How To Protect Sensitive Information Online

Do you know that your email message can be intercept, read and modify before reach its destination? Businesses face more security challenge to manage their confidentiality and make transactions. Sensitive information such as bank ID, new agreements or personal records getting into the wrong hands can have huge and costly effects on consumers and businesses.

As business person, you should know if your data is safe or in danger to be hacked …even at one click to be disclose all your confidential information. One solution are encrypted messages. Encryption enables you to send a message in a code into random series of characters with a secret private key to make it secure for transmission.

The only person, who can view the information or email, has the right private key…the info was converted with algorithms, and then everyone else will see just letters and numbers. It can be encrypt: hard drivers, attachments, digital signatures, folder security, laptops, removable media, file transfers, email, IM (Instant messaging).

One of the popular protocols for encryption is PGP, a cryptographic software package published in 1991 by Phil R. Zimmermann. The easiest way to use encryption is to purchase an email server/business application that incorporates some form of encryption technology. XGen Plus email server, for example, provides PGP - Pretty Good Privacy. A public-private key cryptography system used to easily integrate the use of encryption in users tasks, such as electronic mail protection and authentication, and protecting files stored on an email server.

How does encryption work? According to US-CERT National Cyber Alert System

1. Obtain the public key for the person you want to be able to read the information. If you get the key from a public key ring, contact the person directly to confirm that the series of letters and numbers associated with the key is the correct fingerprint.
2. Encrypt the email message using their public key. Most email clients have a feature to easily perform this task.
3. When the person receives the message, he or she will be able to decrypt it.

Every company has different needs, before purchasing any application; you should make sure that the offering suits your security requirements, verifying the company risk profile and take a decision.

Cybersecurity Report 2010

Resource: 2010 MAAWG Email Security-Awareness and Usage Report

Are you aware that there are malicious viruses that can control your computer without your knowledge and maybe use your computer to spread spam or steal your personal information just with one click email?

Half of email users in North America and in Western Europe have opened or accessed spam and large proportions, representing tens of millions, have taken action like clicking on links or opening attachments that could leave them susceptible to their computers being infected.

Furthermore, nearly half of those who have accessed spam (46%) have done so intentionally – to unsubscribe, out of curiosity, or out of interest in the products or services being offered.

In addition, many users do not typically flag or report spam or fraudulent email. Younger users both generally consider themselves more experienced in terms of email security but also are more likely to engage in risky behavior, such as opening or clicking on spam.

Preventing and identifying spam

If they were to become infected with a bot, email users are most likely to say they would rely on their anti-virus software to alert them (66%). Majorities also say that they would know that they have a bot if their computer wasn’t functioning normally or was running slowly (52%) or if they noticed a program that they hadn’t installed (52%).

More than four in ten say that they would know that they had a bot if their friends told them that they had been receiving spam from their email address (45%) or if unusual error messages appeared (43%).

Roughly a third would recognize that their computer had a bot if their credit card company or bank notified them of suspicious account activity (37%), if they noticed corrupted files (34%), or if a lot of pop-ups appeared (33%). One in twenty (5%) would look for other indicators. However, nearly one in five (19%) say that they are unsure as to how they would recognize a bot.

For business is a critical task prevent virtual attacks to keep safe their confidential information and message exchange. Companies should use an Enterprise email server www.xgen.in and anti-spam email privacy technology www.spamjadoo.com to protect against Denial of Service attacks to ensure stability of your messaging network and optimize message flow.

10 Effective Tips to Reduce spam

81% – The percentage of emails in 2009 were spam (McAfee), means 72.9 trillion. These emails going to your junk folder where they are never opened or your inbox to make you waste your time and exposed to non-desire spam, fraud, virus, advertisement and a possible hack.

So here there are some tips to reduce the spam:

1. Don’t give your email address in every site. Be careful to who you give it, even cards. Companies create database with your information and preferences, and it is fine…but there is the possibility that your e-mail address can be sold to a spammer and you will receive unwanted messages.

2. Don't click links in spam messages. If you receive a junk email with instructions to unsubscribe, and don’t want to receive anymore, do not follow the instructions for unsubscribing. Usually, with one click you are confirming your email address.

