Break Down
Can you identify problems with this e-mail based on what information and warnings have been given in this article? Here are things I noticed at first glance:
• Spelling: Do you think an honorable business person would be too ignorant to run spell check? Anybody could find the spelling mistakes in this – even a half educated 7 year old.
• Grammar: What about the business person who refers to himself as “i”? As I’m typing this, Microsoft Word won’t even let me use the letter I by itself without capitalizing it – that alone should show you just how stupid these people are.
• Spacing and Punctuation: Business documents are rarely seen with spacing problems because it looks extremely unprofessional. This e-mail is filled with these types of mistakes.
• Personal Information over E-Mail: By asking for your personal information to be transferred over e-mail, this malicious user gives you a major clue that the e-mail is not to be trusted.
• Doesn’t Use Name: Most corporations are required to use your full name in the opening address – by using “Good Day,” as the heading, you can assume it is generic and was mass mailed.
• Manipulated Header: The “To:” header, if you notice, appears that he sent the message to himself. This is a definite indication that something is wrong. Some companies use “mailinglist@website.com” or similar, but they very rarely manipulate the header to show they sent it to themselves.
Most of those red flags are quite obvious and do not take much effort to notice. When you notice more than one or two of the flags identified above, you can generally assume it is fraudulent, unless you know you subscribed to it. E-mail hoaxes all carry most of these traits – they aren’t very creative – so they are extremely easy to identify. If you are unsure whether to trust a hoax, check out the links page at the end of this article for sites that maintain hoax databases.
Encryption
Encryption is something that makes data unreadable without special knowledge regarding how to access it. Using encryption is something you can do to maximize your security without having to abstain from giving personal information out. There are many techniques which will help you out substantially if a hacker does find your files. It is often too difficult, and too much trouble for a hacker to try and crack an encryption – there are far too many people who don’t use any at all for a hacker to waste his time on someone who does.
Uses of Encryption
Encryption can be used to secure data between two points. There are key encryption systems – where files are encrypted with a key, and only that key can decrypt it – as well as certificate based encryption systems – where a certificate is authenticated against a computer’s footprint (or digital signature).
Many times, e-mail with sensitive data is encrypted to ensure security. Encryption allows a good deal of comfort to users – almost all of the time, the data will only be decrypted by those who are meant to see it.
Encryption can also be used for e-commerce systems to ensure the data goes only where it needs to, and can only be seen by those who need to see it. E-commerce systems require a great deal of security, and encryption is usually the only way to achieve this. The chances of this data being intercepted are unlikely (but still, slightly, possible). E-commerce encryption has been improved lots in recent years, as e-commerce has become more popular.
Methods of Encryption
One of the most effective methods of encryption on websites is the Secure Socket Layer (SSL) security protocol. It authenticates the server using a certificate system – it verifies who the data is going to, and it encrypts the data from the client to that server (one way authentication). In order to verify both the client and the server, you need to explore other encryption technologies, but there are solutions available. In order for a client to send encrypted information to a specific server, the server must have a specific key to decrypt it. The server can not send encrypted data back to the client without using a different encryption technology. One way encryption is usually sufficient unless the data is extremely sensitive.
By doing some searching on Google, it will allow you to find more encryption methods, if SSL doesn’t fit your needs. There are plenty of solutions available for just about every situation.
How to Tell: Secure E-commerce
Some may wonder how to tell if a website they are visiting uses a secure (SSL) connection. Each browser handles security a little bit different, but generically, there is a padlock icon on the GUI somewhere. Here is an example of how IE shows you a page is SSL secured:
In this image, you notice that instead of the usual “HTTP://” beginning, it is “https://”. This means that the document uses the SSL standard. Most browsers also use this type of identification
In this picture, you will notice that there is a padlock in the bottom right hand corner. This is IE’s way of saying “This page is secure.”
The PCMech.com weekly newsletter has been running strong for over 8 years. Sign up to get tech news, updates and exclusive content - right in your inbox. Also get (several) free gifts.
“War Games” & “Hackers: The Movie” sure did motivate a few kids to become internet security specialists. Groups formed on mIRC and it became pretty big at that time.