This blog is continuation of security threats exposed and experienced by beginners, infrequent internet users or those who spends much time on social network without appropriate security concerns.
- Protecting Personal Information
Refers to any information that can personally identify you, such as your name, address, phone numbers, your schedule, bank account number, credit card account numbers, family members’ names or friends’ names.
Consequences: Finding this information is often the goal of hackers looking to steal your identity or your money.
What to do: Treat your personal information with the utmost confidentiality on the Web. Don’t send personal information over e-mail or IM. Remember, once you send an e-mail, you no longer control the information in it. It can be forwarded to other people without your knowledge or consent. Keep your personal information private
- Information Construing through Social Networking Sites
These are Web sites, such as Facebook where users build online profiles and share personal information, opinions, photographs, blog entries, and other media to network with other users or to find new friends
Consequences: Social networking sites have become targets of online predators, spammers, and other dangerous forces on the Web.
What to do: Keep in mind that the Internet is a public resource. Only post information you are comfortable with anyone seeing and we do mean anyone—your parents, your grandparents, your siblings, your teachers, your employer, even potential employers.
Note that even if you remove information after posting, that same information may still be living on other people’s computers or networks.
Don’t post information that would make you vulnerable to a physical attack, such as your address, your schedule or where you will be meeting friends this weekend.
Be careful of people you meet on the Web. The Internet provides people with a certain amount of anonymity. The Internet makes it easy for predators to pose as something they’re not.
- Saving password on Webpage/Cookie
Cookie is a small data file that a Web site installs on your computer’s hard drive to collect information about your activities on the site or to allow other capabilities on the site. Web sites use cookies to identify returning visitors and profile their preferences on the site. For example, many online shopping sites use cookies to monitor what items a particular shopper is buying to suggest similar items. Many Websites provide options to save password on Webpage to avoid re-typing it every time you access the website.
Consequences: If anyone else get access to cookie or same webpage in your absence, your account is compromised and identity stolen.
What to do: Never save password on Web page. Always deselect “Save password” or “Remember Me” option which is selected by default in many of the cases.
- Insecure or un-encrypted data transfer on Internet Sites
All legitimate websites transfers sensitive information e.g. password authentication, financial and personal data in a secure way on their websites.
Consequences: Sending data on internet without encryption or in plain text is subject to intercept easily and stealing information/identity.
What to do: Ensure that you are providing information on a secure Website by following way. If you feel website is not secure then don’t type in any information and close the website.
Check the web page URL
Normally, when browsing the web, the URLs (web page addresses) begin with the letters “http”. However, over a secure connection the address displayed should begin with “https” – note the “s” at the end. E.g. https://www.linkedin.com/
Check for the “Lock” icon
There is a de facto standard among web browsers to display a “lock” icon in the address bar.
For example, Microsoft Internet Explorer displays the lock icon at the right of the address bar. Google Chrome & Mozilla Firefox displays the lock icon at the left of the address bar.
- Closing Web page without “Log Out”
When logging in to a web service, a cookie is planted in your browser. This cookie has a unique ID value that identifies you while you’re using the web service, and, possibly, when you come back later without asking for your credentials.
Some sensitive web services (banking, government websites, insurance companies, etc.) have a short session time which then invalidates information stored in cookies. Other sensitive web services (like your email inbox, which basically controls almost all of your other accounts) don’t really invalidate the session that often
Consequences: If you close Webpage without proper logoff and session cookie is still active, anyone who access same webpage after you is granted access to your account.
What to do:
- If you’re using a public computer: log out before closing browser.
- If you’re using public Wi-Fi: log out before closing browser.
- When you have completed your business, and there is no log out button available, you can simply close the browser window. Make sure all of the browser windows are closed. You are now logged out.