Common Internet Security Mistakes
My generation grew up during the rise of the internet right? Time and time again I witness some of the most pathetic excuses listening to why people lost their email account. The internet is powerful, but also very dangerous. I'll just list a few things I noticed that I wanted to mention.
- Responding to messages from random people.
- Is this a joke? Did anyone teach you this? Don't respond if you don't know them / they look suspicious. People responding to these fake emails is just embarrassing.
- Falling for "spoofed" emails.
- Wait, UPS sent you a package? They want you to download the shipping tracking information in a ZIP file? That doesn't seem right. You only view tracking information in a browser, not in a downloadable file.
- Remember, hover over the links to see where they go. If they go to xxx.tsif.gr then don't click on it.
- Traversing the "scum" of the internet without virus protection.
- MACs are a bit lucky here. Windows still holds around 95% of the market share, so it makes no sense to develop viruses for Mac or Linux. So Windows users are naturally targeted. If your browsing the web illegally, then know that viruses will be out there. At least have the common sense to install an anti-virus program. (Recommendation: Avast!)
- Fake "Download Movie" links.
- You aware aware that movies are like 300MB to 8GB in size? That means an EXE file that is 2MB in size is not your movie. Do not download or execute that :/ Doing so will surely turn your computer into a zombie for some lad.
- Falling prey to those "bad" FB apps.
- This isn't AIM of 1999. There is no "buddy profile" or profile counter. That feature is reserved for the higher entities of Facebook. Any application that says it can provide that functionality is simply lying in order to spam all your friends. See my previous post about this here: http://connortumbleson.com/2011/05/facebook-and-the-top-profile-viewers/
- Using the same password everywhere.
- You do know there are programs out there that can check your current username/email and password at the most popular websites. I'm not asking you to memorize 500 passwords, but make a tiny hierarchy of passwords. Anything secure like banks and emails should have different passwords. Then use the same password for things you don't care about. It takes one of your passwords to be stolen and then "brute-forced" into all your other accounts.
- Simply stealing an email account can be used to "password recover" accounts at various websites. Imagine if you lost control to your email and all the websites you signed up using it. That can simply lead to a stolen credit card or identity.
- Free WiFi hopping.
- "I don't have unlimited data, but wait here is an open WiFi network." ~ This is a very rare occurrence, but I have seen it nonetheless. Some nifty hackers will place temporary routers in popular public places in hopes that phones and laptops auto connect to it and begin connecting and broadcasting their information to various websites.
- (Hackers can also just hook into un-secured networks and log all data in whats known as a "promiscuous mode").
- These hackers might log data and send it back to themselves hourly.
- Websites that don't take advantage of the HTTPS protocol might have their data sniffed and stolen.
- So be careful. (As a Proof of Concept), I sat in an Applebees, and logged all data on their public WiFi for the course of my meal. Went home and looked at my download. Lots of Facebook log-ins, and tons of email log ins. I had all I needed to steal some accounts, fortunately I deleted all the data and did it simply to prove a point.