I am sure you have heard of Google, used it and loved the services Google provides. If you are one of those lucky few, you might have bought Google shares when they were a dime a dozen and are ready to retire now...well almost ready if not quite there. Now Google has found a new way to further increase the value of their shares, and it's called Google Cyberstalking, a.k.a Google Profile.
You can use Google Profile to show others and tell others what or who you really are and what you really do and where you really live and the endless list goes on. 
The only saving grace is that you control what goes on your Google Profile. You have the option of sharing all your life on there or just your A/S/L.
Lesson Learnt: There is no dearth of ways people can cyber stalk you and it is getting easier by the day to do just that. So look before you write online and see where you post it. An entry that is harmless and innocent in your view might in all reality be all that a person needs to cyberstalk you.
Google Helps You Cyber Stalk People
Alicia Keys My Space Page Hacked
Apparently someone who maintains Alicia Keys My Space Page put their username and password in a phishing email and Voila... Alicia Keys My Space page was hacked. When I say it was hacked, I do not mean someone just defaced her page, the hackers went to great lengths to hide malicious code on her page. Every other image on her site was hacked in a way that merely clicking on the images would install malicious code on the visitors computer. Click on Key's bare midriff and you would be taken to a site that would install a program on your computer that would trick you into buying anti-virus software and track your credit card number and log your username and passwords.
Luckily, MySpace identified the problem and scrubbed her page clean. Looks like her page was not the only one hacked. Some other pages were also hacked but MySpace is tight lipped about it.
Roger Thompson, a security expert at Exloit Prevention Labs, has posted the following video of the Alicia Keys Hack.
Read: Behind the Alicia Keys MySpace Scam
Lesson Learnt: The more famous you are the more badly hackers want to show you their might.
Earth At Night
Someone sent me a link to a full picture of the world as seen from space, at night. I am sure if you look closely you can see the New York, Miami and the LA area.
Click on the picture above to see the whole world lit up like a Christmas Tree.
How many people do you think are on their computers right about now trying to steal your privacy?
Admire: Earth At Night
Do You Trust People & Websites On The Internet?
We all have trust issues. Some people are quick to trust and others take their own time to trust people. I am one of those who trusts people at the drop of the hat. After all what will someone get by lying to me? Yea Right !
Lately, I have seen my trust broken a lot online and have come across some super weirdos who have nothing better to do in life than to harass people. Surprised? Welcome to the world of World Wide Web.
How do you start trusting people or websites you see on the Internet? You have no idea whether they are genuine people or stalkers, good websites or phishing websites. This is where a new website called TrustPlus comes in.
The site is trying to "Make the Internet the Safest Place on Earth". I am not sure how efficient will this site be in living up to its tall claim, but at least it is a right step in at least starting to make the difference. Hope the site works out.
Read: TrustPlus
Internet Superheros
Kids will be kids, no matter what adults tell them. Call it peer pressure, curiosity or just plane ignorance, they are bound to tread where no child or teen should be treading to begin with.
So how do you make them understand not to go where danger lurks? Do you make them sit in the corner? Ban their access to the computer? Watch them like a hawk? Have a decent conversation with them and try and explain things in their language? Nope...
You let the people who matter to them do the talking for you. Yes, the people who matter to kids and teens and no its not you or your uncles, aunts, friends or parents...
... its the super heros.
... let Spiderman or The Hulk or X-Men or Spider Girl or Daredevil or Fantastic Four do the talking for you and I bet you, kids will listen.
This is exactly what the Internet Super Heros do. Internet Super Heros is a website dedicated to providing guidance to the younger generation. It is an excellent site that uses Marvels Super Heroes to impart knowledge about the internet and the dangers that lurk in the dark alleys.
Must visit site for all.
Read: Internet Super Heros
Lesson Learnt: Impart education to kids and teens in the way they understand by the people they listen to.
STOP cyberbullying
Today I came across an excellent site that deals with the growing menace of cyberbullying. With the growing use of internet, instant messaging and email by kids, it looks like cyberbullying is on the rise and we all need to make sure we know the symptoms of such a menace before we can explain to the kids what it is and what to do to prevent it.
