Articles by "Online Security"
Showing posts with label Online Security. Show all posts

at 0
Just blogging things you need to know. Social media tips and tricks, blogging tips and tricks and search engines news.

Online security has become one of the most important topic in online discussions. Advancement in technology is not only benefiting common person but hackers too. A major part of internet budget is spend on online security by big companies. Most of the times people become victims of online hacking by their own mistakes as they don't fully understand how to protect their online accounts and information. A couple of months ago, we wrote an article explaining the ways to keep your online information safe and secure. We have also discussed to identify email and phishing scams. Today I received genuine looking Email which was actually a phishing Email. I thought it appropriate to share with my readers.

I received an Email in the main image from Email address "service@payoneer.com" which in first instance looks like a genuine Email but I was skeptical about its content. That's why I declared it a phishing scam.

Now I tell you how this Email is a scam. You might have noticed that I am addressed as "Dear Customer" in this Email. This is unnatural because I am a registered member at Payoneer so they have all my credentials including my name and Email address. Whenever I will receive any Email from Payoneer. It will be having my name inside it because the names are associated with Email addresses and automatically included in Email sending to that Email address.

There are also some other reasons but its not worth sharing them because they contain human errors and I fear if they are shared, same hacker may overcome those errors making it more difficult to detect phishing Email. Well, its not only the content of Email which indicates it scam but also the link in it also redirecting users to a site other than Payoneer. Although the hacker has made an almost genuine looking Payoneer login phishing page to steal usernames and password but it lacks somethings.

Watch both of these pages in following screenshots.

Payoneer Login Page, Payoneer,

They are almost identical and at first glance a novice user can donate his Username and password to the hacker. The only thing from which we detect the fraud easily is the URL of fake web-page. As you can easily figure out that URL of original web-page is "https://myaccount.payoneer.com" which is only URL for logging in to Payoneer. The URL of fake webpage is very long and even more complicated. The hacker has tried to make a URL representing what he wants but a person must note that the final domain included in this URL isn't "Payoneer.com" but "homestylists.com.au" which has nothing to do with Payoneer.

Another difference between these pages is of SSL/HTTPS certificate. Watch a Padlock icon in URL bar of actual webpage and note that URL starts from HTTPS which ensures encryption and security of data which is transmitted between servers. Encryption makes it guaranteed that data which you are entering in webpages is secure and no one can read it.
However we doesn't see anything like this in Phishing page which indicates lack of trust in that page.

That's the end. I have tried to present a live example of online phishing scams and hope that you understand it fully and don't loose anything online by committing small mistakes. Stay tuned with us for more updates.
Continue reading


at 0
Just blogging things you need to know. Social media tips and tricks, blogging tips and tricks and search engines news.

Advancement in technology is not only facilitating the people by providing them luxuries in every field but also bringing a burden of worries along with it. There was a time when people used to keep their most valuable things, which off course could be money, underground or hidden from others so no one gets information about it. The time has changed with the rise in technological advancement and the trend is towards keeping things online to make them secure and inaccessible to others. Viewing this trend, every possible measure is being adopted for the security of private online information so only the related and authorized person gets the information. It has become among one of the most discussed subjects to ensure online security after shocking incidents of phishing, hacking attempts and data breaches which are continuously worrying online security experts. A huge budget of Giant online companies is spent to ensure the site security but the cyber criminals still keep trying to find loopholes in security. In this tug of war between security experts and the clever group of hackers, an individual must know how to keep his online information safe and secure in order to avoid big losses.
Continue reading


at 0
Just blogging things you need to know. Social media tips and tricks, blogging tips and tricks and search engines news.

You receive a number of Emails daily among which you find some Emails useful and delete others without opening them. Some of the Emails which you receive might be vulnerable for your online identity as they contain links to Phishing pages. Phishing is a method of stealing someone's online identity or credential information by designing a webpage which mimics webpages of most trusted websites or financial institutions. Phishing is the easiest and the most commonly used method of online hacking. A hacker who wants to steals someone's credential information including but not limited to credit cards, passwords etc designs a webpage called Phishing page which looks 100% similar to that one of the original website. The details which are entered on phishing page are then stolen by hacker. A couple of months ago, I wrote an article about dangerous Emails for stealing identity. Now we will learn about identifying Emails which are used to hack user's credentials.

