Cyber Security Plus: September 2013

Monday, September 30, 2013

Tracking of intruder

The information provided on an intruder depends on the levels of tracking that you’ve enabled on your Honey Pot. Common tracking levels include the firewall, system logs on the Honey Pot and sniffer-based tools.

Firewall Logs
Firewalls are useful as part of the overall Honey Pot design for many reasons. Most firewalls provide activity-logging capabilities which can be used to identify how an intruder is attempting to get into a Honey Pot. I liken firewall logs to router logs; they can both be set to trap and save packets of a pre-determined type. Remember that when setting up the firewall, you would normally want to log ALL packets going to the Honey Pot system, as there should be no legitimate reason for traffic going to or from the Honey Pot.

Reviewing the order, sequence, time stamps and type of packets used by an intruder to gain access to you Honey Pot will help you identify the tools, methodology being used by the intruder and their intentions. Depending on the detail capabilities of logging on your firewall you may or not be able to gain considerable information from these logs.

Another useful function of many firewalls is their notification capabilities. Most firewalls can be configured to send alerts by email or pager to notify you of traffic going to or from your Honey Pot. This can be extremely useful in letting you review intruder activity on your Honey Pot.

System Logs
Unix and Microsoft NT seem to have the lion share of the Internet server markets. Luckily, both operating systems have logging capabilities built into their operating systems, which help identify what changes or attempts have been made. It should be noted that out-of-the box, Unix offers superior logging capabilities as compared to Microsoft NT.

Some of their out-of-the box logging capabilities include:

Microsoft NT

Security: Available from Event Viewer
User Management: Needs to be enabled through User Manager
Running Services: Netsvc.exe needs to be manually run and compared to baseline.

Unix

User activity logs: utmp, wtmp, btmp, lastlog, messages
Syslogd: An important option is that it can log to a remote server! The range of facilities and priorities available through syslogd is very good.

There are some tools available that greatly increase the information that can be gathered. Many of the Unix tools are public domain, while many of the Microsoft NT tools are not.

Sniffer Tools
Sniffer tools provide the capability of seeing all of the information or packets going between the firewall and the Honey Pot system. Most of the sniffers available are capable of decoding common tcp packets such as Telnet, HTTP and SMTP. Using a sniffer tool allows you to interrogate packets in more detail to determine which methods the intruder is trying to use in much more detail than firewall or system logging alone.
An additional benefit to sniffer tools is that they can also create and store log files. The log files can then be stored and used for forensic purposes.

What is a Honeypot?

A Honey Pot system is setup to be easier prey for intruders than true production systems but with minor system modifications so that their activity can be logged of traced. The general thought is that once an intruder breaks into a system, they will come back for subsequent visits. During these subsequent visits, additional information can be gathered and additional attempts at file, security and system access on the Honey can be monitored and saved.

Generally, there are two popular reasons or goals behind setting up a Honey Pot:

The general idea is that since a record of the intruder’s activities is kept, you can gain insight into attack methodologies to better protect your real production systems.
Gather forensic information required to aid in the apprehension or prosecution of intruders. This is the sort of information often needed to provide law enforcement officials with the details needed to prosecute.
The common line of thought in setting up Honey Pot systems are that it is acceptable to use lies or deception when dealing with intruders. What this means to you when setting up a Honey Pot are those certain goals have to be considered. Those goals are:

The Honey Pot system should appear as generic as possible. If you are deploying a Microsoft NT based system, it should appear to the potential intruder that the system has not been modified or they may disconnect before much information is collected. You need to be careful in what traffic you allow the intruder to send back out to the Internet for you don’t want to become a launch point for attacks against other entities on the Internet.

You will want to make your Honey Pot an interesting site by placing "Dummy" information or make it appear as though the intruder has found an "Intranet" server, etc. Expect to spend some time making your Honey Pot appear legitimate so that intruders will spend enough time investigating and perusing the system so that you are able to gather as much forensic information as possible.

The information gathered from a Honey Pot system is used for prosecution purposes, it may or may not be deemed admissible in court. While information regarding this issue is difficult to come by, having been hired as an expert witness for forensic data recovery purposes.

Whether hacking organizations will rally against an organization that has set "traps" and make them a public target for other hackers. Examples of this sort of activity can be found easily on any of the popular hacker’s sites or their publications.

What is Intrusion Detection?

Intrusion Detection can be defined as "the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource." More specifically, the goal of intrusion detection is to identify entities attempting to subvert in-place security controls.

Network Based (Network IDS)
Network based intrusion detection attempts to identify unauthorized, illicit, and anomalous behavior based solely on network traffic. A network IDS, using either a network tap, span port, or hub collects packets that traverse a given network. Using the captured data, the IDS system processes and flags any suspicious traffic. Unlike an intrusion prevention system, an intrusion detection system does not actively block network traffic. The role of a network IDS is passive, only gathering, identifying, logging and alerting.

Host Based (HIDS)
Often referred to as HIDS, host based intrusion detection attempts to identify unauthorized, illicit, and anomalous behavior on a specific device. HIDS generally involves an agent installed on each system, monitoring and alerting on local OS and application activity. The installed agent uses a combination of signatures, rules, and heuristics to identify unauthorized activity. The role of a host IDS is passive, only gathering, identifying, logging, and alerting.

Physical (Physical IDS)
Physical intrusion detection is the act of identifying threats to physical systems. Physical intrusion detection is most often seen as physical controls put in place to ensure CIA. In many cases physical intrusion detection systems act as prevention systems as well. Examples of Physical intrusion detections are:

Security Guards
Security Cameras
Access Control Systems (Card, Biometric)
Firewalls
Man Traps
Motion Sensors

Intrusion Prevention
Intrusion prevention follows the same process of gathering and identifying data and behavior, with the added ability to block (prevent) the activity. This can be done with Network, Host, and Physical intrusion detection systems.

Wednesday, September 25, 2013

How to boost your malware defense and protect your PC

Install antivirus and antispyware programs from a trusted source
Never download anything in response to a warning from a program you didn't install or don't recognize that claims it will protect your PC or offers to remove viruses. It is highly likely to do the opposite.
Get reputable anti-malware programs from a vendor you trust.
Windows 8 includes antivirus protection called Windows Defender. It’s turned on by default.
If your computer is not running Windows 8, download Microsoft Security Essentials for free.
Choose security software that is compatible with Windows 7.

Update software regularly
Cybercriminals are endlessly inventive in their efforts to exploit vulnerabilities in software, and many software companies work tirelessly to combat these threats. That is why you should:

Regularly install updates for all your software antivirus and antispyware programs, browsers (like Windows Internet Explorer), operating systems (like Windows), and word processing and other programs.
Subscribe to automatic software updates whenever they are offered for example, you can automatically update all Microsoft software. Windows 8 and Windows 7 turn on automatic updating during installation.
Uninstall software that you don't use. You can remove it using Windows Control Panel.

