In continuation of discussion on safe email practices...
Safe Email Practices
• Don’t open email attachments unless you know what they are. They might contain trojans and viruses which would install in your computer without your knowledge.
• Avoid logging into the system using administrative user id’s.
• Don’t open, forward or reply to spam or suspicious emails; delete them
• Be aware of sure signs of scam email.
Asks for personal or financial information
Asks you for password
Asks you to forward it to lots of other people
• Don’t click on website addresses in emails unless you know what you are opening.
• Use official emails which are encrypted to communicate confidential information. Remember the free emails (yahoo, gmail, hotmail) transmit plain text and can be easily intercepted.
• Use antivirus and firewalls and update them regularly.
• Most hackers target windows based systems. Mac and Linux desktop’s are hard to break in.
How Do I Recognize Phishing?
• Phishing is a type of email or instant message scam designed to steal your identity.
• Phishing is the act of attempting to fraudulently acquire sensitive information, such as usernames, passwords, and credit card details, by masquerading as trustworthy entity in electronic communication using email or instant message.
How Can I Safeguard Against Phishing?
Don’t click on links in email or instant message.
Don’t cut and paste link from questionable message into your Web browser.
Use antivirus and firewalls and update them regularly.
Don’t email personal or financial information.
Guide lines to create strong password
“Password strength” is a measure of the effectiveness of a password in resisting guessing and brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to correctly guess it. The strength of a password is a function of length, complexity, and randomness.
The link from Microsoft gives you a better idea on creating a strong password.
Social Networking Users Put Themselves At Risk
So, you're wondering, how exactly do identity thieves steal your personal information from your Facebook or Myspace page? That is a common question and one that's not too obvious to people who aren't computer nerds.
Research shows that the networking sites tag each user in order to access the user's personal profile necessary for the operation of the site. The problem comes in when third-party tracking sites obtain the user's tag and tracks the user.
This happens quite easily when a social networking site communicates with third party tracking sites through banners placed on the user's screen; this also communicates the users tag. The third party now has the user's tag and access to their personal profile.
To prevent identity theft, follow these tips:
Don't list personal information like your home address, phone number, or birthday
Use the network's privacy controls
Restrict your personal information only to your closest friends
Use browser security to refuse third party
Bruce Schneier explains it pretty well in the blog how hackers get your info.
URLs that might be of your interest related to ID theft -
1. Social Networking Sites: Safety Tips for Tweens and Teens
2. If you are scammed, visit Federal Trade Commission’s Identity Theft website. Not sure if they have one in India.