We’ve all heard of online scams and how they are growing out of control. Well, the Holidays bring out the best of them, so please be careful when reviewing emails and do any shopping online. This article can help you understand what to look for.

Holiday scams are a favorite of cyber criminals, with hackers pummeling users with malware in the form of eCard viruses, Amazon.com scams, Hallmark viruses and more.

http://www.crn.com/slide-shows/security/228600102/holiday-scams-15-malware-attacks-to-watch.htm?cid=nl_crn

Joe Busuttil

joe@alphakor.com

As an IT provider we talk to clients about the risks their networks face on a day to day basis and it’s pretty clear that generally people have a very vague idea of what computer security is and how they can protect themselves. We’ve heard a range of answers to the question “is your network secure?”, here are some of the biggest phallacies surrounding computer security.

“I don’t really have any data that a hacker would be interested in, so I don’t worry too much about security”

We hear this every day - the idea being that data is valuable, so the less you have the less interesting you will be to malicious attackers. While this can be true, your data isn’t always what an attacker will be after. Some simply want to conduct malicious attacks on other organizations, so by using your network as the starting point you will face the consequences, not them. While most computer systems log some network activity, it can be difficult to prove after the fact that the malicious activity wasn’t initiated from within your network.

“I’ve used the same password for 10 years and it’s never been hacked, so it must be pretty safe”

Again, we hear this a lot. The practice of “cracking passwords” is rare as a means of malicious attack, but it’s not unheard of. Contrary to popular belief, breaking into password-protected accounts isn’t a matter of guessing - an attacker will use a large dictionary of words to attempt entry, so if your password is an English word without any capital letters or characters inbetween, it’s susceptible to attack. By using words that wouldn’t appear in a dictionary you’re increasing your chances, but simple combinations can still be risky - for example, the password ‘password1234′ would be considered insecure. Instead of creating a random, complicated password that you will never remember, try this:

Take a common word known to you, like your nickname at school or your mother’s maiden name - 6 letters or more is best.

Insert a number or character every other letter.

Capitalize the first or last letter, or the second or second from last letter.

So your password may be: s4m5i6T7h (the name smith with numbers added and one letter capitalized).

While this may be more complicated to type than your cat’s name, it should still be fairly easy to remember, and although it is made up from simple combinations of letters and numbers, it would still be impossible to ‘brute force’.