Usually people are redirected to phishing pages via Email or via text messages on popular social media sites. Identifying phishing websites is not a problem for tech-expert but common people who don't know much about internet and online frauds, gift their private information to cheat hackers unknowingly. They can't differentiate between legitimate and fraud Emails easily as well as phishing page or trusted page. This article is covering the methods by which someone can detect a phishing Email or webpage at a first glance hence securing his online identity from hackers.

Do Phishing Pages Really Look Like Original Website?

Phishing pages look so real to original website that even an expert can be victimized if he doesn't watch the page carefully. Even Emails which are sent by expert phishing hackers seem like legitimate Emails sent by original institution. But there are somethings which cannot be changed because they are unique for every Email and Webpage. We will use those things to find out if an Email or Webpage is trustworthy or fraud.

How To Detect Phishing Emails:

Links to phishing pages are usually sent via Emails so it's better to understand that how we can mark differences between normal and a phishing Email.
Its not a problem when you delete any Email without opening it. The analysis must be started for every Email when you open it. Below we will discuss the factors used to determine an Email's trustworthiness.

1. Check Sender's Email Address:

After opening Email, watch for the sender's Email address. If it is among the one whom you trust, then it is OK but still you aren't advised to satisfy 100% because it is possible for anyone to send Spoof Emails. Spoofing is a term which refers to sending someone text or Email message with cloaking the Email Address or Name of any other person. I won't go in its details yet.

Someone may sends you Email with the sender's ID "support@paypal.com" or "no-reply@facebook.com". If sender's Email is different from the website in subject then no doubt it seems suspicious at first glance but similar looking Email addresses can cause trouble.
Anyways, it is not a thing to get highly worried in this era because big Email providers easily detect and warn the user that actual sender's ID is different from the written sender's ID.

2. Check If Your Name Is Present In Subject Or Email Body:

Second factor is the presence of your name in subject or Email body. When you register with any trusted company, they always ask your name which is used for future communications. Your name is stored with your Email address in their database so you always see your name when they send you any Email. Hackers and phishers don't have access to these databases so Emails sent by them don't contain your name. Original Emails sometimes don't contain names but its when the respected company sends Email with general announcement.

Last step to determine phishing Email is to check where the links anchored in Email, redirect the clicker. It is the final step to identify phishing.

How To Detect Phishing Website:

Opening an Email doesn't mean of being victimized until an URL is clicked and the user is directed to other website. The real phishing object is the webpage. You might access at dangerous webpage by clicking links in email or from any other source. Before entering your credentials in any website, domain name of website must be checked if it is real. Sometimes, hacker obtain similar looking domains and use them for trapping people. An example is of libertyreserve.com domain. It was a popular Payment processor around the world but someone got a domain which was identical to this domain with only difference in the placement of a single alphabet due to which thousands of people lost their money. Afterwards the original domain was seized by United States authorities.
Do not enter your private credentials in any webpage until you are damn sure about the domain. For example, if you see domain "face-book.com" or "pay-pal.com" , just leave the webpage or report it to respective authorities. Don't make any mistake there as it might results in online theft.

Read More: Importance Of SSL certificate

Second thing which is to be noticed is SSL encryption. Trustworthy sites have always SSL certificate installed. This encryption makes a site secure by covering the data which is to be transmitted between servers. If you don't see a padlock icon in the URL bar for sites which ask for credentials, then be alarmed.

This is the general guideline for detecting phishing attacks. Hope everyone remains safe from these attempts.
Continue reading


at 0
Just blogging things you need to know. Social media tips and tricks, blogging tips and tricks and search engines news.

Have you ever received an Email asking you to provide your personal information so they can trust you to transfer a vast amount of money in your bank account? If your answer is Yes, then you might think they are just scamming you or it is something like a practical joke. But hold on.
It isn't as simple as you are thinking. It may threaten your life and security if you reply to these kind of Emails.

How Could These Emails Be Dangerous For You?

