Fake Antivirus Software

How Fake antivirus function?
Fake antivirus is malicious software (malware) designed to steal information from unsuspecting users by mimicking legitimate security software. The malware makes numerous system modifications making it extremely difficult to terminate unauthorized activities and remove the program. It also causes realistic, interactive security warnings to be displayed to the computer user.

How can my computer become infected with fake antivirus?
Criminals distribute this type of malware using search engines, emails, social networking sites, internet advertisements and other malware. They leverage advanced social engineering methodologies and popular technologies to maximize number of infected computers.

How will I know if I am infected?
The presence of pop-ups displaying unusual security warnings and asking for credit card or personal information is the most obvious method of identifying a fake antivirus infection.

What can I do to protect myself?

• Be cautious when visiting web links or opening attachments from unknown senders.
• Keep software patched and updated.
• To purchase or renew software subscriptions, visit the vendor sites directly.
• Monitor your credit cards for unauthorized activity.
• Report Internet crime or fraud immediately to law enforce agencies.

Spam Mail Security

What is spam?
Spam is the electronic version of "junk mail." The term spam refers to unsolicited, often unwanted, email messages. Spam does not necessarily contain viruses valid messages from legitimate sources could fall into this category.

How to handle the spam mails?
There are some steps you can take to significantly reduce the amount of spam you receive:

1. Don't give your email address out arbitrarily: Email addresses have become so common that a space for them is often included on any form that asks for your address even comment cards at restaurants. It seems harmless; so many people write them in the space provided without realizing what could happen to that information. For example, companies often enter the addresses into a database so that they can keep track of their customers and the customers' preferences. Sometimes these lists are sold to or shared with other companies, and suddenly you will be receiving email that you didn't request for.
2. Check privacy policies in the site: Before submitting your email address online, look for a privacy policy. Most reputable sites will have a link to their privacy policy from any form where you're asked to submit personal data. You should read this policy before submitting your email address or any other personal information so that you know what the owners of the site plan to do with the information.
3. Don’t select default options: When you sign up for some online accounts or services, there may be a section that provides you with the option to receive email about other products and services. Sometimes there are options selected by default, so if you do not deselect them, you could begin to receive email from lists those lists as well.
4. Use Spam filters: Many email programs offer filtering capabilities that allow you to block certain addresses or to only allow email from addresses on your contact list. Some ISPs offer spam "tagging" or filtering services, but legitimate messages misclassified as spam might be dropped before reaching your inbox. However, many ISPs that offer filtering services also provide options for tagging suspected spam messages so the end user can more easily identify them. This can be useful in conjunction with filtering capabilities provided by many email programs.
5. Report messages as spam: Most email clients offer an option to report a message as spam or junk mails. Reporting messages as spam or junk helps to train the mail filter so that the messages aren't delivered to your inbox. However, check your junk or spam folders occasionally to look for legitimate messages that were incorrectly classified as spam.
6. Don't click mouse on links in spam messages: Some spam relies on generators that try variations of email addresses at certain domains. If you click a link within an email message or reply to a certain address, you are just confirming that your email address is valid. Unwanted messages that offer an "unsubscribe" option are particularly tempting, but this is often just a method for collecting valid addresses that are then sent other spam.
7. Disable the automatic downloading of graphics in HTML mail: Many spammers send HTML mail with a linked graphic file that is then used to track who opens the mail message when your mail client downloads the graphic from their web server, they know you've opened the message. Disabling HTML mail entirely and viewing messages in plain text also prevents this problem.
8. Consider opening an additional email account: Many domains offer free email accounts. If you frequently submit your email address, you may want to have a secondary email account to protect your primary email account from any spam that could be generated. You could also use this secondary account when posting to public mailing lists, social networking sites, blogs, and web forums. If the account start to fill up with spam, you can get rid of it and open a different one.
9. Use privacy settings on social networking sites: Social networking sites typically allow you to choose who has access to see your email address. Consider hiding your email account or changing the settings so that only a small group of people that you trust are able to see your address. Also, when you use applications on these sites, you may be granting permission for them to access your personal information. Be cautious about which applications you choose to use.
10. Don't spam other people: Be a responsible and maintain ethics while surfing the web. Some people consider email forwards a type of spam, so be selective with the messages you redistribute. Don't forward every message to everyone in your address book, and if someone asks that you not forward messages to them, respect their request.

Online identity theft and Security

Identity theft
The fraudulent acquisition and use of person’s private identifying information, usually for financial gain. It can be divided into two broad categories:

Credit card fraud
Credit card frauds committed by making use of credit/debit card of others for obtaining goods or services. The threat emerge due to stealing of information like Credit card number, PIN number, password etc. Theft of cards and cloning of cards are also employed to commit such frauds. Hackers use complex techniques like Phishing, Skimming etc. to gain credit card information from innocent users.

Phishing
Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by e-mail spoofing or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

Skimming
Skimming is the theft of credit card / Debit card information. Thief can procure victim's credit card number using basic methods such as photocopying receipts or more advanced methods such as using a small electronic device (skimmer) to swipe and store hundreds of victim’s credit card numbers. Common scenarios for skimming are restaurants or bars where the skimmer has possession of the victim's credit card and makes note of card details for further use.

Vishing
It is one of the method of social engineering over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of “voice” and “phishing” is called as “Vishing”.

Social Engineering
Social engineering involves gaining trust hence the fraudster poses as a member of staff or even security guard. The fraudster would then ask the customer to check the card for damages. The fraudster would have gained confidence from his prey using various tactics such as offering assistance to the customer who perhaps would have tried to use the ATM without success or perhaps the customer who is not familiar with use of ATM machine and requires assistance.

Steps to be followed before Credit card & Debit card/ATM card usage 

1. Whenever you receive the card from the bank make sure the mail is completely sealed and there is no damage.
2. Whenever you receive the card from the bank immediately sign on the card.
3. Try to cover the last three digit number on the card.
4. Register your phone number to check the account transactions.
5. Change the pin number immediately.

Secure usage of credit/Debit cards at Shopping malls and Restaurant

• Always keep an eye how the vendor swipe your card.
• Always make sure that the transactions happen at your presence.
• Never sign a blank credit card receipt. Carefully draw a line through blank portions of the receipt where additional charges could be fraudulently added.
• Don’t give away your personal information in the survey forms given in restaurants/shopping malls.