Use strong passwords and keep them secret

Strong passwords are at least 14 characters long and include a combination of letters, numbers, and symbols.
Don't share passwords with anyone.
Don’t use the same password on all sites. If it is stolen, all the information it protects is at risk.
Create different strong passwords for the router and the wireless key of your wireless connection at home. Find out how from the company that provides your router.
Use our password checker.

Never turn off your firewall

A firewall puts a protective barrier between your computer and the Internet. Turning it off for even a minute increases the risk that your PC will be infected with malware.
Use flash drives cautiously
Minimize the chance that you'll infect your computer with malware:
Don't put an unknown flash (or thumb) drive into your PC.
Hold down the SHIFT key when you insert the drive into your computer. If you forget to do this, click in the upper-right corner to close any flash drive-related pop-up windows.
Don't open any files on your drive that you have not expected to see.
Don't be tricked into downloading malware

Instead, follow this advice:

Be very cautious about opening an attachment or clicking a link in an email, instant message, or post on social networks (like Facebook) even if you know the sender. Call to ask if a friend sent it; if not, delete it or close the IM window.
Avoid clicking Agree, OK, or I accept in banner ads, in unexpected pop-up windows with warnings or offers to remove spyware or viruses, or on websites that may not seem legitimate.
Instead, press CTRL + F4 on your keyboard to close the window.
If the window doesn't close, press ALT + F4 on your keyboard to close the browser. If asked, close all tabs and don’t save any tabs for the next time you start the browser.
Only download software from websites you trust. Be cautious of "free" offers of music, games, videos, and the like. They are notorious for including malware in the download.
Take advantage of technology such as Windows SmartScreen in Windows 8 designed to help protect you from phishing scams and new malware that your anti-malware software hasn't detected yet.

Watch out for fake virus alerts

Rogue security software, also known as "scareware," is software that appears to be beneficial from a security perspective but provides limited or no security, generates erroneous or misleading alerts, or attempts to lure users into participating in fraudulent transactions.

How does rogue security software get on my computer?
Rogue security software designers create legitimate looking pop-up windows that advertise security update software. These windows might appear on your screen while you surf the web.
The "updates" or "alerts" in the pop-up windows call for you to take some sort of action, such as clicking to install the software, accept recommended updates, or remove unwanted viruses or spyware. When you click, the rogue security software downloads to your computer.
Rogue security software might also appear in the list of search results when you are searching for trustworthy antispyware software, so it is important to protect your computer.

What does rogue security software do?
Rogue security software might report a virus, even though your computer is actually clean. The software might also fail to report viruses when your computer is infected. Inversely, sometimes, when you download rogue security software, it will install a virus or other malicious software on your computer so that the software has something to detect.

Some rogue security software might also:

Lure you into a fraudulent transaction (for example, upgrading to a non-existent paid version of a program).
Use social engineering to steal your personal information.
Install malware that can go undetected as it steals your data.
Launch pop-up windows with false or misleading alerts.
Slow your computer or corrupt files.
Disable Windows updates or disable updates to legitimate antivirus software.
Prevent you from visiting antivirus vendor websites.
Rogue security software might also attempt to spoof the Microsoft security update process.

To help protect yourself from rogue security software:

Install a firewall and keep it turned on.
Use automatic updating to keep your operating system and software up to date.
Install antivirus and antispyware software and keep it updated. Windows 8 includes antivirus protection that’s turned on by default. If your computer isn’t running Windows 8, download Microsoft Security Essentials for free.
Use caution when you click links in email or on social networking websites.
Use a standard user account instead of an administrator account.
Familiarize yourself with common phishing scams.

Fix your hijacked web browser

Browser hijacking is a type of online fraud. Scammers use malicious software (malware) to take control of your computer's Internet browser and change how and what it displays when you're surfing the web. If you are already a victim of a hijacked browser, the following instructions can help you free your browser from the hackers, restore browser settings, and boost browser security.

Help free your browser from hackers
Antivirus and antispyware software helps prevent and detect malware. If any malware does manage to bypass your firewall, antivirus and antispyware software will help remove that potentially dangerous software. If you have Windows 8 installed, antivirus software is included with the operating system. You are not required to do anything to set it up. If you are using earlier versions of Windows, Microsoft provides free antivirus software called Microsoft Security Essentials. Many of our partners also offer antivirus software.

Help restore your browser home page
If your home page keeps changing back to another page, this might be a sign that your computer is infected with a virus. After you have updated your computer with the latest antivirus software, restore your browser home page.

To change your home page in Internet Explorer 10
Internet Explorer 10 is the latest and most secure version of the Microsoft web browser.

Download Internet Explorer 10 to help protect your computer against viruses, fraud, ID theft, and other threats.
In Internet Explorer, navigate to the page that you want to make your home page.
Click the down arrow next to the Home icon on the Internet Explorer toolbar, and then click Add or change home page.
Click either Use this webpage as your only home page or Add this webpage to your home page tabs.

Help boost browser security by disabling add-ons
Many browser hijackings come from add-on software, also known as browser extensions, browser helper objects, or toolbars. These items can improve your experience on a website by providing multimedia or interactive content, such as animations. However, some add-on software can cause your computer to stop responding or display content that you don't want, such as pop-up ads. Internet Explorer 10 and Internet Explorer 9 warn you in the notification area of your browser if an add-on is slowing down your computer. You can also view the add-ons that you already have installed and disable the add-ons that you don't want by clicking the gear icon, and then clicking Manage add-ons.

Tuesday, September 24, 2013

Capturing your Bank Account by Accessing to SMS

According to Symantec Corp., mobile phone banking transactions are more vulnerable because of Android malware that eavesdrops on incoming SMS messages and forwards them to another SMS number or server. This sort of data leakage represents a significant risk, both to individuals and to organizations. The potential exists for attacks like these to target Internet banking services that send mobile transaction authentication numbers via SMS. Many banks send authentication codes to your phone via SMS each time you do an online transaction. This means that just stealing a login password is no longer enough for criminals to raid your account. But malware on your phone, such as the Zeus-based Andr/Zitmo (and similar versions targeting BlackBerry) are capable of intercepting those SMS messages.

Consider the following hypothetical scenario. Through a conventional phishing attack, a victim gives criminals sufficient information to allow them to sign in to your mobile banking account and also port your phone number (this has happened). They can now log in to your online bank account while also receiving an SMS containing the second-factor authentication token needed to complete a transaction. Through the use of a malicious Android app that harvests SMS messages in real time and in concert with a social engineering attack, attackers open a brief window of opportunity to steal this token and use it.

