La Piazza Blog - PANDA SECURITY SUPPORT

Posted by Leyre August 19, 2009

The first thing you must do in order to protect your computer and data is to create a safe password, especially in these days, with the prominence of social networks. People tend to use easy-to-remember passwords, but this is a risk, as hackers can then easily access your confidential information. It is common sense, or would you leave the door of your car unlocked just because it is easier to open it? You wouldn´t, right? Same happens with password safety. Here go a  few useful tips.

DONT´s when creating a password

1. Never use passwords that can be found in a dictionary. They can be cracked with clever - and even not-so-clever - password hacking programs.
2. Never use password containing less than 8-characters long. The shorter the password is, the easier it gets to guess it.
3. Never place numbers after the password if the password Word can be found in a dictionary. It is best to insert numbers and special characters in between a word or replace some of the letters by special characters, for example,  Charles – Ch@rlE$
   This is a little safer.
4. Your cat’s name is not unique. Leave it alone Ditto your name, your birthday, your mum’s maiden name or your birthday.

DO´s when creating  a strong password

1. If you want to have a password which is easy to remember but hard to guess, memorize a sentence. Then, use the initial of each of the words of the sentence as the password. Then add a final point or a special character  (!, @, #, $, %, ^, &, *) at the end, followed by two numbers and a capital letter.For example: April is the month of rain - ( Aitmor@05 )
2. Always use a password that is between 8-14 characters, minimum 8.
3. Combine capital and lower case letters in your password.
4. And if you do need to write it down, try not to do it on a piece of paper entitled “Internet Banking Passwords”
5. Change your password every 30 days.
6. Make sure the user name and password are different

For more information, check out PandaLab´s blog post on Social networking, Passwords and privacy and watch the following video to quickly review the most important tips!!

What do you think about this article? Do you want to share your experiences with us? We would love to hear from you!!

Posted by Blanca, 07 August, 2009

Internet is an exceptional tool, it makes several tasks easier. However, being used for business and communication increases the possibilities of fraud.

Occasionally, online fraud scams are reported. To carry out online scams, hackers send an email passing themselves off as a bank. The email is used as bait, and readers are told their accounts must be checked, their information must be updated or that they must restore their password or PIN.  On accessing the message, they are redirected to a fake website, and on entering their details the information is sent to hackers, who from then on have access to the accounts.

This type of crime is called Phishing. If hackers obtains the victim’s password they will have access to the victim’s account and can wipe it out. Worse still, they can steal the victim’s identity.

These e-mails appear to come from a legitimate company, usually a financial institution or credit card issuer (though many like to use eBay and PayPal), urging you to take immediate action so your account is not deactiviated.

To increase the chance that they can trick you, they’ll even use the company’s logo, colors, and standard disclosure text. The e-mail will usually contain a link that takes you to a fake site made to look like the company’s legitimate web site.

Obvious clues that an e-mail is a phishing scam include:

• Misspellings and poor grammar. 
• Web site does not have “https://” in the address bar at the top. Legitimate companies employ secure socket layers (SSL) technology to encrypt your personal data. 
• Urgent tone or call to action. Phishing e-mails will allude to dire consequences like, “your account will be deactivated if you do not respond within 24 hours…” in the text. 
• Requests for personal information like social security number, account numbers, credit card information.

Email phishing is the most common form of phishing used by hackers nowadays. However, they also carry out phone phishing by calling people at home or at work. We recommend you to be very careful on answering questions, especially when talking to people who claim to work in the bank you have your savings in.

Remember that no responsible bank or financial institution requests personal and/or sensitive customer data via email or phone.

How to prevent becoming a victim of Phishing.

1. Be wary of unsolicited phone calls, visits or emails requesting personal or confidential information. 
2. Do not send personal or financial information via the Internet, unless you know the recipient.
3. Download program applications and updates directly from the provider’s website.
4. Pay attention to the website’s address. Some malicious websites are identical to the legitimate one, but use different addresses (i.e. www.paypal.Inc.com), when the original address is www.paypal.com.
5. Install your Panda Security antivirus, firewall, browser and e-mail filters and keep them up-to-date to reduce phishing traffic and spam.
6. Frequently check your accounts to make sure there are no inexplicable transactions. 
7. If you think an account or credit card has been compromised, immediately contact your bank and close the corresponding account.

Remember that one of the ways of fighting against fraud is to not becoming a victim; if, as an Internet user you learn to prevent falling victim to hackers, they will have to find benefits elsewhere.

How about you? Have you ever known anybody who has experienced Phishing attacks? Any other useful tips to prevent it? We are all ears!!

Posteb by Ana, 05 August, 2009

Shopping Online provides a convenient way of making purchases at any time of day, 365 days a year, from a wide range of retailers offering more choice than ever before.

Analysts predict that each year more people than ever will use the Internet for shopping. But they also warn that fraud is on the rise and Internet users need to become better educated on how to protect themselves. Credit cards have helped fuel the Internet economy because they provide security, convenience and reliability for online purchases.

I am a great lover of e-shopping myself! I’ve bought almost anything you can imagine, from a Swiss watch to the tickets of the last Bruce Springsteen’s concert in Bilbao which, by the way, was absolutely great!!! But you must be careful and follow some easy rules.

Here you are some useful tips to take into account:

1. Know who you are dealing with. Conduct business with those companies that you know and that are reputable. Get the seller’s landline phone number and postal address. Remember, you will be sharing your credit card number, your name and possibly your address and phone number. 
2. Check security. Look for the picture of the unbroken key or closed lock in your browser window. Either one indicates that the security is operative. A broken key or any open lock indicates it is not. Look to see if the web address on the page that asks for your credit card information begins with “https:” instead of “http.” Some web sites use the words “Secure Sockets Layer (SSL)” or a pop up box that says you are entering a secure area. These security protections do not work in e-mail. So, make sure you send personal and payment information in a secure web transaction.
3. You should never be asked to tell anyone your card’s PIN number - even if they claim to be from your bank or the police and never use your Social Security Number or PIN as a password. Treat online marketers as you would telephone marketers or anyone else you don’t know. If the deal sounds too good to be true, it probably is, so pass it up. 
4. Only provide your payment card number when you are making a purchase and if you have initiated the negotiation and review your statement immediately and thoroughly. Whether you get your statement by postal mail or online, review each transaction carefully to make sure there are none that you did not make and keep records of what you order.

Now, why not sharing with me some of your e-shopping experiences? Go ahead, I’m really willing to listen to them!