How to avoid becoming a phishing attack victim
The recent phishing attacks on Hotmail, Gmail and Yahoo! Mail, which resulted in thousands of email addresses and passwords being posted online, have worried internet users.
Phishing is act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
Security experts at Websense say they have identified a sharp increase in the number of spam emails originating from Yahoo!, Gmail and Hotmail accounts. Websense added that infected email accounts were being used by hackers and cybercriminals to send out personalised emails containing links to shopping websites on online videos. The links contained within those emails are fake, and are instead designed to capture personal information about the recipient.
While the problem is real and dangerous, there are some simple steps you can take to avoid becoming a victim of cyber criminals (Google Security tips):
1. Use Unique Passwords – It’s a good idea to use unique passwords for your accounts, expecially important accounts like email and online banking. When you create a password for a site, you might think of a phrase you associate with the site and use an abbreviation or variation of that phrase as your password.
2. Use a password with a mix of letters, numbers, and symbols -There are only 26^8 possible permutations for an 8-character password that uses just lowercase letters, while there are 94^8 possible permutations for an 8-character password that uses a combination of mixed-case letters, numbers, and symbols. That’s over 6 quadrillion more possible variations for a mixed password, which makes it that much harder for anyone to guess or crack.
3. Create a password that’s hard for others to guess – Choose a combination of letters, numbers, or symbols to create a unique password that’s unrelated to your personal information. Or, select a random word or phrase, and insert letters and numbers into the beginning, middle, and end to make it extra difficult to guess (such as “sPo0kyh@ll0w3En”).
4. Keep your password reminders in a secret place that isn’t easily visible – Don’t leave notes with your passwords to various sites on your computer or desk. People who walk by can easily steal this information and use it to compromise your account. Also, if you decide to save your passwords in a file on your computer, create a unique name for the file so people don’t know what’s inside. Avoid naming the file “my passwords” or something else obvious.
5. Make sure your password recovery options are up-to-date and secure – You should always make sure you have an up-to-date email address on file for each account you have, so that if you need to send a password reset email it goes to the right place.