Fake Software, unauthorized SMS messages

Today, the most common business model for Android malware attacks is to install fake apps that secretly send expensive messages to premium rate SMS services. Recent examples have included phony versions of Angry Birds Space, Instagram, and fake Android antivirus products. In May 2012, UK’s mobile phone industry regulator discovered that 1,391 UK Android users had been stung by one of these scams.

The regulator fined the firm that operated the payment system involved, halted fund transfers, and demanded refunds for those who’d already paid. However, UK users represented only about 10% of this malware’s apparent victims it has been seen in at least 18 countries. Currently, one family of Android malware, Andr/Boxer, accounts for the largest number of Android malware samples we see, roughly one third of the total. Linked to .ru domains hosted in the Ukraine.

Andr/Boxer presents messages in Russian and has disproportionately attacked Eastern European Android users who visit sites where they’ve been promised photos of attractive women. When they arrive at these sites, users see a webpage that is carefully crafted to entice them to download and install a malicious app.
For example, the user might be prompted (in Russian) to install a fake update for products such as Opera or
Skype. Or, in some cases, a fake antivirus scan is run, reports false infections, and recommends the installation of a fake antivirus program. Once installed, the new app begins sending expensive SMS messages. Many of these Trojans install with what Android calls the INSTALL_PACKAGES permission. That means they can download and install additional malware in the future.

Monday, September 23, 2013

Quantum Computer

A quantum computer is any device for computation that makes direct use of distinctively quantum mechanical phenomena, such as superposition and entanglement, to perform operations on data.

In a classical computer, information is stored as bits; in a quantum computer, it is stored as qubits. The basic principle of quantum computation is that the quantum properties can be used to represent and structure data and that quantum mechanisms can be devised and built to perform operations with this data. Although quantum computing is still in its infancy, experiments have been carried out in which quantum computational operations were executed on a very small number of qubits.

Research in both theoretical and practical areas continues at a frantic pace, and many national government and military funding agencies support quantum computing research to develop quantum computers for both civilian and national security purposes, such as cryptanalysis. If large-scale quantum computers can be built, they will be able to solve certain problems exponentially faster than any of our current classical computers.

Quantum computers are different from other computers such as DNA computers and traditional computers based on transistors. Some computing architectures such as optical computers may use classical superposition of electromagnetic waves, but without some specifically quantum mechanical resources such as entanglement, they have less potential for computational speed-up than quantum computers. The power of quantum computers Integer factorization is believed to be computationally unfeasible with an ordinary computer for large integers that are the product of only a few prime numbers.

By comparison, a quantum computer could solve this problem more efficiently than a classical computer using Shor's algorithm to find its factors. his ability would allow a quantum computer to "break" many of the cryptographic systems in use today, in the sense that there would be a polynomial time (in the number of bits of the integer) algorithm for solving the problem. In particular, most of the popular public key ciphers are based on the difficulty of factoring integers, including forms of RSA.

These are used to protect secure Web pages, encrypted email, and many other types of data. Breaking these would have significant ramifications for electronic privacy and security. The only way to increase the security of an algorithm like RSA would be to increase the key size and hope that an adversary does not have the resources to build and use a powerful enough quantum computer. It seems plausible that it will always be possible to build classical computers that have more bits than the number of qubits in the largest quantum computer.

Saturday, September 21, 2013

Malware and Ransomware

Kits lead to an explosion in malware for OS X and mobile
Given the popularity of mobile computing, we should perhaps be surprised that cybercriminals have taken so long to extensively exploit this field. In 2012, however, we’ve seen the number of mobile threats go up dramatically. As we look at them in more detail, we see the large amount of Windows based malware owes its existence to the easy availability of malware kits in the underground market. In 2013, there is a good chance ransomware kits will take the lead from malware kits. Now the first ransomware kits are being marketed in the underground.

Ransomware continues to expand to mobile devices
Ransomware on Windows PCs has more than tripled during the past year. Attackers have proven that this “Business Model” works and are scaling up their attacks to increase profits. One way ransomware is different from other types of malware such as backdoors, keyloggers and password stealers is that attackers do not rely on their victims using the infected systems for financial transactions to separate them from their money. Instead these criminals hijack the users ability to access data, communicate or use the system at all. The victims are faced with either losing their data or paying a ransom in the hope of regaining access.

One limitation for many malware authors seeking profit from mobile devices is that more users transact business on desktop PCs rather than on tablets or phones. But this trend may not last; the convenience of portable browsers will likely lead more people do their business on the go. Attackers have already developed ransomware for mobile devices.

Botnets and Spam

The biggest threat to botmasters is the unrecoverable loss of their botnets. International cooperation in policing spam, malware, child exploitation, and illegal pills has made that loss a reality for many major botnets over the past few years, and will continue to threaten the proliferation of botnets. When the largest botnets get taken down, then the next largest botnets become the new targets. Botmasters have already reacted to this activity by subdividing botnets and increasing the costs associated with activities that are easily detectable (such as DDoS and spam). It is only a matter of time before botmasters implement fail-safes to reestablish command of a botnet that has lost all of the control servers it usually reports to.

In many cases botnets are temporarily hijacked by whitehat security researchers. Due to possible negative side effects, however, these takeovers do not lead to new commands reaching the infected hosts. There is a massive liability issue associated with the unauthorized remote operation of systems, even with the best of intentions. Pushing new commands to an old Windows machine serving a hospital could turn the PC into a brick and lead to incorrect care or even the death of a patient. Botmasters will take advantage of this reluctance by the good guys to meddle by hard wiring their botnets to reestablish control after a take down.

“Snowshoe” spam will continue to increase
When a shady marketing company approaches your marketing people and tells them that they have a list of email addresses that have already opted into receiving whatever advertising you want to send them, it should set off alarm bells. Unfortunately those bells don’t ring often enough. Well known companies selling products from cell phones to cigars to language-learning software to satellite TV to medical supplies have all signed on with these shady advertisers. The shady companies blast out millions and millions of blatantly illegal spam messages every day from newly rented hosts in hosting companies until they get evicted from their subnets or move on after they have turned those addresses, and sometimes the subnets, into permanently blacklisted wastelands. Recipients have their in boxes bombarded with these spam messages and are unable to opt out of them.

Because this sort of activity is not as malicious as the most newsworthy hacks and malware, this area has been mostly ignored by the authorities. Nonetheless, this practice of snowshoe spamming has exploded during the past two years and is currently one of the biggest problems in the spam world. Attempts by researchers to expose this sort of activity have resulted in threats of defamation lawsuits by the companies using these shady marketers. In that environment, this sort of activity will only continue to increase at the breakneck pace that we have seen.

SMS spam from infected phones
Cell phone providers are working to prevent SMS spam. Their primary method of receiving reports from consumers is for the latter to forward messages to SPAM (7726) on their phones and report the messages so that they can be blocked. An infected phone can also send spam text messages; then the victims face the problem of having their accounts closed by the providers.

Threats to HTML5

HTML5 is the next version of the standard language of Internet browsers. It provides language improvements, capabilities to remove the need for plug-ins, new layout rendering options, and new powerful APIs that support local data storage, device access, 2D/3D rendering, web-socket communication, and many other features. Websites are quickly adopting HTML5 for its richer user experience. HTML5 continues the move to the browser, and away from the operating systems, as the platform to run applications. HTML5-based applications are increasing in number, with major players taking advantage of freedom from app stores and improved cross-browser and cross-device compatibility.

Browsers have long been one of the primary vectors for security threats, and HTML5 won’t change that. With HTML5 the threats landscape will shift and broaden. We will see a reduction in exploits focused on plug-ins as browsers provide this functionally via their new media capabilities and APIs. However, HTML5 will offer other opportunities for attackers because the additional functionality will create a larger attack surface. Powerful JavaScript APIs that allow device access will expose the browser as websites gain direct access to hardware.

One example is WebGL, which provides 3D rendering. Prior to WebGL, HTML content not based on plug-ins was interpreted and rendered by the browser. This provided a layer of technology between the untrusted data on the Internet and the operating system. WebGL browsers, however, expose the graphics driver stack and hardware, significantly increasing the attack vectors. Researchers have already demonstrated graphics memory theft allowing the web application to steal screenshots from the desktop and denial of service attacks using all popular browsers supporting WebGL and popular graphics driver stack providers.

One of the primary separations between a native application and an HTML application has been the ability of the former to perform arbitrary network connections on the client. HTML5 increases the attack surface for every user, as its features do not require extensive policy or access controls. Thus they allow a page served from the Internet to exploit WebSocket functionality and poke around the user’s local network. In the past, this opportunity for attackers was limited because any malicious use was thwarted by the same-origin policy, which has been the cornerstone of security in HTML-based products. With HTML5, however, Cross Origin Resource Sharing will let scripts from one domain make network requests, post data, and access data served from the target domain, thereby allowing HTML pages to perform reconnaissance and limited operations on the user’s network.

Windows 8 is the next big target for Cyber criminals?

Criminals go where the money is. And if this means they have to cope with a new, more secure version of Windows, that’s just what they will do. In many cases they attack the user and not the OS. Via phishing and other techniques users are tricked into revealing information or installing a malicious program. So if you upgrade, don’t rely solely on Windows to protect your system: Remain vigilant and watch out for phishing scams.

Windows 8 should provide improved security against malware and exploits compared with earlier versions of Windows, at least for a while. Now that the underground market for attack and malware kits is much more competitive than three years ago, it is likely that Windows 8 specific malware will be available quicker than Windows 7 specific malware appeared. Systems running the new Unified Extensible Firmware Interface are still vulnerable to MBR-based rootkits, just as previous OS versions were, according to one research company. On the day of Windows 8’s release, the firm announced for sale to its customers the availability of a zero-day vulnerability that circumvents all new security enhancements in Windows 8 and Internet Explorer 10.

Big-Scale Attacks
Destructive payloads in malware have become rare because attackers prefer to take control of their victims’ computers for financial gain or to steal intellectual property. Recently, however, we have seen several attacks some apparently targeted, others implemented as worms in which the only goal was to cause as much damage as possible. We expect this malicious behavior to grow in 2013. Whether this is hacktivism taken to a new level, as some claim, or just malicious intent is impossible to say, but the worrying fact is that companies appear to be rather vulnerable to such attacks. As with Distributed Denial of Service (DDoS) attacks, the technical bar for the hackers to hurdle is rather low. If attackers can install destructive malware on a large number of machines, then the result can be devastating.

An inside or outside attacker who has elevated privileges on the network for a long time could time-bomb many systems on multiple sites. This effect is likely worse than what is covered in many disaster recovery plans, so the IT staff may have to make some updates. The priority is to keep the business running, which is best achieved by having production networks, SCADA systems, etc. completely separated from the normal network, preventing them from getting hit in the first place. Then there will be a massive loss of data to deal with because users just love to store their data on their local machines. One challenge will be to reinstall thousands of machines while ensuring that the time bomb doesn’t resurface. Technologies that may prove useful include remote management features that are independent of the state of the PC and its OS, but these features will need to be tested before an incident happens.

All measures to detect and block these persistent threats should also be effective against the preliminary steps of such attacks, while the attacker tries to gain and elevate access. Remote application control would prevent servers and key systems from being affected unless an attacker has already taken full control of the update process, which can be determined by carefully monitoring who does what on the management systems. To keep the loss of data to a minimum, a reliable network backup process needs to be in place, as well as backing up local data and blocking attackers from shredding data on shared drives and folders on the network.

Mobile Threats

Malware shopping spree
Once criminals discover a profit-making technique that works, they’re likely to reuse and automate it. For example, Android/Marketpay is a Trojan horse program that buys apps from an app store without user permission. We’re likely to see crooks take this malware’s app-buying payload and add it to a mobile worm.

Buying apps developed by malware authors puts money in their pockets. A mobile worm that uses exploits to propagate over numerous vulnerable phones is the perfect platform for malware that buys such apps; attackers will no longer need victims to install a piece of malware. If user interaction isn’t needed, there will be nothing to prevent a mobile worm from going on a shopping spree.

NFC worms
Phones with Near-Field Communications (NFC) enabled are becoming more common. As users are able
to make “tap and pay” purchases in more locations, they’ll carry their digital wallets everywhere. That flexibility will, unfortunately, also be a boon to thieves. Attackers will create mobile worms with NFC capabilities to propagate (via the “bump and infect” method) and to steal money.

Malware writers will thrive in areas with dense populations (airports, malls, theme parks, etc.). An NFC enabled worm could run rampant through a large crowd, infecting victims and potentially stealing from their wallet accounts.

Block that update!
One of the advantages that a mobile service provider (as opposed to Microsoft, for example) has in fighting malware is that once the cell company recognizes malware it can automatically push an update to customers to clean their devices. This works on phones that have not been rooted (or unlocked) by their owners. For mobile malware to stick around for a long time, it will have to prevent updates. Putting an app on a store that does nothing more than download external malware which locks the phone from communicating with the cell provider will achieve this.

Thursday, September 19, 2013

How to download your entire Facebook Account Data ?

Facebook allows its users to download their Facebook data in a single zipped file. The data includes your profile details, entire wall, messages, notes, contacts, and of course videos and photos.

First, log in to your Facebook account, and select “Account settings” from your “Account” menu:

Now click mouse on “Download Copy of your Facebook data“:

You’ll be asked for your password, Facebook will further authenticate you by asking you to identify some people on some photos of your friends. Just give their names etc.

Facebook will then generate the archive containing your data, and send you the download link per mail.

