Sunday, April 20, 2008

Nowadays security concern (part. 2)

Are you willing to give up your online account's password for just a choco bar? (hint: don’t let the picture left distract you) You'll probably say no, right? But that's not what according to research firm named Infoscure Europe surveyed result, please refer to my previous post here for the short explanation. Maybe it's because the choco bar offered was very tempting, with a cherry on top perhaps? ;-p

But I bet many of us are easier to be lured to give it up for a grand give away prize, the ease to be included in can in fact make us neglect our precious information like name & mobile numbers. For text message spammers, those two infos are just what they needed to get your attention first to their whole schemes. For instance if you get a text message in your personal mobile phone, with your correct name on it, stated that you've won something from a lucky draw contest or something like that. Where usually the spammers will include an online address or phone numbers you can contact to, if you follow it you'll become the victim of their evil plots. God forbid what they might want to get from you, when you fallen into their traps. But I must say a miss-leading SMS like that are still often found in Asian countries which the citizens have many mobile phones; such as Philippine, Thailand, Indonesia, Malaysia, etc. Where usually this kind of SMS can find their target to people who have no knowledge of a bad scheme behind it, no active acts from mobile wireless carriers and the governments to educate the mobile users are only worsen this never ending bad spammers. I've continue reading in few local magazines & newspaper here in Indonesia, that there are still some people who got tricked by SMS like this. Lucky enough, many have used to ignore it because of experience or news and mainly no mentioning of personal infos like name & phone number.

Another security concern on phishing emails have emerged again, where this time the spammers are targeting corporate business men & women who are on the list they hacked. They lure their victims with putting a link in the emails to U.S. District Court, it does sound very convincing even for high-level corporate people. Anyone who clicked the link will be taken to surf a hoax website, where in the process the hackers do whatever they can to get personal data & information inside the surfer's computer. Such phishing scam that targets bigger victims, have a name now it's called "whaling". So no matter how strong and complex is your company's email security, it's best to avoid "whaling" emails and contact directly the mentioned government department (with official phone number or email address, and not the ones written in the "whaling" email) to find out whether the email you received is true or false. Because we tend to do what the "whalers" have thought about; it's easier for us to click the mouse on the link than go through all the troubles with making calls and emails.

Be careful, it's getting more dangerous out there in digital world. But we could prevent worse results if we equipped ourselves with proper information, so spread the knowledge as I'd always say. Read on CNet News blog here for deeper coverage about "Whaling"-emails. On the next blog I’ll talk about my favorite tech: WiFi.

To be continue to part. 3 …

[blogged with my Treo 750v]

No comments: