Kishore: Tell me what is happening with my account? This is the 3rd time da, I don't want it to happen again.
Me: Did you try to open any spam messages and click the links in that Spam?
Kishore: Nope. I didn't.
Me: Hmm.. Did you download any software which asked for your email id & password?
Kishore: No..
Me: Were do you browse from? Personal laptop or Office computer?
Kishore: I check my mails only from a near by browsing centers. Mail clients are blocked in my office.
Me: Do you know anyone else facing similar issues?
Kishore: Hmm.. ya.. one of my friend had a similar issue, but he was using hotmail.
Me: Even he used the same browsing center?
Kishore: Yes.. Thats the only one with good connection speed and close to our house.
Me: Gotcha! Stop using that browsing center. What happened to you sounds like a Trojan horse attack.
Kishore: Ah.. What kind of horse is that?
Me: It is a type of malware, something like a virus. By mistake, someone might have downloaded a software that is infected with Trojan and installed it. That software will not have show any visual clue for running but they can keep track of what you type. There are some password trojans which steal passwords and account ids of common email providers and banks.
Kishore: Oh!!
Me: The trojan horse will mail these stolen passwords to its owner. These owners will use it to send mails or transfer money. It is a very risky one. Be safe in the future.
Kishore: But how to be safe?
Me: Try to avoid browsing centers, even if you use browsing center choose a one which has up-to-date anti virus up and running.
Kishore: Okie
Me: To be extra safe, check the list of processes in task manager before browsing. If you have some suspicion look for some other machine.
Kishore: I will try that. Any other tips for safe browsing?
Me: Hmm.. There is another common internet attack called "Phishing". It is again all about stealing username & password.
Kishore: Err.. What is that now?
Me: Phishing is a very simple way to steal passwords. You may get a email with a nice message like "Click here to upgrade your email storage limit to 500GB" or like "Click here to see your friends photo in picasa", etc. You will click on the link and it will open a google login page again. You will enter your credentials there but after that nothing will happen. You will be wondering why your email storage is still not 500GB? But your email accounts password will be changed in a day or so and you will not be able to login. Guess where did you go wrong?
Kishore: Hmm.. Not sure.. Everything sounds fine.. Are you sure this can happen?
Me: Yep, it can. When you click the link in that email it opened your login page, right?
Kishore: Yes
Me: That page is not actually the genuine login page, it is a fake login page hosted by some hackers. It will look exactly like your usual login page, you will assume it to be true and enter you password there. When you click on "Sign-in" the password will be sent to the hacker who will use it further.
Kishore: OMG.. How to avoid this now?
Me: Every time you enter any password or pin of any internet application make sure you are safe. Check the URL before entering the password. Any login to a Google account can happen only through a URL like "https://www.google.com/accounts/ServiceLogin?...." and to a Yahoo account can happen only via "https://login.yahoo.com/....", for Citibank it is "https://citibank.co.in/..." etc. If you see anything else in the URL then don't enter any details there. Some phishing sites don't have any domain and it will be hosted like "https://172.83.64.101/..." etc, don't ever think of entering details there.
Kishore: Tricky.. I have to make this has a habit from now on.
Me: Ya.. Be safe, there are lot of rogues out there.. :)