The question arises how could these Emails dangerous for you if you reply to them? They aren't asking you for any password or other details which you keep private. They only ask for the things which are public and are accessible to many people. Then how could it become insecure for you?

Let me give you an example of such type of Email.
Greetings my dearest,
I know that you will be surprise to hear about this transaction since we don't know each other before, but it was due to the urgency of this transaction makes me to contact you immediately through email please accept my apology.
I am the chief Audit and Account Manager of XYZ Bank. i need your urgent assistance in transferring this sum of ($14.5 Million USD) to a foreign account, please would you be interested to assist me with in this transaction with your bank account to receive this fund and also finance the expense that will occur together with me during the transaction?.
Therefore, you will have 50% of the above mentioned sum if you agree in handling the up-front expense that will come up together with me, i look forward to receive your return mail for more details on how to execute the transfer to your account.
With my position in the bank i assure you with 100% risk free that this transaction is not a childish game play neither a scam or fraud and i want you to indicate your full interest with assurance of trust that you will not betray me once the fund is transfer into your nominated bank account, in-which you are advice to kindly send to me your information below as follows, while i look forward for your urgent.
(1) Your full names:************
(2) Your private phone number:*******
(3) Your current residential address:*************
(4) Your international passport copy or ID Card:**********
(5) Your Age ***********
(6) Your Sex:*************
(7) Your occupation:***********
(8) Your country of origin:**********
Regards, in sincerity,
XYZ.
My private contact number: 123456789.
This is an example of Email which you may receive for these kinds of frauds. On other hand you may receive Emails saying that a millionaire has died and they want to donate his all wealth to a kind and generous person or someone from your relatives has died and bequeathed all his legacy for you etc.
Now come to the point what is real threat behind these Emails.

Well, most of us will obviously think that in they end they would ask us for some money to make this transfer, but will not transfer it after they get money from you. I do not deny this fact because it also encounters and many people have lost billions of bucks in this business of fraud. The victims in the end remain without money. You might come across this type of fraud too, but this isn't the only fraud which you may encounter after replying to them.

What Is Other Fraud Which You May Come Across?

If you are thinking that they won't transfer anything in your account then you might be thinking in wrong direction. It could happen that they ask your bank account information and transfer a vast amount of money in your bank account by making you surprised. You won't believe it but it indeed they can transfer the amount in your bank account and make you millionaire over nights. But before proceeding, you must think is it safe to get this type of money and is it the legal way by which you receive the money?

As mentioned in the above example, the bank CEO is involved in transfer who is authorized to take many actions but under the law of his institution so are they really following the law of their respective institution?

How This Fraud Occurs?

Suppose a rich man has an account in a bank worth million of dollars but he dies intestate and no one to claim his inheritance. What the bank will do with his money? If someone outside successfully claims a relation with the account holder, then the bank can transfer all the wealth to him. A bank servant cannot do this but if someone has a powerful position in the bank like CEO. The situation could change. He can produce a person to claim the wealth and after the approval of CEO, he receives it but what happens after receiving the money?

This is the point where I wanted to bring you. It is most difficult task to earn money and the more difficult is to save the money which you get by doing nothing. The money which someone receives in this manner is always illegal and he will always fear to face police if anything unexpected happens to him. Think? Will the bank CEO who has provided you this money leave you after transferring this money to your account?

The answer is "NO".

You life and security might come in danger after getting the easy money. Many incidents have been reported by victims who had got the wealth in this way but after it their all money was taken by masterminds forcibly or by torture which was a nightmare for them. No one wants to put his life or security in danger knowingly but they were unaware of the after effects of this fraud so took their part in that fraud.

Where To Report These Fraud Emails:

After knowing this, I expect from you that you won't ever reply to these kind of Emails and if you ever again get such type of Email, don't forget to report these Emails to International Crimes Schemes reporting center.
Continue reading


at 0
Just blogging things you need to know. Social media tips and tricks, blogging tips and tricks and search engines news.

"Learn how to hack" is one of the most popular keyword used at Google. Though hacking is a reality but it is not possible for everyone to hack thus millions of people waste their precious time and money in searching online for hacking tips and tricks, for hacking methods and hacking software. In this quest, they end with their efforts being ruined and the disastrous wastage of their time and money.

