Smooth Operators: Fraudsters and Hackers

Fraudsters and hackers are constantly thinking of new ways to obtain information and enter a system. Below are some tactics that fraudsters and hackers may use:
  1. They might call the authorized employee with some kind of urgent problem; as fraudsters and hackers often rely on the natural helpfulness of people as well as on their weaknesses. Appealing to you vanity, authority, and old-fashioned eavesdropping are typical fraudster and hacker techniques.
  2. Fraudsters and hackers may rely on the fact that people are not aware of the value of the information they possess and are careless about protecting it.
  3. Fraudsters and hackers will search dumpsters for valuable information. This activity is known as dumpster diving. Make sure that you and your company shred all documents that are important, confidential and contain sensitive information.
  4. Fraudsters and hackers will also memorize access codes by looking over someone's shoulder. This is known as "shoulder surfing". Make sure when entering private codes, whether at your computer or withdrawing money from an ATM that you do not have a shoulder surfer behind you.
  5. Fraudsters and hackers also take advantage of people's natural inclination to choose passwords that are meaningful to them but can be easily guessed. LexisNexis will be distributing documents to help you choose a password.
Security experts propose that as our culture becomes more dependent on information, fraudsters and hackers will remain the greatest threat to any security system.

Prevention of fraudsters and hackers includes educating people about the value of information, training them to protect it, and increasing people's awareness of how fraudsters and hackers operate.


Security Tip #2:

Understanding Malware

Malware
Malware is any software program developed for the purpose of causing harm to a computer system, similar to a virus or trojan horse.

Malware can be classified based on how it is executed, how it spreads, and/or what it does. The classification is not STRICTLY DEFINED SINCE groups often overlap and the difference is not always obvious. It is very common for people to use the words adware, spyware, and malware interchangeably. To help protect your systems from Malware it's critical that you install and use anti-virus programs. Most products that call themselves spyware or adware removers will actually remove all types of malware.

Here are a few types of Malware:

Keylogger
A keylogger is software that copies a computer user's keystrokes to a file, which it may send to a hacker at a later time. Often the keylogger will only "awaken" when a computer user connects to a secure website, such as a bank. It then logs the keystrokes, which may include account numbers, PIN numbers and passwords, BEFORE they are encrypted by the secure website.

Spyware
Spyware is a piece of software that collects and sends information (such as browsing patterns in the more benign cases or credit card numbers in more malignant cases) about users or, more precisely, the results of their computer activity, typically without explicit notification. They usually work and spread like Trojan horses. The category of spyware is sometimes taken to include adware of the less-forthcoming sort.

Adware
Adware is the class of programs that place advertisements on your screen. These may be in the form of pop-ups, pop-unders, advertisements embedded in programs, advertisements placed on top of ads in web sites, or any other way the authors can think of showing you an ad. The pop-ups generally will not be stopped by pop-up stoppers, and often are not dependent on your having Internet Explorer open. They may show up when you are playing a game, writing a document, listening to music, or anything else. Should you be surfing, the advertisements will often be related to the web page you are viewing.

Hijackers
Hijackers take control of various parts of your web browser, including your home page, search pages, and search bar. They may also redirect you to certain sites should you mistype an address or prevent you from going to a website they would rather you not, such as sites that combat malware. Some will even redirect you to their own search engine when you attempt a search. NB: hijackers almost exclusively target Internet Explorer.

Toolbars
Toolbars plug into Internet Explorer and provide additional functionality such as search forms or pop-up blockers. The Google and Yahoo! toolbars are probably the most common legitimate examples, and malware toolbars often attempt to emulate their functionality and look. Malware toolbars almost always include characteristics of the other malware categories, which is usually what gets it classified as malware. Any toolbar that is installed through underhanded means falls into the category of malware.

Dialers
Dialers are programs that set up your modem connection to connect to a 1-900 number. This provides the number's owner with revenue while leaving you with a large phone bill. There are some legitimate uses for dialers, such as for people who do not have access to credit cards. Most dialers, however, are installed quietly and attempt to do their dirty work without being detected.