Once you download your archive, extract it, and open the “index.html” file.

Caution: Please keep this data safe as to protect your privacy or simply delete it after reading.

How to Make an Autorun CD?

Have you ever noticed whenever you insert any game or software CD (consider Windows XP Operating system) it automatically runs the CD.

If you want to make the same type of autorun CD than you have to open notepad file and write the following code in it.

[autorun]

OPEN=INSTALL\Setup_filename.exe

Here “Setup_filename.EXE” MUST be replaced with the name of the setup file. And also remember that it is not all of the setup files there are called “.exe” but some are called “.msi” also.

Now save it as a “.inf” file not as a “.txt” file. Burn your CD with the autorun.inf file included and set the CD in your CD-drive and waits for the autorun to begin or if nothing happens just double-click on the CD drive.

How to Prevent from the Phishing Web page using Domain name?

Tips to Prevent

Viewing SSL certificate:

Always check the url whether it is secure connection or not. "https://" means secure connection. "http://" means usual connection.
Use Secure connection.
You should check the SSL certificate. How to check the certificate. visit the website. You can see the website favicon icon in browser in address bar. click the favicon icon.
It will show small box
Click the More information.
Now the small window will be opened.
You can see "view certificates". Click it and verify whether it is original or not.
If you are not able to find the "view certificates" ,then you visit wrong website or you are in non-secure connection.
Note some website doesn't have the SSL certificate, so we can't access the website using secure connection(i mean https://).
Use gmail using secure connection, i means using https://gmail.com

Another Way:
Know the IP address of your domain.
Open the notepad enter your domain name and ip address as like this:
Domain name xxx.xxx.xxx.xxx
Then save the file.
Whenever you want to visit the site, open the file and copy the IP address of domain name.
Paste the IP address into browser and hit enter.
If you do this, you can visit the site directly.
Actually domain name connects to associated ip address but we are directly using IP address.

Tuesday, September 17, 2013

Understanding security and safe computing

Are you allowing other people to use your computer or share files with others while you are browsing Internet. So, be careful there are computer criminals (called as hackers) who attack other people's computers with intension to steal personal information. These people can attack directly or by breaking into your computer through the Internet and steal your personal information this could lead to attack on your computer by sending malicious software to harm your computer. To avoid such attacks you can protect yourself by taking a few simple precautions.

Protect your computerThese are ways to help protect your computer against potential security threats:

Update Windows regularly
Install Firewall software in your Computer
Install latest Anti-Virus
Install Spyware and other malware protection

Update Windows automatically
Microsoft regularly offers important updates to Windows that can help protect your computer against new viruses and other security threats. To ensure that you receive these updates as quickly as possible, turn on automatic updating. That way, you don't have to worry that critical fixes for Windows might be missing from your computer.

To turn on automatic updating
Click to open Windows Update.
Click Change settings.

Make sure Install updates automatically (recommended) is selected. Windows will install important updates for your computer as they become available. Important updates provide significant benefits, such as improved security and reliability.

Under Recommended updates, make sure the Give me recommended updates the same way I receive important updates check box is selected, and then click OK. Recommended updates can address non-critical problems and help enhance your computing experience. If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

Use a firewall Software
A firewall is software or hardware that checks information coming from the Internet or a network and then either turns it away or allows it to pass through to your computer, depending on your firewall settings. In this way, a firewall helps prevent hackers and malicious software from gaining access to your computer. Windows Firewall is built into Windows and is turned on automatically.

If you run a program such as an instant messaging program or a multiplayer network game that needs to receive information from the Internet or a network, the firewall asks if you want to block or unblock (allow) the connection. If you choose to unblock the connection, Windows Firewall creates an exception so that the firewall won't bother you when that program needs to receive information in the future.

Use virus protection
Viruses, worms, and Trojan horses are programs created by hackers that use the Internet to infect vulnerable computers. Viruses and worms can replicate themselves from computer to computer, while Trojan horses enter a computer by hiding inside an apparently legitimate program, such as a screen saver. Destructive viruses, worms, and Trojan horses can erase information from your hard disk or completely disable your computer. Others don't cause direct damage, but worsen your computer's performance and stability.

Antivirus programs scan e‑mail and other files on your computer for viruses, worms, and Trojan horses. If any malicious code is found, the antivirus program either quarantines (isolates) it or deletes it entirely before it damages your computer and files.

Windows does not have a built-in antivirus program, so install a latest ant-virus software program and update the anti-virus regularly.

Use spyware protection
Spyware is software that can display advertisements, collect information about you or change settings on your computer, generally without appropriately obtaining your consent. For example, spyware can install unwanted toolbars, links, or favorites in your web browser, change your default home page, or display pop-up ads frequently. Some spyware displays no symptoms that you can detect, but it secretly collects sensitive information, such as the websites you visit or the text you type. Most spyware is installed through free software that you download, but in some cases simply visiting a website results in a spyware infection.

To help protect your computer from spyware, use an antispyware program. Windows 7 has a built-in antispyware program called Windows Defender, which is turned ON by default. Windows Defender alerts you when spyware tries to install itself on your computer. It also can scan your computer for existing spyware and then remove it.

Tips for safely using e‑mail and the web

Use caution when opening e‑mail attachments. E‑mail attachments (files attached to e‑mail messages) are a primary source of virus infection. Never open an attachment from someone you don't know. If you know the sender but were not expecting an attachment, verify that the sender actually sent the attachment before you open it.

Guard your personal information carefully. If a website asks for a credit card number, bank information, or other personal information, make sure you trust the website and verify that its transaction system is secure.

Be careful when clicking hyperlinks in e‑mail messages. Hyperlinks (links that open websites when you click them) are often used as part of phishing and spyware scams, but they can also transmit viruses. Only click links in e‑mail messages that you trust.

Only install add-ons from websites that you trust. Web browser add-ons allow webpages to display things like toolbars, stock tickers, video, and animation. However, add-ons can also install spyware or other malicious software. If a website asks you to install an add-on, make sure that you trust it before doing so.

Set up a security key for a wireless network

Personal information and files on your wireless network can sometimes be seen by people who pick up your network signal. This can lead to identity theft and other malicious acts. A network security key or passphrase can help protect your wireless network from this type of unauthorized access.

The Set Up a Network wizard will guide you through setting up a security key
We don't recommend using Wired Equivalent Privacy (WEP) as your wireless security method. Wi‑Fi Protected Access (WPA or WPA2) is more secure. If you try WPA or WPA2 and they don't work, we recommend that you upgrade your network adapter to one that works with WPA or WPA2. All of your network devices, computers, routers, and access points must also support WPA or WPA2.

Wi‑Fi Protected Access (WPA and WPA2)
WPA and WPA2 require users to provide a security key to connect. Once the key has been validated, all data sent between the computer or device and the access point is encrypted.