As per the stopcyberbullying.org website:
"Cyberbullying" is when a child, preteen or teen is tormented, threatened, harassed, humiliated, embarrassed or otherwise targeted by another child, preteen or teen using the Internet, interactive and digital technologies or mobile phones. It has to have a minor on both sides, or at least have been instigated by a minor against another minor. Once adults become involved, it is plain and simple cyber-harassment or cyberstalking. Adult cyber-harassment or cyberstalking is NEVER called cyberbullying.
Just like schools have a Drug Free Zone, they should have Cyberbullying Free Zone.
Read: Stop Cyberbullying
Lessons Learnt: Kids, cyberbullying is not a cool thing to do. Just like you do, other kids also have feelings and hurting them to get pleasure out of it is definitely not cool. Don't think that just because you are not giving the other kid a wedgie in school you are not bullying him by being mean to him online.
Website Dedicated To Demystifying Online Scams
I was reading the latest Newsweek and on the inside back cover was an advertisement for a website dedicated to demystifying the most prevalent online scams. Some of the scams prominently covered by the website broadly fall in the following categories:
Foreign Business Offers
Love Losses
Overpayments
Rental Schemes
Sudden Riches
Work-at-Home
The site is full of videos and interviews and also has a Fraud Test.
Did you know that if you happen to come across any online or telemarketing scam, you can report it to the National Consumers League's Fraud Center by filling an online form?
Read: FakeChecks
Lesson Learnt: There are resources available for users to learn about various online scams. They just need to find out where to read. That is the aim of this blog, to direct the users in the right direction.
Data Discrimination By Comcast
If you live in the United States, I am sure you use Comcast as your cable provider and / or high speed internet provider. Forgetting the fact that Comcast Customer Service sucks and that their technicians sleep on the job on customers couches, now comes news that Comcast discriminates on what data gets transmitted on their bandwidth and what does not. So basically Comcast is discriminating against data transmission.
As per Peter Svensson from AP:
"Comcast Corp. actively interferes with attempts by some of its high-speed Internet subscribers to share files online, a move that runs counter to the tradition of treating all types of Net traffic equally."
So what does that mean for the general user?This means that when you share big files (movies, music, pictures or any big file) with friends and families, Comcast basically decides what gets transmitted first; your big file or someone's small file or Comcast might just block your transmission all together.
Read: Comcast blocks some Internet traffic.
Lesson Learnt: Comcast needs to adhere to Net Neutrality
Pew Report: Girls With Photos Online Get Contacted More
I was not aware that you had to conduct a study or be Einstein to figure this out. But, this is exactly what people at PEW Internet & American Life Project did. They conducted a study and found out that 32% of the teens online have been contacted by someone that was not part of their friends or relatives group (aka STRANGERS).
The study goes on to say that girls are much more likely to report scary contact than boys.
Lesson Learnt: Teens make sure you do not put your photos online, but if you must let the world see what you look like and attract strangers, please make sure you read the rules of posting photos online. Parents, make sure your teen is not putting something online that you would not want the world to see. If you think the picture of your teen in that red Speedo is worth showing the world (... and strangers), please by all means let them post it.
Read: Teens and Online Stranger Contact
Phishing Scam With Orkut Lookalike
Today, I got a crap ... oops ... scrap, in my Orkut account which read as follows:
^nk!t@...:
Hey im really apreciate yor work..!!!
will u moderate my community??
Just put yor request in moderator required topic!!
Hope to hear frm u soon!!
http://orkutfriend.freeweb7.com/community.aspx/orkut.html
Being, the curious cat I am, I clicked on the link and voila I was looking at a Phishing Site designed to make you feel you are looking at a real Orkut Site.
Here is a detailed description of what raised the alarm:
So here is what is wrong with this site and some telltale signs you should look for:
- When I clicked on the link that asked me to go to the community from my Orkut page, I was prompted for my username and password on the above screen.
- Why was Orkut asking me to enter my username and password again to look at one of its communities? That raised a flag.
