Nowadays Internet has given a tremendous boost to e-commerce. It did take a few years for the trust between online sellers and online buyers to develop. But, the threat to online security today comes from a third group, neither the seller nor the buyer is party to these online frauds.
There are some threats & attacks faces when you are online:
1) Denial-of-services(DoS) 2) Distributed denial-of-service(DDoS)
3) Virus
4) Worm
5) Macro virus or macro worm
6) Trojan horse
Besides those threats stated above, there are some skills for the fraudsters to attract the victims. For example:
(a) Phishing is one of the most damaging online security threats in recent times. Basically it involves an attempt by a fraudster, to extract confidential information from the innocent victim. In most cases the fraudster constructs a clone site that looks very similar to the web page of a bank or other financial institution. The victim is urged to click a link on an email and access the victim's financial account. The web link is actually a clone web page that captures the confidential login information of the victim. Once this happens, the fraudster uses the information to log into the actual financial account of the victim. The funds in the account are then syphoned out by the fraudster. You should never click a link to access your bank account, credit card account or any other financial account. Open up a fresh browser window and type the entire name of the website, this is the safest way.
(b) You could receive a fraudulent email telling you that you have won a million dollar (possibly more) lottery prize! Do not fall for this gimmick, the fraudster will tell you how close you are to become a millionaire. In most cases, you will be requested to pay a few thousand dollars for various fees and legal expenses. The truth is that there is actually no lottery and no prize money. Once you part with a few thousand dollars, the fraudster disappears and preys on his next victim.
(c)Emails are often received form fraudsters claiming to have free access to millions of dollars. The message goes on to say that all that is required for you to get a hefty share of the money, is to act as an agent in moving the funds. All you need to do is to pay a few ten thousand dollars, your returns could be in the range of five million to 20 million dollars! This is another fraud that you should keep away from, you will never see a single dollar come your way. The fraudsters are based in countries where the legal system operates like a fish market, so no legal recourse will be available to you.
How to keep data safe?
1) Authentication- the process by which one entity verifies that another entity is who they claim to be secret, object, biometric
2) Authorization-process that ensures that a person has the right to access certain resource
3) Auditing-process of collecting information about attempts to access particular resources, use particular privileges, or perform other security actions.
4) Confidentiality-keeping private or sensitive information from being disclosed to unauthorized individuals, entities or process
5) Integrity-as applied to data, the ability to protest data from being altered or destroyed in an unauthorized or accidental manner
6) Availability-a person or program can gain access to the pages data or services provided by the site when they are needed
7) Non repudiation-the ability to limit parties from refuting that a legitimate transaction took place, usually by means of a signature
There are some threats & attacks faces when you are online:
0 comments:
Post a Comment