There are two types of WPA authentication: WPA and WPA2. If possible, use WPA2 because it is the most secure. Almost all new wireless adapters support WPA and WPA2, but some older ones don't. In WPA-Personal and WPA2-Personal, each user is given the same passphrase. This is the recommended mode for home networks.

Wired Equivalent Privacy (WEP)
WEP is an older network security method that's still available to support older devices, but it's no longer recommended. When you enable WEP, you set up a network security key. This key encrypts the information that one computer sends to another computer across your network. However, WEP security is relatively easy to crack.

There are two kinds of WEP:

Open system authentication
Shared key authentication

Neither is very secure, but shared key authentication is the least secure of the two. For most wireless computers and wireless access points, the shared key authentication key is the same as the static WEP encryption key the key that you use to secure your network. A malicious user who captures the messages for a successful shared key authentication can use analysis tools to determine the shared key authentication key, and then determine the static WEP encryption key. After the WEP encryption key has been determined, the malicious user has full access to your network.

If you still want to use WEP shared key authentication, you can do by following these steps:
To manually create a network profile using WEP shared key authentication

Click to open Network and Sharing Center.
Click Set up a new connection or network.
Click Manually connect to a wireless network, and then click Next.
On the Enter information for the wireless network you want to add page, under Security type, select WEP.
Complete the rest of the page, and then click Next.
Click Change connection settings.
Click the Security tab, and then, under Security type, click Shared.
Click OK, and then click Close.

What is a smart card and how it works?

A smart card is a small plastic card containing a computer chip. People use smart cards along with personal identification numbers (PINs) to log on to a network, a computer, or a device. Using a smart card is more secure than using a password because it's more difficult for someone to steal a smart card and learn your PIN than to learn your password.

Smart cards are generally issued by information technology (IT) departments in large organizations. To use a smart card, you also need a smart card reader a device that’s installed in or connected to your computer and that can read the information stored on a smart card.

To log on to a Windows 7-based computer with a smart card

Connect the smart card reader to your computer or Laptop, if necessary.
Insert your smart card into the smart card reader.
Press Ctrl+Alt+Delete.
At the logon screen, click Switch User.
Click the smart card icon, type your PIN, and then press Enter.

General network security recommendations

The following are general security guidelines for all home and small office networks.

Keep your computer up to date
To help keep the computers on your network safer, turn on automatic updating on each computer. Windows can automatically install important and recommended updates or important updates only. Important updates provide significant benefits, such as improved security and reliability. Recommended updates can address non-critical problems and help enhance your computing experience. Optional updates are not downloaded or installed automatically.

Use a firewall
A firewall can help prevent hackers or malicious software (such as worms) from gaining access to your computer through a network or the Internet. A firewall can also help stop your computer from sending malicious software to other computers.

Install Anti-virus software on each computer
Firewalls help keep out worms and hackers, but they're not designed to protect against viruses, so you should install and use antivirus software. Viruses can come from attachments in e‑mail messages, files on CDs or DVDs, or files downloaded from the Internet. Make sure that the antivirus software is up to date and set to scan your computer regularly.

Use a router to share an Internet connection
Consider using a router to share an Internet connection. These devices usually have built-in firewalls, network address translation (NAT), and other features that can help keep your network better protected against hackers.

Don't stay logged on as an administrator
When you're using programs that require Internet access, such as a web browser or an e‑mail program, we recommend that you log on as a standard user account rather than an administrator account. That's because many viruses and worms can't be stored and run on your computer unless you're logged on as an administrator.

Wireless network security recommendations
If you have a wireless network, there are some additional security precautions that you should take.

Use a network security key

If you have a wireless network, you should set up a network security key, which turns on encryption. With encryption, people can't connect to your network without the security key. Also, any information that's sent across your network is encrypted so that only computers that have the key to decrypt the information can read it. This can help avert attempts to access your network and files without your permission. Wi‑Fi Protected Access (WPA or WPA2) is the recommended wireless network encryption method.

Note: We recommend using WPA2, if possible. We don't recommend using WEP for network security. WPA or WPA2 are more secure. If you try WPA or WPA2 and they don't work, we recommend that you upgrade your network adapter to one that works with WPA or WPA2.

Change the default administrator name and password on your router or access point
If you have a router or access point, you may be using the default name and password set up by the manufacturer’s. Most manufacturers use the same default name and password for all of their equipment, which someone could use to access your router or access point without your knowledge. To avoid that risk, change the default administrator user name and password for your router. Look for the information in the manual that came with your device for instructions about how to change the name and password.

Change the default SSID
Routers and access points use a wireless network name known as a Service Set Identifier (SSID). Most manufacturers use the same SSID for all of their routers and access points. We recommend that you change the default SSID to keep your wireless network from overlapping with other wireless networks that might be using the default SSID. It makes it easier for you to identify which wireless network is yours, if there's more than one nearby, because the SSID is typically shown in the list of available networks. Check the information that came with your device for instructions about how to change the default SSID.

Position your router or access point carefully

Wireless signals can transmit a few hundred feet, so the signal from your network could be broadcast outside of your home. You can help limit the area that your wireless signal reaches by positioning your router or access point close to the center of your home rather than near an outside wall or window.

Friday, September 6, 2013

What is Windows Easy Transfer?

Windows Easy Transfer guides you through the process of transferring files and settings from one Windows computer to another. Using Windows Easy Transfer, you can choose what to transfer to your new computer and how to transfer it.

· Click to open Windows Easy Transfer. ‌If you are prompted for an administrator password or confirmation, type the password or provide confirmation.

What can I transfer to my new computer?

You can transfer most files and program settings. Specifically:

· Files and folders: Everything within the Documents, Music, Pictures, and Shared Documents folders. Using advanced options, you can select additional files and folders to transfer from other locations.

· E‑mail settings, contacts, and messages.

· Program settings: Settings that keep your programs configured as you had them on your old computer. Windows Easy Transfer doesn't transfer the programs themselves. Some programs might not work in this version of Windows, including security programs, antivirus programs, firewall programs (your new computer should already have a firewall running to help ensure safety during the transfer), and programs with software drivers.

· User accounts and settings: Desktop backgrounds, network connections, screen savers, fonts, Start menu options, taskbar options, folders, specific files, network printers and drives, and accessibility options.

· Internet settings and favorites: Internet connection settings, favorites, and cookies.

· Music: Electronic music files, playlists, and album art.

· Pictures and video: Pictures which includes any visual file type (for example, .jpg, .bmp, .gif) and personal videos.

Which versions of Windows will work with Windows Easy Transfer?

You can use Windows Easy Transfer to transfer files and settings from a computer running Windows XP, Windows Vista, or Windows 7 to another computer running Windows 7.

Note : You can't transfer files from a 64-bit version of Windows to a 32-bit version of Windows.