- I looked at the URL and found http://orkutfriend.freeweb7.com/community.aspx/orkut.html and the first half in red raised an eyebrow. As a security professional, I could right away tell that the site was being hosted at an external hosting space and was being used to collect usernames and passwords.
4. Another thing to notice is Orkut written in various Hindi dialects. That was odd for an international site.
5. Finally the ? before Google confirmed my suspicion that this was a Phishing site. On the real site Google it says ©2007 Google.
Rule 8: Respect other people's privacy - Core Rules Of Netiquette
The Core Rules of Netiquette are excerpted from the book Netiquette by Virginia Shea. Click on each rule for elaboration.
* Introduction
* Rule 1: Remember the Human
* Rule 2: Adhere to the same standards of behavior online that you follow in real life
* Rule 3: Know where you are in cyberspace
* Rule 4: Respect other people's time and bandwidth
* Rule 5: Make yourself look good online
* Rule 6: Share expert knowledge
* Rule 7: Help keep flame wars under control
* Rule 8: Respect other people's privacy
* Rule 9: Don't abuse your power
* Rule 10: Be forgiving of other people's mistakes
Read: Core Rules Of Netiquette
"I Can Be Your Facebook Stalker"
I was surfing the net and came across this nice piece of video by Penn Masala called The Facebook Skit. I must say that it is a pretty interesting piece of video which tries to summarize how your privacy can be violated from Facebook. Funny, cute, well edited and excellent.
Businesses Loose Millions In Productivity Over Social Networking Sites
Does your company have Internet Access Policy? Is the policy ever enforced? Do you know where your employees are going on the internet while they are "working"?
According to employment law firm Peninsula, 233 million hours of productivity are lost every month as a result of employees "wasting time" on social networking. So while you think that the employee sitting in the corner cube is deep in research, he most probably is browsing the social sites and making "friends."
Some organizations are using Facebook and other social sites as motivational sites, many or rather most companies see such sites as waste of employer time, money and resources and are taking steps to block access to such sites. Over and above the fact that such social sites are waste of time when accessed during work hours, they are also harborers of unwanted downloads, and such downloads generally contain viruses, keyloggers or spyware.
Lesson Learnt: Organizations should make every effort to block access to sites that can cause a loss of productivity or could open their It infrastructure to unwanted threats from the outside.
Read: Facebook 'costs businesses dear'
Read: Should you ban social networking sites at work?
Read: Employers urged to ban social networking websites.
Technorati Tags: Face
Pornographic Images, Social Abuse & Bullying Found On Social Sites
.... and you thought bullying was restricted to school and playground only. Welcome to the digital era where teens are being bullied and subjected to social abuse on the internet. A study of two of the most frequented social sites MySpace and Bebo by a UK based company Computing Which found pornographic images, evidence of bullying and also inappropriate advertisements on the sites.
As per a recent article posted on BBC News, researchers found a "sinister" side of the social sites and found out that accounts could be created with relative ease and no age check was mandated to make sure the person creating the account was as old as was being projected.
Researchers also found that the sites did not enforce any privacy restrictions and relied only on users reporting any kind of abuse.
Lesson Learnt: Keep an eye on that MySpace or Bebo or any other social networking site account of your kids. You as parents have a right to know their password and make sure you log on to the account frequently to see who they interact with. Also, as parents make sure the computer being used by your teen is kept in a public area of your home, so that you can keep an eye on the happenings.
Read: http://news.bbc.co.uk/1/hi/technology/5344722.stm
Pictures Lifted From Matrimonial Website Used For IPO Scam
Over the past few years many Matrimonial (aka dating sites in the west) sites have cropped up. These site promise to find the best mate you can ever find, for you. For those of you who are from the west, should know that arranged marriage is a common thing in some Asian countries and many a times marriages are arranged without the bride and the groom having even seen each other. It is a trend in these countries for the parents to look for a suitable bride or groom for their grown up sons and daughters. With the growing trend of Matrimonial sites cropping up by the hundreds all over the web, it is an easy place for parents to look for a suitable match.
