Tuesday, February 23, 2010

Are you Safe??


Last week I got a call from one of my school friend Kishore, with surprise I picked up his call. He said his mail account has been hacked for almost 3 times in last two months and the hacker has been sending mails to all his contacts stating that he is in a big trouble and in urgent need of £2000. I redirected him to customer care and after getting his problem resolved through customer care, he was curious to know what is happening here and how the hacker is able to get his password in spite of changing it.

Kishore: Tell me what is happening with my account? This is the 3rd time da, I don't want it to happen again.

Me: Did you try to open any spam messages and click the links in that Spam?

Kishore: Nope. I didn't.

Me: Hmm.. Did you download any software which asked for your email id & password?

Kishore: No..

Me: Were do you browse from? Personal laptop or Office computer?

Kishore: I check my mails only from a near by browsing centers. Mail clients are blocked in my office.

Me: Do you know anyone else facing similar issues?

Kishore: Hmm.. ya.. one of my friend had a similar issue, but he was using hotmail.

Me: Even he used the same browsing center?

Kishore: Yes.. Thats the only one with good connection speed and close to our house.

Me: Gotcha! Stop using that browsing center. What happened to you sounds like a Trojan horse attack.

Kishore: Ah.. What kind of horse is that?

Me: It is a type of malware, something like a virus. By mistake, someone might have downloaded a software that is infected with Trojan and installed it. That software will not have show any visual clue for running but they can keep track of what you type. There are some password trojans which steal passwords and account ids of common email providers and banks.

Kishore: Oh!!

Me: The trojan horse will mail these stolen passwords to its owner. These owners will use it to send mails or transfer money. It is a very risky one. Be safe in the future.

Kishore: But how to be safe?

Me: Try to avoid browsing centers, even if you use browsing center choose a one which has up-to-date anti virus up and running.

Kishore: Okie

Me: To be extra safe, check the list of processes in task manager before browsing. If you have some suspicion look for some other machine.

Kishore: I will try that. Any other tips for safe browsing?

Me: Hmm.. There is another common internet attack called "Phishing". It is again all about stealing username & password.

Kishore: Err.. What is that now?

Me: Phishing is a very simple way to steal passwords. You may get a email with a nice message like "Click here to upgrade your email storage limit to 500GB" or like "Click here to see your friends photo in picasa", etc. You will click on the link and it will open a google login page again. You will enter your credentials there but after that nothing will happen. You will be wondering why your email storage is still not 500GB? But your email accounts password will be changed in a day or so and you will not be able to login. Guess where did you go wrong?

Kishore: Hmm.. Not sure.. Everything sounds fine.. Are you sure this can happen?

Me: Yep, it can. When you click the link in that email it opened your login page, right?

Kishore: Yes

Me: That page is not actually the genuine login page, it is a fake login page hosted by some hackers. It will look exactly like your usual login page, you will assume it to be true and enter you password there. When you click on "Sign-in" the password will be sent to the hacker who will use it further.

Kishore: OMG.. How to avoid this now?

Me: Every time you enter any password or pin of any internet application make sure you are safe. Check the URL before entering the password. Any login to a Google account can happen only through a URL like "https://www.google.com/accounts/ServiceLogin?...." and to a Yahoo account can happen only via "https://login.yahoo.com/....", for Citibank it is "https://citibank.co.in/..." etc. If you see anything else in the URL then don't enter any details there. Some phishing sites don't have any domain and it will be hosted like "https://172.83.64.101/..." etc, don't ever think of entering details there.

Kishore: Tricky.. I have to make this has a habit from now on.

Me: Ya.. Be safe, there are lot of rogues out there.. :)


6 comments:

Sankar said...

Take a USB stick having live-linux image. And use this for browsing.

Arun Raghavendar said...

Very true, Sankar... :D

Aravind C said...

hello hero

I use my laptop for emails. I logged in for weeks and never log out mainly... Am I vulnerable to some attacks ?

Arun Raghavendar said...

Hey Aravind..

You are mostly safe from Trojans when using your laptop. But make sure you don't install softwares that are downloaded from unrecognized websites..

As far as Phishing is concerned you can be a victim even if you use your laptop. Do the basic checks before entering passwords and be safe with links that you receive over email..

Srihari said...

I think the fact that we people here in India are least bothered about Anti-virus updates.

I agree with Sankar to have a live image on to a USB, but for others make sure the Anti-virus software is up-to-date. Donot mind spending some money on your Anti-virus software if required.

Arun Raghavendar said...

Using linux can solve most of the virus/trojan problems we have, but it cannot save you from phishing or any other browser based attacks like XSS. Internet users need to be aware of such things and defend themselves.