Monday, December 1, 2008

Phishing, Password and Fraud Prevention

According to Wikipedia, phishing is the crime of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trusted entity in an online communication. Phishing is a nice word. It sounds like fishing. When you go fishing you put bait on a hook and you just wait patiently for a fish to bite the bait and you get the fish. Likewise someone may use a fraudulent site and hopefully an innocent victim will visit the site thinking that it is genuine and proceed as instructed to provide the phisher with vital and secretive information.

In order to protect users, banks design strong password to control access to sensitive sites. There is a local bank that I log in every day, the password is real strong. Here are the combinations of the password:

at least one lower case letter
at least one upper case letter
at least one numeric character
at least one upper case non-alphanumeric character
at least one lower case non- alphanumeric character
at least one spacing
minimum 8 characters including spacing

If you think that is all, you are wrong. Your password is not permanent. It is time-sensitive. You are required to change the password from time to time. Keeping tract of the password is real pain for me. It makes attackers even more difficult to guess the password.

Here are some of the tips that experts recommended for the prevention of fraud:

Install a trustworthy anti-virus system and firewall on your computer and keep them up to date.
Do not click on any link in an e-mail. If in doubt, contact your bank.
Do not allow anyone to know your pins and passwords.
Avoid using weak passwords like your name and your date of birth.
Do transactions at secured websites that begin with ‘https”

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...