Unfortunately, it is also an easy place for scammers to lift your picture and other basic details to be used for unauthorized purposes. This is exactly what happened in India, when some scammers lifted some pictures and some basic information from a very popular Matrimonial site called shaadi.com and used the information to subscribe to upcoming IPOs (Initial Public Offer). The CBI (Central Bureau of Investigation) chargesheeted 22 people including bank employees for running the scam. As per CBI one persons picture was used to create as many as 15 accounts under different names.
Lesson Learnt: Be careful when posting your picture online on any dating or matrimonial site. If you must post a picture, make sure it is small, taken from far off and preferably a side pose.
Read: Photos from marriage website used in IPO scam
Are Your Passwords Easy To Guess?
Considering the fact that I have been in the IT field since the time I moved from diapers to undies, I can say with authority that 95% of users I have dealt with lack the basic concept of what a password should be.
I have seen users write down their passwords on sticky notes and put it on top of their monitor, and when asked why is it there, the standard reply is ... "oh so that I don't forget it," but they fail to think that it is easy for others to read also, unless of course the person reading is blind.
Don'ts For Online Passwords
- Your password is your key to something, just like you would not trust someone you don't know with your house keys or car keys, you should not trust anyone with your password.
- Your dog's name or the name of your first born son, daughter, granddaughter, grandson is not a password.
- Writing your password on a yellow sticky or pink or blue sticky and putting it on your computer monitor is a dumb thing to do.
- Even dumber thing to do is to write on the sticky your username and password.
- Don't yell your password for your IT guy from across the hall, he might be hard of hearing but not deaf.
- Don't give out passwords to anyone who calls you to say that he is an IT guy and needs your password to fix something. 98% chances are that the guy on the other end of the line is a hacker who is employing "social engineering" to get unauthorized access to systems.
- By the way did I tell you that your pets name or your kids names are not passwords? They are signs for hackers which say "Come Access My Systems"
- Don't use auto store of username and passwords in your browser or on your computer. If your machine gets stolen, the thief will have access to everything private of yours.
- Your password should be a minimum of at least 6 - 8 characters and MUST be a combination of letters and words. Even better if it has a special character ($%*^#) in it.
- Your password should never be easy to guess or something that can be cracked easily. Basically, your password should not be a dictionary word.
- NEVER EVER give your password away to ANYONE.
- DO NOT loan your passwords to anyone. No matter how good a friend the person is, you never know what damage the person can do with your password now or at a latter date.
- Change your passwords every 60 days if not every 30 days and do not repeat them.
- If you do have a memory issue and want to write your password down, write it on a small piece of paper and keep it at the bottom of your purse. Never write the userid and password on the same piece of paper.
Please remember that most of the security compromises that take place are due to lack of or weak passwords. Always have a strong password and follow some basic ground rules for making one.
PS: NEVER WRITE YOUR ATM PIN NUMBER ON THE BACK OF YOUR ATM CARD....DUH!!!!
New Computers Loaded With Junk Software
So my friend decided to buy a new laptop. He did extensive research online looking for the best laptop that met his needs. He compared CPU, RAM, Hard Drive, CD/DVD Writers, Screen Size, Screen Resolution, Warranty, Keyboard Size, Number of Ports and of course the Price of the laptop. Finally he found one that met his budget with almost all his requirements and would be the best to do what he needed to do. He came home with his spanking new laptop and turned it on to play with his baby.
Two hours after turning the laptop on, I got a call from him. He wanted to know how to get rid of all the junk software that came pre loaded with his new $1500 laptop. He wanted to get rid of everything that was not meant to be there, but had been preloaded by the manufacturer for advertising and collecting personal information and don't forget selling third party applications.
Why do manufacturers add on useless junk software on the machine pre-installed? If I am buying a machine I do not want links to Quicken and AOL and Yahoo and Money and Every-Known-To-Man-Toolbar, do I?
By pre installing the junk software the hardware manufacturer is trying to entice the user to subscribe or buy or try the software the buyer did not want in the first place or had wanted.
So the next time you or your friend buys a machine, the first thing to do as soon as you turn it on is to follow the following steps:
1. Click on Start ---> Settings ---> Control Panel
2. Double Click Add/Remove Programs
3. Click Install / Uninstall tab or click the Change or Remove Programs button
4. In this section you will see a listing of programs that are currently installed.
5. Go through the list and highlight the program you see as Junk which came pre installed or any program that you do not think should be there, and click the add/remove or uninstall option.