3. Be selective with your Internet Service Provider (ISP). Use an Internet Service Provider (ISP) that blocks unwanted Spam email. In Rajasthan or North India, Data Infosys Ltd.

4. Use software to block email suspected to be spam, If you have business, act like a business person and take serious your virtual communication.

5. Disable the automatic pictures in HTML messages. Spammers use it to track if you open the message when the graphic is downloaded. Set this option.

6. Read and use privacy setting on social networking sites. Normally social websites let you set who can access or see your email address, use your privacy rights.

7. Check the privacy policies or statement of Web sites. In internet there are useful info that you want to receive, but before subscribe to any newsletter verify how they plan use your email, If they do don’t specific how…better decline your request.

8. Don’t reply messages with personal information. If your bank or whatever company asks you, never reply. Most legitimate companies will not send that kind of an e-mail. Can be a spoofed e-mail message to make a virtual attack like fraud.

9. If you need connect to your clients or suppliers, use a contact format in your website. Use one public email address for general communication or better use an Anti-Spam application, that will give you more freedom to interact with your potential clients or any person related with your organization.

10. Don't spam other people. Don't forward every chain e-mail messages. Be good friend, because everyone can see the email address and use for other purposes. Or use BBC (Blind Carbon Copy) if you really want send the message to a lot of people.

Unless that you use a business tool to eliminate spam, there is not alternative to don’t see more spam in your email. But surely the previous tips will help you to deal with the spam and reduce it. I hope so it will be useful for you.

http://www.spamjadoo.com/ More corporate info to remove completely the spam.

FIFA World Cup fans-Hackers target

Special celebrations move our emotions as FIFA World Cup, football is a worldwide passion for kids and adults. Hackers are not the exception; they are following closely this event and take advantage to expand their criminals’ attacks.

The Brazilian soccer coach Dunga, who was given a black eye by an angry fan, has been used as a fishhook to break into emails and extract information for banking fraud, through a junk email which looks like a Brazilian newspaper with links to corrupt websites.

On the other hand, different companies modify their logo or website appearance to be part of the global football celebration, occasion that are used for cyber criminals for phishing, then they redirect the original website into others fake but alike websites. There are few days left for the world cup end, but we should be alert because the malware arise to get more victims.

What to do?

• Install anti-spam software, I recommend SpamJadoo validated by IBM.
• Don't give your email address deliberately, check privacy policy if you are going to subscribe to any website or newsletter.
• Don't click links in spam messages, even open it if you don’t know the sender.
• Be alert and watch details, usually fake websites can have for ex. grammars mistakes or different colors.

Feel free to contact me for more information to avoid becoming a victim of phishing or exchange info.

How online security can affect your business?

At least 31% of companies have been hacked according with a survey of IT professionals at the Infosecurity Europe 2010 conference.

Business email communication has been crucial to stay connect with the world. New technologies are launching every year and at the same time dishonest people take advantage, producing negative effects in companies’ operations.

One day you open an email from a known person and suddenly your system information is erased, just with one click. What happened? For you is a daily task, but something is wrong with it, usually you try to contact your email server but they don’t reply, you just find instructions and help link, for you is incredible fix your problem with an automatic machine, from one step to another try to find the right answer. All your contacts, company files, emails are not longer with you. The virus scope could be from denial of access email to substantial financial lost. Have you heard stories about it? or maybe you have been victim yourself.

Then, what happened? You received an email from an known person..mmm WRONG…You receive an e-mail with a header that appears to have originated from someone known than the actual sender (Email Spoofing), it can be done by spammers. There are a lot of cases every day, also like phishing.

“A hacker broke into part of Russian security company Kaspersky Lab's new US support website. The hacker could have accessed about 2,500 customer e-mail addresses and perhaps 25,000 product activation codes. “

But what are the treats that your company is exposed on internet? Here I am going to refer two issues which affect companies negatively:

Invasion of privacy

Internet is open but supposedly your email account is confidential…you still think so?

