RANDOM HANDSHAKES - ALI H. RADDAOUI

Sunday, August 24, 2008

THERE IS STILL TIME TO LEARN: WHEN FRAUDSTERS TAKE HOLD OF YOUR EMAIL ACCOUNT

Well, this time, it’s a different kind of learning, the kind of learning that happens in an unplanned fashion, and where learning takes place, the hard way.

***

THE BEGINNING OF THE STORY
I was out of town for a few days, wanting to forget all about internet, email, books, and long sits in front of the computer screen. All was well until I received a phone call from someone doing research with me;
‘Hey, where are you? I'm worried about you! We want to help! Where are you?’.
‘What’s the matter?’, said I?
‘We just received a message from you’, was the answer, ‘You’re in Lagos, Nigeria, stranded, and some people have stolen all your money. How can we send you money to come home? My husband and I have been thinking about you all morning. We're making the necessary arrangements to send the money, but we just wanted to check the whole thing.’
I’m right in the area, not of out of Tunisia, visiting family’. I answered.
‘Wow, the person who wrote to us in your name wanted us to send 1650 dollars’
, they answered
‘I’m mighty glad you asked, I’m safe and sound, and haven’t left the country.’, said I.
***

You think this happens only to other people? We have all received messages from the four corners of the earth with people promising fabulous sums of money, if we just sent some details about identity. Gladly, most of us know this is common occurrence. The day someone hijacks your ID and password and starts writing emails is not far off. In this case, this charlatan just used my standing and reputation to take advantage of my friends and associates. I’m not the kind of person to ask for money from anyone, period, o, wait, except possibly very close family members, and in circumstances that’s only in extremely exceptional circumstances, and I grant you, it hasn’t happened in the last thirteen years. I have a good working relationship with many people in many parts of the world. When one of them is led to believe I am struggling in a foreign country, they would likely want to honor that request when it bears my digital prints. And you tend to appreciate the trust, that the moment some people realized the mess you were in, they would rush to help. That’s a great measure of trust, mutual trust, and under all circumstances, one should appreciate that. Little do these people know that there is always someone watching. Hackers, some of whom are said to be good people, with associations and help-desks for their own kin, are always on the lookout for soft targets. Only this time, they’re not simply hackers; they’re down right criminals, impersonators, impostors, highwaymen of sorts, preying on people who sing and sleep the internet, the joys of open communication, and the promises of an unbounded world.

***

The lessons to be drawn from this are possibly many. I will leave them out for my next post.

3 comments:

Z. Deymi said...

Oh what a tangled web we weave,
When first we practice to deceive!
-Sir Walter Scott-
Hacking is getting more and more dangerous to individuals, corporations, and governments. It has turned into a hobby for internet thieves--some sort of an unprecedented organized crime, a new social and ethical pathology that one can call "Intelligent criminology." There are even more dangerous hackers. These are amateur hackers who are doing it for the sake of it, to show off their Internet skills. The most frightening thing about these is that they do it in a damaging random way; they use software programs to check for the first online computer they come across to attack.
So what happened to you may happen to thousands of people daily. As long as one is online, s/he may be an easy prey to an unscrupulous hacker mainly if one does not take the necessary measures of protection. The hacker generally breaks into someone else's computer when there is a security breach in that computer or when there are flaws in the network to which that computer is connected. Most hacking occurs on infected PCs. The hacker uses all sorts of internet attacks (viruses, worms, Trojan horses, etc.) to paralyze the targeted computer and easily access—even modify--the information in that computer while online. The hacker also exploits the flaws in the Internet browser you use and plants a keylogger or a password "sniffer" on your computer without you being aware of it. Anything you log into via the Internet (e-mail accounts, online bank accounts, etc.) can be subject to attack by hackers. Once your password or username is "sniffed", the wicked spying operation starts off. The hacker, knowing the details of the details of your private and professional secrets, could do anything you may imagine. He may abuse your trust by claiming to provide an online service and indirectly get sensitive information from you (your credit card number for example!). We have heard thousands of incredible stories of bank thefts, blackmailing, and other sorts of nasty things done by hackers on the net.
How to Avoid Being Trapped into the Snare?
"Prevention is better than cure."
"A good defense is the best offense."
Here are some tips, if followed by any Internet user, the hazard will be tremendously minimized:
1. Always run your Firewall, Antivirus , and Anti-Spyware programs before your computer connects to the Internet.
2. Keep Your Virus Checker Up To Date.
3. When you are not using your computer, disconnect it from the Internet. There are various ways to disconnect from the Internet, you could: turn off the computer, put your computer in Windows' Standby mode (Start/Shutdown/Standby), break the Windows' Internet connection, or power down your modem or unplug your LAN cable.
4. Avoid popular navigators- Use Firefox Instead of Internet Explorer. Because Internet Explorer is the world’s most popular browser (mainly for those who use Microsoft Windows) and because so few users keep their software up-to-date, many hackers have devoted their time to develop programs and websites to exploit Internet Explorer’s known flaws. So Internet users who wish to protect their online information are strongly recommended to change Internet Explorer for Firefox.
5. Never share your account information or Password Any web link you get from an email that brings you to a page where you are supposed to enter sensitive information like your credit card, bank info or passwords, never do that! Banks and other service providers would NEVER contact you that way.
6. Change your passwords from time to time.
7. Choose a password difficult to crack. Your password should be composed of no less than 8 mixed characters (figures, letters, and symbols) and carrying no signification or hints to anything important for you (avoid the names of your children, wife, college, favorite singer, etc.)
8. Never post your IP address in a public place. This is like giving the key to hackers to open your house! Once they know your Internet Protocol address (four numbers divided by periods e.g. 168.320.001.01) they can begin hacking your computer.
9. Keep your computer clean. Keep your precious files away from unscrupulous individuals by saving them on floppy disks.
10. Be very careful about running executable files (having the extension .bat, .exe or .com) when downloading programs. Executable files can easily contain keyloggers specifically added to steal your account information.

Ali H. Raddaoui said...

These are very insightful comments, Z. Deymi! They sum up pretty much the lessons that I have learned from the hacking experience to which I was subjected. I am sending you under separate cover two more texts for further consideration.

Thank you for taking time out to read and comment upon my blog.
Ali

Z. Deymi said...

I cannot claim in any way that I am an expert in information technology. But the Internet dangers that one is likely to face and of which one should be aware is a subject that interests any Internet user.
The comments I posted are the outcome of the humble knowledge I retained from an online course I did on ICT and of a long research on some websites I visited after I was frightened by your story with the hackers. One should learn from the accidents that happen to others!! Below are some of the websites I consider useful and insightful: Some of the tips are taken in good faith from these. Tips are said essentially to be read, shared and spread.
http://lifeloom.com/A_Byte_of_Cybercrime.htm
http://www.nospysoftware.com/spyware-articles/internet-hacking.php
http://www.igoldc.com/index.php?gOo=article_details.dwt&articleid=217