Remove spyware from your computer

If you have spyware or other potentially unwanted software on your computer, you should use an anti-spyware scanner and removal tool to try to remove it. You can also try to remove spyware manually. You might need to use both of these methods more than once to completely remove the spyware or other potentially unwanted software.

Use an anti-spyware scanner and removal tool

Windows Defender is a feature in this version of Windows that helps prevent spyware and other potentially unwanted software from infecting your computer. When Windows Defender is on, you're alerted if spyware and other potentially unwanted software tries to run or install itself on your computer. You choose whether to ignore, quarantine (move to a different location on your computer where it can't run), or remove each item that is detected.

Spyware scanners are also frequently included in antivirus programs. If you have already installed an antivirus program, check to see if that program includes spyware protection features or if you can add them as an update, and then scan your computer regularly. To see a list of other spyware protection programs, go online to the Microsoft Security at Home website.

Remove spyware manually

Spyware can sometimes be hard to remove. If an anti-spyware program notifies you that it can't remove spyware, follow the instructions provided by the anti-spyware program. If that doesn't work, try these options:

Try installing an antivirus or another anti-spyware program. Many antivirus programs also come with anti-spyware protection.
Check Programs and Features for items that don't belong on your computer.

Click to open Programs and Features.

Use this method with extreme caution. Control Panel lists many programs, most of which are not spyware. Many spyware programs use special installation methods to avoid showing up in Programs and Features. Occasionally, a spyware program will offer an uninstall option and can be removed with this method. Only remove programs that you can positively identify as spyware, and don't remove programs that you might want to keep, even if you don't use them very often.

Re-install Windows.

Some spyware can hide itself so well that it can't be removed. If you still see evidence of spyware after trying to remove it with an anti-spyware program or after trying to uninstall it using Control Panel, you might need to re-install Windows and your programs.

Warning: Re-installing Windows will remove spyware, but it will also delete your files and programs. If you have to re-install Windows, make sure that you back up your documents and files, and make sure that you have access to the installation discs you will need to re-install your programs.

What is InPrivate Browsing?

InPrivate Browsing enables you to surf the web without leaving a trail in Internet Explorer. This helps prevent anyone else who might be using your computer from seeing what sites you visited and what you looked at on the web. You can start InPrivate Browsing from the New Tab page or the Safety button.

When you start InPrivate Browsing, Internet Explorer opens a new browser window. The protection that InPrivate Browsing provides is in effect only during the time that you use that window. You can open as many tabs as you want in that window, and they will all be protected by InPrivate Browsing. However, if you open another browser window, that window will not be protected by InPrivate Browsing. To end your InPrivate Browsing session, close the browser window.

While you are surfing the web using InPrivate Browsing, Internet Explorer stores some information such as cookies and temporary Internet files, so the WebPages you visit will work correctly. However, at the end of your InPrivate Browsing session, this information is discarded. The following table describes which information InPrivate Browsing discards when you close the browser and how it is affected during your browsing session:

Information	How it is affected by InPrivate Browsing
Cookies	Kept in memory so pages work correctly, but cleared when you close the browser.
Temporary Internet Files	Stored on disk so pages work correctly, but deleted when you close the browser.
Webpage history	This information is not stored.
Form data and passwords	This information is not stored.
Anti-phishing cache	Temporary information is encrypted and stored so pages work correctly.
Address bar and search AutoComplete	This information is not stored.
Automatic Crash Restore (ACR)	ACR can restore a tab when it crashes in a session, but if the whole window crashes, data is deleted and the window cannot be restored.
Document Object Model (DOM) storage	The DOM storage is a kind of "super cookie" web developers can use to retain information. Like regular cookies, they are not kept after the window is closed.

How to Delete webpage history?

As you browse the web, Internet Explorer stores information about the websites you visit, as well as information that websites frequently ask you to provide (such as your name and address). Internet Explorer stores the following types of information:

Temporary Internet files
Cookies
A history of the websites you've visited
Information that you've entered into websites or the Address bar
Saved web passwords

Usually, it's helpful to have this information stored on your computer—it can improve your web browsing speed and also save you from having to type the same information over and over. But you might want to delete that information if, for example, you're using a public computer and don't want any of your personal information to be left behind.

To delete all or some of your browsing history

Click to open Internet Explorer.
Click the Safety button, and then click Delete Browsing History.
Select the check box next to each category of information you want to delete.
Select the Preserve Favorites website data check box if you do not want to delete the cookies and files associated with websites in your Favorites list.
Click Delete. (This could take awhile if you have a lot of files and history.)

Notes

You should close Internet Explorer when you're done to clear cookies that are still in memory from your current browsing session. This is especially important when using a public computer.
Deleting your browsing history does not delete your list of favorites or subscribed feeds.
You can use Internet Explorer's InPrivate Browsing feature to avoid leaving a history as you browse the web.
You can delete all settings that have changed since Internet Explorer was first installed, including browsing history.

What are cookies used for?

Websites use cookies to offer a personalized experience to users and to gather information about website use. Many websites also use cookies to store information that provides a consistent experience between sections of the site, such as a shopping cart or customized pages. With a trusted website, cookies can enrich your experience by allowing the site to learn your preferences or allowing you to skip having to sign in every time you go to the website.

How to Delete Cookies?

To delete cookies, follow these steps:

1. Click to open Internet Explorer.

2. Click the Tools button, and then click Internet Options.

3. On the General tab, under Browsing history, click Delete.

4. Select the Cookies check box, and then click Delete if it isn't already checked. Clear or select check boxes for any other options you also want to delete. If you want to keep cookies for your saved favorites, select the Preserve Favorites website data check box.

Note: Deleting all cookies might cause some WebPages to work incorrectly.

What are Temporary Cookies?
Temporary cookies (or session cookies) are removed from your computer after you close Internet Explorer. Websites use them to store temporary information, such as items in your shopping cart.

What are Persistent Cookies?
Persistent cookies (or saved cookies) remain on your computer after you close Internet Explorer. Websites use them to store information, such as your sign-in name and password, so that you don't have to sign in each time you go to a particular site. Persistent cookies can remain on your computer for days, months, or even years.

What are First Party Cookies?
First-party cookies come from the website that you're viewing and can be either persistent or temporary. Websites might use these cookies to store information that they'll reuse the next time you go to that site.

What are Third Party Cookies?
Third-party cookies come from other websites' advertisements (such as pop-up or banner ads) on the website that you're viewing. Websites might use these cookies to track your web use for marketing purposes.

