Posts Tagged 'passwords'

Protect those Passwords

Everyday my inbox is full of spam. Thieves always want to get their hands on my passwords. To the untrained eye some of them look legit. Seemingly trustworthy domains with alarming subject lines “account compromised” log in now to secure you account. The scammer hopes you ignore common sense and click on the link embedded into the body of the email that clearly links to some foreign website that will ultimately compromise your account.

Don’t be dumb. Never click on links in your email. Oh but it’s a survey from your bank? WELL then it must be legit. Or maybe it’s Blizzard emailing you about your warcraft account. Someone has changed your password it claims? Well you’d better log into that Russian website and fix it right away!

If you ever are concerned about an issue. Close you email. Update your anti-virus and run a full scan. Go to the actual website yourself, ensure that the little lock is on the bottom right, and that the URL is accurate, before you start typing in anything. Then you should be able to ensure your account is secure. Don’t be fooled. Protect those passwords.

Women more likely to give out personal info

According to Infosecurity Europe, 10% of men — but 45% of women — were willing to give personally identifiable information to a complete stranger when approached outside Liverpool Street Station in London.

But, wait, it gets worse: The fake researchers asking for the information were offering chocolate bars as an incentive to participate.

‘This year’s survey results were significantly better than previous years. In 2007 64% of people were prepared to give away their passwords for a chocolate bar, this year it had dropped to just 21% so at last the message is getting through to be more infosecurity savvy. The researchers also asked the office workers for their dates of birth to validate that they had carried out the survey; here the workers were very naïve with 61% revealing their date of birth.’ (link)

Security vendor discovers database of stolen FTP usernames and passwords

A fresh discovery by security vendor Finjan Inc. provides yet another example of how easy it is becoming for almost anyone to find the tools needed to break into, infect or steal data from corporate Web sites.

The San Jose-based vendor announced today that it has uncovered an illegal database containing more than 8,700 stolen File Transfer Protocol server credentials including usernames, passwords and server addresses. Anyone can purchase those credentials and use them to launch malicious attacks against the compromised systems.

The stolen credentials belong to companies from around the world and include more than 2,500 North American companies, some of whose Web sites are among the world’s top 100 domains, according to Yuval Ben-Itzhak, Finjan’s chief technology officer.

The FTP credentials would allow malicious hackers to break into and upload malware of their choice to compromised servers literally with a click or two, he said. “You could pick any server you wanted in the list, pay for it” and launch an attack with very little effort, Ben-Itzhak said. (ComputerWorld)


Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 29 other followers

Technorati – Blog Search

Add to Technorati Favorites

submit express