lets move to my next presentation. My knowledge sharing in presentation 2 is more to prevention...I choose a topic on prevention online identity theft...
What is it ?
Identity theft is when your online
identification has been exploited for an unlawful purpose.Online identity theft is different from other types of
identity thefts as it will not involve physical stealing of information but
rather the victim may unwittingly hand over the information themselves to
another party.
Techniques to get victim information :
- Phishing
- Pharming
- Spyware
- Social Networking Profiles
- vulnerabilities and exploit emails, instant messaging(IM) and the web to sending them user’s personal information.
Why is it dangerous ?
- Somebody can pose as ‘you’ on the Internet and perform online shopping
- Using your credit cards, or perform valid transactions.
- Hack into other systems and the ‘identity’ is traced back to you and you will be accountable for any problem caused by the stolen identity.
- Fraud activities use your name such as applying for loans or new credit card accounts and then not paying the bills .
- Sell the stolen personal information about you in underground economy or post the personal information publicly at online forums.
Preventive Steps : 
- Never revealed password to anyone.
- Implement a strong password and keep it safe.
- Install anti-virus and anti-spyware software and keep them updated with the latest security patches and enabled the ‘automatic update’ option.
- Think before you “post” on Social Networking Sites SNS
- (e.g Facebook, MySpace, Twitter, etc.
- Limit the personal information posted on the Internet (e.g. address, phone number, credit card no, salary) .
- Know who you invite into online network
- Accept only “friends” that you know directly and not the one that says they “know” you.
- Do not provide personal information to just anybody, ask for verification first. (Eg email or phone)
- Watched out for signs of identity theft (e.g. receiving credit cards that you didn’t apply for, or getting contacted by debt collectors or others about purchases you did not make
- Conduct online
transactions only at secure websites
Tips : How do you know the website is secured? 
- Look for https:// in the URL and not http:// when you login
- Look at the status bar for the security icon (locked padlock) when you visit the bank site. Ensure the icon is within the browser frame
Don’t be fooled by
spoofed website
Double-check the digital certificate by
clicking on the closed padlock icon. Look at the “Issued to” in the pop-up
window and you should see the name matches with the website that you are on as
shown in the picture below.
•Leave the websites if you find the
name differs from the genuine ones.
Install DontPhishMe 
•DontPhishMe to
alert you if an online banking web
page that you
visit
appears to be asking for your personal or financial information under false
pretences.
• DontPhishMe
will automatically warn you as shown in the picture below, when you encounter a
page that is trying to trick you into disclosing personal information.
•DontPhishMe is
an initiative of MyCERT, Cyber- Security Malaysia,
• to provide a security mechanism in
preventing online banking phishing threat specifically for local Malaysian
banks.
• can download and install DontPhishMe
from Mozilla Firefox add-ons’ repository.
Everyone and anyone is a
potential target to be a victim of identity theft. The attackers often use
different tactics to lure different victims. However, the risk can be reduce
by following all
Conclusion
No comments:
Post a Comment