• E-mail messages are generally not encrypted, means not exist confidential information.
• Despite deletion from the mailbox, your message can be stored on a server.
• Your message can be read and modified, it is relatively easy for others to intercept and read messages, even before reach its destination.
• Someone breaking into your system and altering files s or using it to attack others.
• And more repercussions…

Companies have to be careful to choose an email server and ask for every details rather than a free one. NEVER use a personal account for business related issues, better get a service from an Enterprise email server like XgenPlus with encrypted messages to make secure and truly confidential your message exchange and transactions.

Phishing

Mostly victims are targeted through email account, banks websites or any online payment services. Basically identity theft, they can take your complete information to use your credit card information and making unauthorized purchases. Contact your friends, clients, suppliers…a valuable database used to malicious purpose, reflecting in big looses for your company.

People can take steps to avoid phishing attempts by slightly modifying their browsing habits, learning to recognize phishing attacks, not trusting any hyperlinks in the suspected phishing message. Now in the market are anti-spam anti-virus applications like SpamJadoo who let you prevent and detect truth senders through challenges response and more techniques developed to make business safe from virtual attacks.

Usually we give enough information to criminals to perform attacks and we are not aware about it. Every day you can find new mechanism to avoid all these kind of risks, is better prevent than solve a big problem and suffer consequences. Be informed.

What you have to know about Cyber Security- Basic level-

How much of your business or personal information do you keep on your computer or internet network? Remember that internet is a public platform where all your information can be display and easily find; your job, family, friends, past, hobbies...providing enough information to be a potential victim of a virtual or even physical attack.

Cyber security implies protecting that info by preventing, detecting and responding to attacks. No one is excluded from big companies to normal persons. Have you heard the case where hacker leaks data about the finances of Latvian banks and state-owned firms to Latvian TV or maybe more familiar for you “a hacker had stolen my credit card information and now I have been charged with unauthorized purchases”.

Well, to minimize the risk, the best defense is to be aware of all the threats, recognize how prevent, but first know some basic terms:

• Hacker, attacker or intruder: It is common used is to describe computer criminals, an expert at a particular programming language who accesses a computer system without authorization.
• Malware: is software designed to infiltrate a computer system without the owner's informed consent.
• Spam: Unsolicited e-mail, sent indiscriminately to multiple mailing lists, advertising everything from pornography and phoney charity scams to dodgy get-rich-quick schemes and free websites.
• DoS: Denial of Service
• Trojan Horse: A program that appears to be legitimate but is designed to have destructive effects, as to data residing in the computer onto which the program was loaded.
• Virus: Reproduces itself by attaching to other executable files.
• Worm: Self-reproducing program. It creates copies of itself. Worms that spread using e-mail address books are often called viruses.
• Phishing: is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details.

Our style of life is integrated to new technologies and deeply with internet, is part of us. The first step is to understand the risks implied, recognize the basic terms and what to do. As worldwide citizen we should collaborate with more people to decrease the virtual attacks to make internet a safer network to share and exchange information.

Facebook Fraud Risk…Are You Safe?

“Hackers have flooded the Internet with virus-tainted spam that targets Facebook's estimated 400 million users in an effort to steal banking passwords and gather other sensitive information”

Reuters, 18th Mar 2010.

One recently case about billions that happen every year but aren’t exposed, internet is an open and free channel to share, do business and pass time, is part of our professional and personal style of life. This kind of fake email are sending every day to your junk folder…and also received in your inbox, having high probabilities to download several types of malicious software, including a program that steals passwords.

What can we do to avoid this risk? In the case of Facebook, they warning users to delete and warn their friends…but if it is not a famous and big company around the world. How do you recognize if it is your real bank or Facebook email? The hackers are specialist to imitate the design of any organization and easily make you victim of an internet fraud, take or damage your sensitive information.

What do you think if you receive an email like "Facebook password reset confirmation customer support"? is Facebook…so you trust them, many people were victims and opened the malware. The same happen with 200 billion emails sending per day on Internet. Spam is not just to lose your time and productivity, also represent risk to be victim of frauds.

Now, you have to options: let your email server like hotmail, gmail, yahoo or others work with their low levels of anti-virus and anti-spam regulations or find a professional solution to prevent and protect your confidential information.

For more information about how stop to get spam and decrease risk of virtual attacks, contact me.