6. Repeat step no. 5 for every program you do not want. Some uninstalls may need a restart before you can remove more.
This process will help you get rid of the unwanted junk that came pre-installed on your new machine.
Take control of your machine, don't let the hardware manufacturers dictate what you can or cannot have on your machine, that you paid for.
Gone Phishing?
Yes Phishing not Fishing.
(phishing) (n.) The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the users information and sometimes identity.
So the next time your friends ask you to go fishing, make sure you clarify if it is fishing or phishing. Obviously you would not want to go phishing with them, would you?
US State Department Letter Informing Me Of Winning The Lottery ... Call Bangkok!
I have to quickly finish writing this post today, as today is my lucky day. I am a winner today and I need to run out and buy my lottery ticket. The first email I got today was from the US State Department that I had won a lottery and I had to call Thailand and pay 755$ (not $755) and email usagcls@thaimail.org with any questions. Remember the email came with a total genuine State Department Seal and the whole nine yards.
The big question here is that I never applied for any such lottery so since when did people start winning lotteries without even buying tickets?
I checked their website www.greencardforall.org and it is a total fake. The site has only one purpose, to collect money and personal information from users.
--------------------------------
Office # 1793
14781 Memorial Drive
Houston, TX 77079 USA
From the U.S. Department
of State Bureau of Consular
Affairs Visa Services:
www.greencardforall.org
Dear Winner.
Congratulation! You are among those selected randomly as one of the lucky winners of the U.S Green Card in DV-2007 diversity immigrant program for fiscal year 2007. Please retain this letter and take it with you to your visa interview when needed.
Approximately 100,000 individuals were selected for further processing; Therefore, it is most important that you carefully follow these instructions to increase your chance of possible visas issuance.
Please read and follow all the enclosed instruction very carefully. ALL FORMS AND CROSPONDENCE must send to the Asia pacific consular center by email attach at the above E-mail address. Please notify the Asia Pacific consular center of any change in address, addition or deletion of any other information which you believe may effect your application.
Always contact our consular center office in Bangkok for guidelines and direction.
If is should be necessary to contact the Asia pacific consular center by telephone you must always refer to your name and the case number exactly as the appear below.. Your case number should be clearly written in the upper right hand corner of ALL documents and the correspondences sent to the Asia pacific consular center.
Below are the requirements needed:
1) Scanned two copies of your recent passport photographs, members of your family passport photo should also be scanned if you are traveling with your family members.
2) Scanned copies of your international passport &I.D card, members of your family international passport &I.D card should also be scanned if you are traveling with your family members.N.B Your family member above the age of 16 requires an international passport for travel.
3) Administrative/Processing Fee of 755$ each.
NOTE: Participation is free. USAGC Organization charges for its professional and expertise service we give you. Our professional includes: application service, information check, correcting of wrong or invalid data, support in different language, correct completion of the application, and submission of application on time and to correct address. USAGC ensure that your application will not be disqualified. For more information send us your questions.
Case number: 2007BK21783000
PA Name. **************
Preferences Categories: DV DIVERSITY
Foreign State Chargeability: THAILAND
Post: BANGKOK
Contact the Asia pacific consular center immediately with the listed information’s stated here.
Contact Person: Mr. Lewis Taylor
Telephone number: + 66-8 1499 4471 (24 hours operator)
Office Tel: + 66 (2) 2653-429 (online:9: am close at 5:30 pm)
Tel Fax: + 66 (2) 2653- 6291
E-mail : usagcls@thaimail.org
... and you thought facebook was safe?
Over the past few months investigators have done extensive testing of the privacy and safety measures of Facebook. Unfortunately, Facebook which once was considered to take user privacy very seriously, flunked the testing. Investigators posing as underage users were able to make contact with other users for various reasons. New York State AG wrote in his letter to Facebook, while subpoenaing Facebook, “My office is concerned that Facebook’s promise of a safe Web site is not consistent with its performance in policing its site and responding to complaints,”
Read more about what the AG had to say and what Facebook thinks about it: http://www.dmnews.com/cms/dm-news/legal-privacy/42573.html
Your Privacy On Orkut
Lately I have not been having very good experiences with Orkut and so have some of the people I know. I have also read some horror stories relating to Orkut on the Web and the news.
