What Malware Can Do

If you own a small to medium size business you need to be aware of malware. Also called spyware, malware is a devious software program that covertly installs itself on your computer and then performs secret tasks without your permission or knowledge. Malware and spyware used to secretly observe and log web surfing habits of computer users and spawned other programs such as adware, Trojans and worms. However, malware has evolved to do much more harm than observe your web habits.
Chances are your business uses computers and in turn employees will be on the internet. The web has become integral to how society and business operate today and it is essential to know the dangers that lurk in this Wild West frontier. Malware can invade your computer system a number of ways including emails, game demos, MP3 players and just about anything you download from a web page. Anyone in your office has the ability to unknowingly download a malware program and when this happens you may not know until the damage is done.
Malware can be programmed to do a number of tasks in your operating system but the most common functions include stealing personal information, overloading your browser with pop-up ads, spamming your inbox with advertising mail, slowing down your internet connection and in some cases crashing your system. These are only the basics of a malware program and a more serious hacker can create a program that can use your computer as a cloaked server, essentially making your computer a dummy for their own personal use. From this server they can do any number of illegal activities including credit card fraud, identity theft and broadcasting adult videos. This is a serious issue because when the authorities look for the culprit guess whose computer they are led to... yours.
Banning the use of the internet is not a realistic solution. Without access to the web you are going back to the dark ages and will suffer from lack of information. However, there are programs you can install that will protect your system from malware and also block sites that are known to download such viruses. You also need to make employees aware of guidelines for using the internet.
Opening emails from senders you don't recognize is a big no-no as is visiting sites that are used for gambling, pharmaceuticals and adult entertainment. What employees do on their own time is their business but when on the clock at your company they need to know the damage that can occur from their web browsing habits and that they are liable if found to be the cause of malware infecting your system.

Top 6 Tips to Avoid Identity Theft While Shopping Online

Online shoppers are getting savvy these days and they expect the online shopping experience to be seamless. However, malicious programs that steal your personal information have grown from 1 million in 2007 to about 130 million. On top of that, there are almost 12 million identity fraud victims in the US, annually. How can you avoid being a victim? Keep yourself safe online while shopping by using these 6 tips for avoiding identity theft.
Avoid the Lure
Phishing is a term I'm sure you've heard before, but what does it really mean? Just as a fisherman will bait his hook with a tasty worm, so will cybercriminals bait e-mails with tempting offers in an attempt to have you divulge sensitive information such as usernames, passwords, and credit card details. The "bait" is a malicious link in an e-mail that leads to a spoofed website. Avoid getting caught by not clicking any links in the suspicious e-mail, by not giving out any sensitive information via e-mail, and by looking in the lower left hand corner of most browsers. There you can find a preview of where the link will take you.
Get Protection for Your Computer
An unprotected computer can be infected by malware in as little as five minutes while connected to the Internet. Protect your computer and yourself by purchasing anti-virus software. Free anti-virus software is better than nothing, but go for a paid product that performs automatic scans and updates its threat database several times per day.
Use OpenDNS
Every website has a human-readable web address (like http://www.google.com ). It also has a computer-readable address, known as an IP address (74.125.30.105). Your ISP's DNS server does the translation. What it doesn't do is protect you from phishing. OpenDNS blocks phishing websites from loading on your computer using data from Phishtank, a community site.
Create Strong and Unique Passwords for Every Site
Check out this list of the most hackable passwords on the internet:

• password
• 123456
• qwerty
• Pet Names
• Place of Birth
• First Names (of family members or partner)

I am going to show you how to create a very strong password and it will be easy to remember. Create or pick a random sentence, now remove the spaces from the sentence, and then begin to change letters for numbers and change capitalization. In this case, an example is worth a thousand words:

• An example is worth a thousand words - My initial sentence
• Anexampleisworthathousandwords - I've taken the spaces out
• An3xample1$worth1oooWurd$ - Now I'm substituting numbers and symbols for letters
• N3xmple1$worth1oooWurd$ - Continue the process until you have a strong password
• An online password checker rated this as "Best" (the highest rating available).

Find the Padlock
Locks are great for protecting valuable items from theft, which is why you should always look for the padlock in your browser while shopping or banking online. Look in the address bar for the padlock and "https:" prefix. Those items mean that your connection to the website is encrypted, usually with 256 bit encryption.
Avoid Public Networks
Public networks don't encrypt their connection so a cyber criminal could be intercepting your passwords and credit details. Save your online shopping for when you are on your own secured network at home.
Avoid the crowds and hassle by shopping online but be smart. Put these 6 tips into practice to enjoy a seamless shopping experience and avoid becoming a victim of identity theft.

5 Tips to Ensuring You Have Secure Passwords Online

In our modern world today, we use passwords for everything.
No doubt you have your favourite, however with increasing security breaches across many big web portals it's critical to ensure you protect yourself as best as you can - without going crazy or paranoid of course.
The very real worry is that the breach of one website exposes your details, particularly username - normally an email and your password - to a vast underworld for sale. You may be thinking, "So what, it's just one site and probably not important", however what are the odds that same email and password are used not just at one other site, but likely at 5 other, 10 other, ALL other websites you use?
So what can you do to minimise the risk as much as possible of either your password being guessed, or otherwise it being hacked and tried on other sites you may have accounts on?
Create Secure Passwords
According to SplashData's annual report of the 25 most common passwords thankfully 'password' is no longer the most popular. Unfortunately the next popular is now number 1 - '123456′...
Microsoft has an excellent page on information and tips on creating secure passwords.
Among the tips, a strong password:

• Is at least eight characters long.
• Does not contain your user name, real name, or company name.
• Does not contain a complete word.
• Is significantly different from previous passwords.
• Contains characters from each of the following four categories:

Character category
Examples
Uppercase letters
A, B, C
Lowercase letters
a, b, c
Numbers
0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Symbols found on the keyboard (all keyboard characters not defined as letters or numerals) and spaces
` ~! @ # $ % ^ & * ( ) _ - + = { } [ ] |:; " ' < >,.? /
In creating a new secure password, substitute numbers for letters. For instance instead of 'Monday Tonight' as a password, you could use 'M0nd4Y_2N1t3′ or something similar.
Two Factor Authentication
This is slowly becoming more widely used. First you use your password, but second you have a challenge question, like "What is your Mother's Maiden name?". Other Secondary Authentications can include a code sent to you phone via SMS - so this immediately adds a further layer of complexity towards hackers breaching your security.
There of course is still the question of hacking a site via a backdoor (ie not via the normal above routes... )
Create Unique Passwords
This is the tricky part, to be secure, don't use a password more than once across your sites.
That's the official recommendation and while definitely true, we'd prefer to recommend scales of passwords.
For Instance:
Critical Passwords: Internet Banking, Perhaps Social Media - Create Unique Passwords
Medium Passwords: Online Stores that Store Your Credit Card Info - Create Similar, but maybe slightly changed passwords
Everyday Low Risk: Logins to Forums, Basic Online Stores (that Don't store card details) etc... - Use the same password.
An Online 'Black Book'
Another tip is to use a password storage service, these can integrate with browsers and websites and some can even integrate across platforms.
Some good ones include:

• LastPass
• Password Genie
• SplashID

There are others, but note, do your research as some have also been targeted with hacking attacks...
While we have passwords, unfortunately we will have hackers and they will win some battles. But as long as you mitigate your risk as best you can you go a long way to protecting valuable money and data.