If keystrokes and images from a computer screen can be recorded remotely, and not only remotely, but now over wireless connections, even from cell phones, gathering information surreptitiously (stealing?) only becomes a matter of getting the control program onto the target device. We don’t even want to think about how easy that may be, really, but apparently at least it isn’t completely automatic, because this is where scams and viruses come in as a convenient way of convincing people to cooperatively turn over their protected information.
http://www.ripoffreport.com/Employers/Career-Network-Aka-A/career-network-apple-staffing-2bn92.htm
http://www.gradtogreat.com/tips_advice/article-jobboard_scams.php
Stealing personal information, such as passwords or Social Security numbers can be as simple and direct as looking over somebody’s shoulder at an ATM or as technical as hacking into a network database from a remote, wireless location. Sometimes the most sophisticated technical security remains open to the most simple-minded access, such as the British net surfer (more or less) almost accidentally hacking U.S. military intelligence. None of that encourages great confidence in the ultimate security of electronic information, but it also suggests that the obvious mode of operation for stealing information is the path of least resistance. If the U.S. military will give up information conveniently, why go to the trouble of elaborate technical programming, except maybe as an ego trip to prove superior technical capability? Another answer may be in the potential payoff of individual records in the millions, but by and large, attempts to collect protected information concentrate on more direct approaches. Why go to a lot of trouble dealing with complex technology if all you have to do is ask through email?
The variations are many and diverse, stealing for both fun and profit, but most follow the basic patterns of either convincing us to supply a click that a computer program interprets as authorization to perform a restricted operation, like downloading a document with a virus, or convincing us to provide confidential information, and away we go on the familiar carnival ride of unauthorized use and malfunctioning devices. Everybody knows what these cheerful requests for mindless cooperation look like. Please confirm your account information. Follow this link for photos of Lindsay Lohan. Click here to renew your subscription. We’d like you to join our company. In order to protect your personal security, and so forth.
The psychology of this operation is diabolically simple. We want things, and we worry a lot (about identity theft, among other things), so verifying account information to prevent unauthorized access is, like, a high priority, and clicking on an external link or an attachment is so easy (Like the one with a graphic link as a big red disk labeled “Do Not Press This Button”). Worst of all, sometimes we want to believe those lurid claims are true. So how do we avoid entrapment by these inventive hucksters? Most of it, especially on a personal level, depends on those simple concerns. Maybe the first line of defense is simply being alert to our own priorities. The agents, bots, and cookies that collect information for more or less legitimate marketing also provide potential guidance to scammers.
Familiarity with the routine transactions of banking and/or using a variety of credit cards online makes financial information an attractive target and our response potentially careless. Think twice about any unanticipated electronic communication concerning money and financial transactions, especially if it involves submitting passwords, numbers, or other personal information. What could be easier for identity theft than simply asking for the information? Think twice about any unanticipated electronic communication concerning any subject, especially if it involves clicking on anything. Consider the composition of the URL. Paste it in as a browser location address if you really have to check it out, although that can have a downside also. A very undesirable web location may now be permanently recorded in your address list, that can only be removed by either deleting your entire browsing history or by locating and modifying the registry file that keeps the list. Modifying registry files is not necessarily a convenient operation, so avoiding the problem makes sense.
There are other general precautions worth considering. There is no perfect way to insure security in cyberspace, but Leaving a computer on with accounts open or any kind of useful information displayed is potentially problematic as the remote variations of wardriving become more sophisticated and effective. The size and complexity of both video and animation files and the programs to display them are better suited to concealing virus and information control activity, so avoid videos if your security software has deficiencies. Transferring malicious material or controls in text files is very difficult through direct connections on the internet and pretty much impossible without opening the files on an individual unit, even without additional security programs. If files aren’t downloaded and attachments aren’t opened, viruses and information control can’t get connected.
While advisable, security software is notorious for slowing down operating systems, and security programs aren’t necessary for every kind of problem. An example is the disconcerting experience of receiving hundreds of undeliverable messages as a consequence of having email hijacked by a bot to distribute spam. While free security programs like Spybot and AdAware can remove uninvited intruders (although don’t confuse AdAware with the opposite and deliberately similar Adware, which installs rather than removing snoopy gate-crashers), sometimes the situation can be managed simply by changing the email password. Another danger of allowing bots to operate in email accounts is that the email account will eventually be virtually shut down by anti-spam control from recipients of the commercial or malicious messages, which can be excrutiatingly inconvenient for personal email accounts. Even if we have security software on our computers, sometimes we already have the best security installed in our heads. All we have to do is use it.
Here's Thinking for You
Iffy
No comments:
Post a Comment