All users should know that hacking isn't a thing in which everyone can succeed. Every time you attempt to learn about hacking using search engines or hacking websites, your efforts would definitely go in the vain at the end so don't think about hacking and keep using your own social media and other accounts. Now a question arises that if hacking isn't possible using these things then why we find tons of articles and websites over this topic. To know this answer, you must be aware of the reality of Hacking websites.

Read More: Online Security Tips To Secure Your Information

Reality Of Hacking Sites:

All of us know that online earnings of an internet business basically depend upon traffic and advertising. The huge traffic and best advertising platform is the key to success of an internet business. Now if we read the minds of visitors and internet users, they are curious to know about the private information of other people which they don't expose to everyone. For this they may choose hacking their social media accounts as their first priority. This thinking boosts the search for hacking software, hacking methods and results in the viral traffic to those websites which claim to give hacking information, hacking tutorials, hacking software, hacking tips, hacking tricks, hacking methods. The most popular search terms for hacking are how to hack facebook account, facebook hacking, hack facebook account, facebook hacking tutorials, facebook hacking software etc. So with the search of these terms, these websites which claim to give hacking tutorials and so called hacking software earn a lot.

Read More: Top 10 Social Media Sites To Express Yourself

Different Types Of Free Hacking Sites:

If you have ever tried to hack Facebook account or any other social media account by using hacking websites online, you would have seen that after entering the Email address or Id of that account, they say in the end that they have hacked account credentials for you, put authorization code or enter XYZ code to get them and when you go forward to next steps, they ask you to download a file and when you try to download that file, the system says you to complete surveys. If you are a US or Canadian visitor, this is the only chance that a survey may appears for you but if you are from the rest of world, you don't see any survey offer so your efforts lasts with bad thoughts about those sites. If you are US or Canadian visitor and take your time to complete that survey and finally finish the long chain of those surveys, then in the end you successfully download their required files. After the successful entry of that authorization code or the credentials which they give in their file you receive hilarious errors from that site which only make you hyper and nothing more. So you would ask now, how they get benefit by this?

Its so simple, there are many pay per download networks on which a registered user upload a file and share the download URLs of those files to other people. Now the person who tries to download that file will have to complete a survey before downloading the file and one completed survey gives a good amount of money to the Uploader almost $0.60 to $20 for per completed survey depending upon the length and nature of survey. This way, these websites earn money.

Another type of hacking sites are those which claim to give hacking software. Whenever someone downloads those software and install them, he gets frustrated to see some other software which are usually Adware or Malware being installed in his computer and he is even unable to figure out his desired software in his installed apps list. This is another method of earning money by fooling others. This explanation was about the sites which claim to give free Facebook account hacking or other social media hacking.

What About Paid Hacking Sites?

Now come towards paid hacking sites. These sites are also fraud, though you will read many testimonials about their services that they are legit and you can easily hack facebook, twitter etc account using them blah blah.. All of these testimonials and comments are also fake and self created. Suppose, you buy any service from these sites but at the end you get nothing. Then whom will you complain about them? Will you go to court against them or will you gonna open any dispute against them?? Its the matter of common sense that Hacking itself an illegal method and if you pay someone for it, you are committing a cyber crime so you cannot do anything against them even after paying them for their so called services.

Read More: How To Identify A Fake Phishing Email And Website

Why We See Complimentary Comments About These Sites On Other Sites And Blogs:

Well in the end, you ask me, "Suppose all of this is true and there services are fraud, then why we see comments on other websites and blogs that they are legit hacking sites and anyone can hack any account using them?"

This is the thing which makes some users to think about hacking again and they don't loose hope to hack any of their friend or spouse's account. Now you must remember that these comments are always from users who are paid for commenting on these blogs and posting ads of these so called hacking sites to other blogs and websites. That is just to increase their SEO score and getting higher index ranking in search engines. So be aware of these misleading ads and comments. Don't waste your precious time and money on these services and invest it in more productive way.

Hacking does exist and it is a cyber fact but it's not the thing which you can done by Googling or becoming fool. This is only the wastage of time.
Continue reading


Subscribe to: Posts (Atom)