requires little effort from the criminal, you can keep from becoming their next victim. Take the time to ensure your computer is secure and that it doesn’t have any weaknesses.

This will keep the criminals out and protect your identity.

[pitw]

So what you are saying is if I want to remain me I should just shoot this piece of [you know] computer?

[FinsnFur]

Not at all Barry.
Turn on your Update Notifications, and let it install any updates that are marked as security updates.

Microsoft does a wonderful job of being paranoid for you. When a vulnerability is exposed or security is breached they are on it very quick and your notifications will let you know a patch or update is available.

Same with antivirus software.

Negligence can be devastating.

[pitw]

I don't understand any of that .  If you guys see me somewhere else saying something you don't think I'd say then you'll know I've been cloned[kinda/sorta] .

[FinsnFur]

 :roflmao:  

Do you ever see either one of these icons in the lower left hand corner of the glass TV screen you read the forums through.

[pitw]

Yep.  I just shut my computer off and they usually go away.

[FinsnFur]

ewwwwww boy.

You should click on them and heed their advice. Their notifications letting you know that either an update has been released, which in such case you can download and install it right from there, with a few simple clicks. or that some setting on your computer is less then safe.

[pitw]

OK boss  .   I know a topic we won't be talking about much if I get to pick you up for the LBL eh.

[FinsnFur]

      How to tan furs?           

[KySongDog]

Hey Barry, just type Format C: and all your computer problems will go away.  (along with everything else)   

[Hawks Feather]

Jim,

For a change I have a "serious" computer question.  In one of the recent computer magazines they had an article on keeping your computer safe.  One of their suggestions was to have at least two web browsers.  One that you use for everyday things like hanging out here and another that is used solely for any online banking or credit transactions.  Their reason was that you have a better chance of getting hacked through your everyday browser and if it did happen it would not have the names and passwords for your banking and credit transactions saved in your preferences.  Does that make sense?  The other thing was to make sure that you have secure passwords.  They suggested using passwords NOT like these which were some of the top used passwords.

password
123456
qwerty
abc123
letmein
monkey
myspace 1
password 1
blink182
(your first name)

They suggested using lower case, upper case, numbers, and symbols in your passwords - things like Fins&Fur@&#98jLsITe.  You can go here http://www.microsoft.com/protect/fraud/passwords/checker.aspx  to check and see how secure (or insecure) your password is.  While something like Fins&Fur@&#98jLsITe might be overkill for here, I do have a strong password for any of my online banking or credit transactions.  If you are like me and can't remember something like Fins&Fur@&#98jLsITe and don't want to spend time entering it each time for your bank you can enter it in a word processing document and then just do a copy and past when you need your password.  I would not call the document My Passwords, but maybe something like Aunt Millie letter.  

Jerry

edit:  Thanks for keeping us safe.

[5 SHOTS]

  Maybe they will hack my 'puter and the bill collectors will be after them and leave me alone. 

[KySongDog]

I use PGP encryption, public and private keys, for securing sensitive data on my computer and very strong passwords on any banking or financial site.  Always input the site address directly and never click on a link anywhere. 


http://www.pgp.com/

[FinsnFur]

Jerry,
My opinion is, running two web browsers would certainly have it's benefits, but if your the only one on the machine, you can adjust your browser to warn you if your about to do anything stupid, and even block outside attempts. Or better yet...know what to look for and avoid.

The only thing that would make me skeptical about using two browsers for security is that they are both on the same machine. If they get in, they arent going to care which browser your using or how secure it is, especially if they got in via an email attachment with links.
Yeah they might not get a lot of your passwords if said browser isn't saving them, but why not just set the browser to not save any of them?

I personally use the machine I'm typing this on for everything, from banking, working on the server, editing clients sites from the server, ftp'ing, email, etc.
But with that said, I know where this computer goes and what it does every minute of the day, and when I'm not on it, it's locked up.
I have three other machines in the house that the kids use, which I monitor the systems on very close and still wouldnt think of checking my bank account balance on because I'm not standing over them every second they are on them.


As far as password go. Yes the more difficult a password is to remember or the less sense it makes, the harder it is to crack.
What a lot of people dont realize, and I've mentioned this before is hackers use scripts that literally generate words based off of dictionary words at an unbelievable pace in attempt to guess your password. So in theory a password of coyote12 is about as vulnerable as you can get.
There's a chart HERE that lists the amount of time it would theoretically take to crack a password based on it combination of letters and or numbers, and it's relevance with a dictionary word.
Basically a password made up of four letters can be cracked in 13 minutes or less.

How?

Have you ever been to a site that has a log in panel like the forums here and the minute the page loads, the cursor is flashing in the user name box?
Microsoft did that to be user friendly, problem is hackers are users too.
Hackers love that because they dont have to be present to execute the password guessing script. The cursor is where it needs to be and the script executes itself randomly generating thousands of usernames and password per minute until it makes a match, at which time it alerts the user and he comes and does what ever it was he was looking to do after he got access.
There are scripts available to prevent the cursor from automatically being placed in the login box upon page load, but they arent real common yet.

All in all ...passwords with alphanumeric characters and a minimum of 10 of them for high security is the best way to go.