Common Sense Tips to Keep Children Safe Online[Google Official Video]

Google teamed up with Common Sense Media to create this videos of tips to keep kids safe while browsing Internet. Here are the few tips presented in the video to keep kids away from inappropriate content and protect them from spammers

• Place the computer in a central place like living room so that parents can monitor when kids are browsing
• For healthy reasons set a timer to make sure kids are not browsing more than 2 hours a day
• Continuously monitor the browser history to check what they are watching online
• Configure Google Safe Search to apply strict search results filtering rules
• Teach Internet safety tips and educate them to configure the privacy settings in Social Networking Sites(Orkut, Facebook, etc.), Instant Messengers(GTalk, Y! Messenger..) and photo sharing sites(picasa, flickr)
• Teach kids not to believe what ever they see online as there are many unauthenticated content providers post what ever they want

Watch the full video for more tips

Password Protect Any Folder on Your computer Using 'My Lockbox' Freeware.

My Lockbox is a easy and free way to quickly hide and password protect any folder from being shown in the Windows files system, and will do so under Windows safe mode as well.

The protected folder is hidden from any user and application of your system, including Administrator and System itself. It is impossible to access the lockbox not only from the local computer, but also from the net.

My Lockbox gives us a most promising protection even under safe mode. Also with the clean and skinned user interface  we can hide and unhide protected folder at a push of a button.

The best thing about the tool is if you have any problem, you will get excellent customer service from the company that developed this software.They will even help you if the password does not work anymore.

Bank Mail Phishing Scam - Received A Mail From Fake HDFC Banking Service

GMail is the one of the best email service which detects and eliminates spam and phishing scam mails. Almost 95% of the fraud mails which I receive are detected and moved to Spam folder.

But sometime Spammers and Phishers bypass GMail filters. Today I received the following mail from riskofficer@hdfcbank.com [phishing mail id] asking me to reactivate Internet banking account

Unauthorized NetBanking Access On Your Account

In the last few weeks, our Online Banking Security team has observed multiple logons on your Internet Banking Account, from different Blacklisted IP's, therefore been blocked, to prevent further unauthorized access for your safety. we have decided to put an extra verification process to ensure your identity and your Internet Banking Account Security.
Click on for your NetBanking Online Access.
http://www.hdfcbank.com/1/2/securityaccess/precaution/internet-banking/

Security Advisory,
HDFC Online Banking

*Important*
Please update your records on or before 48 hours, a failure to update your records will result in a temporary hold on your funds - it's one more way that HDFC makes your online banking experience better..
© 2007 All Rights Reserved

When I read the mail I thought it as a legitimate mail for few seconds, but after analysing the link provided in the mail I found out that it is fraud mail. The link provided in the mail is pointing to a destination URL  "http://66.249.24.135/~pay2/www.hdfcbank.com/Welcome%20to%20HDFC%20Bank%20NetBanking.htm" [don't click the link] which is not at all related to HDFC Bank.

Here are few tips to safe guard yourself against online banking fraud

Banks Never Sends E-Mails Asking Username/Password

None of the banks send e-mails to their customers asking Username/Password details to enable,reactivate, receive goodies, etc. Only phishing scam sites send mails asking username/password.

Analyse The Links Before Clicking

When you are about to click a link related to your bank, please take a moment and analyse the destination address. By placing mouse pointer on a link you can see the destination URL in status bar.

It is always preferred to avoid following the bank related links provided in emails.

Use Google Search or Bookmarks to open your bank's homepage

Phishing Scams use misspelled website address with user interface very similar to your actual bank websites. It may be very tough for a common user to differentiate fake website and actual website. So it is not safe to type your bank homepage URL in the URL bar as we may misspell  at times.

The first solution to avoid such mistakes is to use Google Search. Enter the name of your bank in Google Search and follow the results. Google has very huge index of phishing sites and they filter such sites from search results.

If you don't prefer to use Google Search every time to navigate to bank's homepage , use it once and bookmark the address in your browser. From next time onwards use the bookmark to navigate to your bank home page.

Trojan Horse Virus Spreading Through Google AdSense

ZDNet News posted an article on a Trojan horse virus being spread through the Google AdSense advertising program. According to ZDNet News and Bitdefendter Antivirus firm

 

Advertisements placed by Google in Web pages are being hijacked by so-called Trojan horse software that replaces the intended text with ads from a different provider.

The Trojan redirects queries meant to be sent to Google servers to a rogue server, which displays ads from a third party instead of ads from Google.

Google quickly reacted to embarrassing problem in their famous advertising program and said

We have cancelled customer accounts that display ads redirecting users to malicious sites or that advertise a product violating our software principles.

The virus is identified as Trojan.Qhost.WU and the rate at which it spreads is low. It affects users by redirecting them to malicious sites and affects web publishers/webmasters by stealing their ad revenues.

What is OpenID? Explained in Simple English [Video]

OpenID is a a single sign-on system which allows you to log in to hundreds of websites like Blogger, WordPress, Digg, AOL, Plaxo, Technorati, dzone with one username and password.

Yes only one username + password for hundreds of websites. No need to create and manage usernames + passwords for every single website separately. That's great right?

Here is a video which explains more about OpenID in very simple and plain English

Not able to watch the YouTube video?

If your school/office/university banned access to YouTube and you are not able to watch this is video, then learn how to Access Blocked YouTube at Office / School / University.

The Three Must-Have Antivirus/Spyware Software Free Downloads

One of the most critical applications for your PC is a good antivirus program.Also,the latest viruses are more sophisticated and aggressive than ever. Thankfully, with anti-virus software, you can confidently keep your data safe and your computer completely free of infection.

Avast Anti-Virus

Unlike antivirus trailwares such as MCAfee or Symantec, it's absolutely free for personal and home use.Also it won't slow down your PC by taking too much RAM or system resources. Despite its lean build, it protects your computer as the bigger programs do. It offers live virus protection to stop your machine from being infected in the first place, virus scanning and virus killing, and various protections against e-mail viruses, Web-borne viruses, and other threats.

Download Avast Anti-Virus

Ad-Aware 2007 Free

If you haven't used this before, consider it a must-have.This longtime favorite spyware killer recently underwent a upgrade. After all, not only does it kill spyware, but it's free as well.

It's exceptionally easy to use, and lets you customize spyware scans as well as schedule them. When the program reports what it finds, you can tell it to kill the potential infections, put them into quarantine, or ignore them. The new interface is much slicker-looking and easier to use than earlier versions.

Download Ad-Aware 2007 Free

Windows Defender

Spyware is so hard to detect that you should use more than one antispyware app. Windows Defender is a very good choice for a second layer of security. It's free, it does a nice job of finding and killing spyware, and, unlike Ad-Aware, it offers real-time protection.

It also has some extras, such as tools for monitoring all the software and processes currently running on your PC, and for stopping programs from running on startup if you decide you don't need them.

Download Windows Defender

Related Post:

Download Free Norton Internet Security 2007 Mini Version : Norton Security Scan with Google Pack.

Spyware.CyberLog-X Scamware - Remove It Safely

Recently my personal computer is infected with Spyware.CyberLog-X scamware. This scamware program inserts a new icon in the task bar(yellow warning triangle) and once in every couple of minutes it shows up an alert message with the following text

---------------------------
Critical System Warning!
---------------------------
Your system is probably infected with latest version of Spyware.CyberLog-X.
Type:        Spyware
Infection Length:    266,129 bytes
Risk:        High
Systems Affected:    Windows 95, 98, 2000, NT, 2003 Server,
        Windows XP, Windows Vista
Behavior:        Spyware.CyberLog-X is a spyware program that
        monitors user activity, logs keystrokes, and tracks
        Web sites visited.
Symptoms:    Low Internet connection speed
        Low system perfomance
        Security center alerts
        Strange pop up windows
Protection:    Click OK to donwload antispyware software.
---------------------------
OK   Cancel  
---------------------------

The malicious program is reported widely on the Internet as Spyware.CyberLog-X, Trojan-Spy.win32@mx, VirusBurst  scamware which is used to promote bogus software.

This scamware can be easily removed by running Norton PC Tools Spyware Doctor on the infected PC. Norton PC Tools Spyware Doctor is a free software distributed as part of the famous freeware Google Pack.Google Pack provides

What is Google Pack?

Google Pack is a bundle of freeware softwares specially selected by Google. These software are very useful for day to day activities of computer users which includes applications for keeping system secure to managing digital photographs.

Recover Lost Instant Messenger Passwords - GTalk, MSN,Yahoo! or Windows Live.

MessenPass is a password recovery utility that allows you to recover password(s) of all the popular instant messengers: MSN,GTalk, AOL,Yahoo!Messenger,Windows Live Messenger.

The moment you run MessenPass, it automatically decrypts the available passwords, and displays all user name/password pairs that it found in the main window of the application.It will work even without running the messenger at that time.

Only condition is you have chosen the remember your password option in one of the above programs. And also you cannot use this utility for grabbing the passwords of other users, it works only for current logged-on user on your local computer.

This application also supports saving the usernames/passwords to a file instead of displaying on screen. If you want to save to a file directly then use the following switch while launching

/stext <Filename> 

»Download MessenPass

Hacking Gmail Account by Capturing User Cookies

Browsing Gmail on your laptop using a Wi-Fi hotspot is proved to be insecure. Robert Graham, CEO of Errata security, demonstrated how easily this can be done.

During the Black Hat 2007 security convention held at Las Vegas, Graham did a live demonstration on a journalist in the audience. This was done by capturing cookies, then cloning them into his browser. The victim was using a typical unprotected Wi-Fi Hotspot and his Gmail account popped on the large projection screen for 500 audience members to see.

With the help of Ferret application first he grabs cookies and session IDs of the target system. Then he clones the captured cookies and session IDs on his system with the help of Hamster application. Once the identity is cloned, Graham is able to jump on to online services like Gmail with full access to read and send email on behalf of the victim.

Robert would likely to make the attack tools publicly available via the company's website for anyone to download.

This type of attacks can hijack sessions in almost any cookie-based web application like Microsoft's Hotmail,Yahoo Mail and other social networking sites running on HTTP mode. 

In order to prevent such attacks when you use email clients in a public wi-fi hotspot use https:// instead of http://. To access secured Gmail point to the URL https://mail.google.com/mail/ and for Yahoo Mail and Microsoft's Hotmail clicked secured login links displayed in the login page.

Read more about this from Robert blog Errata Security: SideJacking with Hamster