Everyone has got a story of how their long forgotten friend from school/college/ last-to-last-to-last-to-last company met them on Orkut after so many years!
Is Orkut taking shape of another MySpace and other such social websites which have already turned into a ready-to-use database of information for cyber crimes and stalkers?
Here is my take on how to keep safe on Orkut? Follow these simple guidelines!
Don't make your profile a goldmine for spammers and scamsters and stalkers (I call it the SSS of Orkut)!
Guys, guys, guys! When will you understand that keeping your mobile number as part of your Name won't lead to more girls calling you? Neither will your email-id help in getting you more friend requests! The only people who will love to have your contact information are spammers and scamsters and stalkers (SSS). So give your mobile numbers and email ids in your profile or on scraps and you can expect more spam in your mail box and more useless calls on your phone. This is just the tip of iceberg. Imagine other nasty uses of email-id and phone number and you are inviting all this mess!
Don't keep a photo which is big enough to be defaced/misused!
Females pay attention! Your profile picture (if you are tempted to keep your own photo at all) should have your face small enough so that it can't be misused in any manner (I hope you know the power of Photoshop). Do NOT keep any of your intimate photos in your orkut album. I suggest that for females, ideal profile pics are those taken from a distance and side poses (called 'profile views' in photography lingo!). Also, please refrain putting pictures of your friends and relatives on Orkut without their explicit permission. Putting their picture on Orkut might seem like a trivial matter to you but it might turn out to be a big hassle for them and don't forget that you are also violating their right to privacy. Just because you have their pictures does not give you the right to show it to teh world without their permission. Also, please do not put pictures of your kids on Orkut. Get over the fact that only your friends or family or people you want can view your profile pictures. Anyone who is on Orkut can browse through any and all pictures and the last thing you want is some criminal stalking you or your kids. It is your responsibility to protect the identity of your kids, take this responsibility seriously.
Try not to share email/phone number or personal information by scraps
Ever heard of a great tool called EMAIL? If you have, use it and if not than ask your 6 year old about it. DO NOT give anyone your mail-id/phone number/address by scrap, unless you want to be a victim of SSS. Use email or messaging. Scrapping on Orkut has been widely misused by one and all. There is no award on Orkut for the one with the maximum scraps or as I like to call them CRAP. However if scrapping is a must, please do not put personal information about you or the person you are scrapping. If you go through the scraps (aka Craps) you will see people discussing everything from their person illnesses to property matters to intimate stuff. Would you like everyone on Orkut to know that you have a certain kind of physical illness? or that your friend is going through a bad marriage or relationship? Come on be realistic, respect someone's privacy.
Never talk work related stuff on scraps.
Not only work, any confidential chat should not be done on orkut. Apart from obvious threats, who knows your boss might be lurking there, visiting your and your colleagues' scrapbooks! And this is not a far fetched fantasy. I am sure you would hate for your boss or co-worker to find out how mean he or she is and how much you detest working at the company. If you plan to do that, make sure you have a copy of your update resume ready.
There is not a race going on for maximum number of friends!
Do NOT accept the friendship request from anyone you don't know/trust. Even if it is from opposite sex. You don't know who could be out there creating a fake profile!
Don't click on luring URLs.
Do NOT click on any URLs given by enticing profiles, promising whatever! Orkut and Google have raised warnings very often about viruses being transmitted in this manner. Clicking on a wrong URL can compromise your identity and your privacy, giving the scamer access to your personal information.
Don't accept offers for downloading e-books
You really think someone is going to let you download e-books for free if you provide them with your email address?. If you think so, than my friend I have no hesitation in calling you STUPID. How stupid does one have to be to believe the fact that a perfect stranger will distribute free ebooks for no reason. All the stranger is looking for and getting is your email address so that he can spam you with stuff or use your email identity to spam others.