Tuesday, September 3, 2013

How to Boost your Computer Speed

Generally computers develop many problems when they used for long time. One of such problem is in computer speed because stack of temporary files and internet files, fragmented data on hard disk and too many start up programs. To improve the computer speed, just follow the steps:

Delete internet and temporary files
These files are created while you operate the computer and using internet, most of these files are not important to system. So if you keep these files for a long time they will create havoc in computer speed. To delete the files:

1.Open ‘My Computer’ and click right mouse button on ‘Local C Drive’
2.Click on ‘Properties’ in the shortcut menu.
3.In the ‘Properties’ window ‘General’ tab you will find a ‘Disk cleanup’ button, just press the ‘Disk Cleanup’ button.
4.Then it displays a message window click ‘OK’ button to continue deleting temporary files from computer.

Perform Disk Derangement
When a computer used for a long time the data on hard disk will be scattered and it makes the system to find data too much time. So to overcome this problem just do the steps:

1.Open ‘My Computer’ and click right mouse button on ‘Local C Drive’
2.Click on ‘Properties’ in the shortcut menu.
3.In the ‘Properties’ window select ‘Tools’ tab.
4.Click on ‘Defragment now’ button.

Then system starts defragmenting your computer, it may take time depending on the size of your hard disk and no. of files.

Note: Do this Disk Derangement once in 15 days.

Disable Programs in Start up
You might have installed too many programs on your computer and most of the software programs assign automatically to start up. In this case opening too many programs at start up the system get slow down and take more time than usual. To get rid of this problem follow the steps:

1.Type ‘MSCONFIG’ in the run command window or command prompt C:>MSCONFIG then press Enter key.
2.In ‘General’ tab select the third option ‘Selective Startup’.
3.Click mouse on ‘Startup’ tab and remove the selection of those unnecessary programs from the list.
4.Then click ‘Apply’ button and ‘OK’ button.

Now Restart your computer and check the difference, you will be happy now with the performance of your computer.

Monday, September 2, 2013

Adware and Spyware

Adware is 'freeware', whereby ads are embedded in the program. These ads will show up whenever user opens the program. Most adware authors provide the free version with ads and a registered version whereby the ads are disabled. As such, the users have the choice, either to use the freeware with ads served or
purchase the registered version.

Spyware, as the name suggest is the software installed on user’s computer which is constantly sending user information to the mother website.

Spyware, however, is published as 'freeware' or as 'adware', but the fact that an analysis and tracking program (the 'spyware' agent, which reports user’s activities to the advertising providers' web site for storage and analysis) is also installed on user’s system when a user install this so-called 'freeware', and this is usually not mentioned. Even though the name may indicate so, spyware is not an illegal type of software. But what the adware and spyware providers do with the collected information and what they're going to 'feed' the user with, is beyond his control. And in some cases it all happens without the user’s consent.

What is Bots?

The term Bot is derived from the word “Robot”. Robot comes from the Czech word "robot," which means "worker". In computer world Bot is a generic term used to describe an automated process. Bots are being used widely on the Internet for various purposes.

Bot functionality may vary from search engines to game bots and IRC channel bots. Google bot is one such famous search bot, which crawls through the web pages on the net to collect information and build database to enable variety of searches. Computer controlled opponents and enemies in multiple player video games are also a kind of bot, where the computer process tries to emulate the human behavior.

However, the usage of bots is not limited to good purpose only. Bots are widely used to perform malicious activities ranging from information stealing to using as a launching pad for distributed attack. Such software’s gets installed on user’s computer without their knowledge. Some bot infected machines, pass the control of the machine to a remote attacker and act as per the attackers command. Such machines are popularly known as zombie machines.

Email spoofing

Email “spoofing” is when an email message appears to have originated from one source when it actually was sent from another source. Email spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords). Spoofed email can range from harmless pranks to social engineering ploys. Examples of the later include:

email claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not comply.

email claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information

Mail uses social engineering to tell the user of a contest that the user may have won or the details of a product that the user might like. The sender is trying to encourage the user to open the letter, read its contents, and interact with them in some way that is financially beneficial to them.

Indications of Computer Infection

Some of the indications are given below:

Poor system performance
Abnormal system behavior e.g. system restarts or hangs frequently.
Unknown services are running
Crashing of applications
Change in file extensions or contents
Hard Disk is busy or its light glows continuously

Since we have discussed the basic terminologies and methodologies, now we can start discussing the defensive actions.

Priceless chatting in Wireless Communication

Mobile Chatting Apps
There are many mobile apps entering into mobile market everyday to add some more comfort to the mobile users. Now there is a mobile app ”wechat” that supporting mobile chatting like live chat, group chat, video calling etc. This application works on various mobile platforms like Android, IOS, BlackBerry, Symbion and Windows

Without recharging your mobile
You can have voice calling, video calling, texting and photo sharing is supported by a new mobile app called “Tango”.

Free Phone Calls
You can make free phone calls with “Fring” and it also supports video conferencing at the maximum of four mobile users.

Open account with Phone number
Without any user account “Viber” supports the mobile users to chat freely and if any number from your contacts having Viber account that will be added to your list automatically.

Protecting from Spam

Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products or get-rich-quick schemes. Spam costs the sender very little to send most of the
costs are paid for by the recipient or the carriers rather than by the sender.

Never respond to spam
Most of spammers say in their mail to unsubscribe click here but they’re lying. What they really want to do is confirm that they’ve got a live address. Also, if the user respond, they’ll sell their addresses to every other spammer meaning user soon be flooded with even more spam.

User should not post his address on his website
It seems like a good idea at the time, but posting an email address on a personal home page is just an invitation to spammers. Spammers and the people who sell spamming as a business have software that "harvests" email addresses from the Net. This software crawls through the Internet seeking text strings that
are username@domainname. When it finds one, it catalogs it on a database of other email addresses to be used to send spam. It is recommended that instead of giving e-mail in text form at the website, user should give an image of it.

Use a second email address in newsgroups
Newsgroups are the great email address gathering ground for spammers. If someone posts to a group, he is going to get spam it is just a matter of time. So how is he supposed to participate? Use a different email address for talking to friends and relatives. In other words, have a public address and a private address.
One has to deal with spam only on his public address.

Use a spam filter
While there is no such thing as a perfect filter, anti-spam software can help keep spam at manageable level. Some of it is cumbersome, some works better than others, some even requires that the user let his email messages go through another system for storage and cleaning.

Never buy anything advertised in spam
The reason that people spam is because they can make money. They make money, like all advertisers, by convincing people to buy a product. If no one buys the things advertised in spam, companies will quit paying spammers to advertise their products.

Disable scripting features in e-mail programs when possible
Since e-mail programs frequently use the same code as web browsers to display HTML formatted messages, the vulnerabilities that affect ActiveX, Java, and JavaScript are often applicable to e-mail. Apart from disabling these features, the ability to run Visual Basic Scripting (VBS) should be removed if possible.
Viruses such as I LOVE YOU contain attachments ending in .vbs which infect the host when user clicks on the attachment to open it.