Posts Tagged Security

What Is Vishing & How To Avoid It

Vishing is the term used for voice or VoIP (voice over IP) phishing. It is a social engineering attack that is launched with a primary goal to extract user’s confidential information and is usually done using an automated dialing and voice synthesizing equipment.

Vishing works just like any other phishing scam. The imposter generally pretends as someone from the bank or as a government representative seeking information. Sometimes, the fraudster may even use voice to text synthesizers or recorded messages to masquerade himself. The attack is launched with an intention to gain access to a person’s PIN number, credit card details, passwords, social security number etc. In most cases, the scammer is successful in making the victim part with their credentials.

When a vishing attack is launched, either of these things happen 

  • A person will receive a call. On answering that call, an automated voice system will ask the victim for their personal information.
  • Sometimes, a fraudster will call the victim and inform that they should call their bank to avail some offer or to provide certain information. The victim then hangs up the phone to dial bank’s number but fraudster doesn’t and keeps the lines open. Victim hears a spoofed dialing tone and some other scammer answers the phone call. They impersonate their identity as bank official to steal the required information.

How Do They Obtain Your Number?

There are several possibilities by which the fraudsters obtain your number. Some of which are

  • Using stolen phone information
  • Auto – generated numbers
  • Numbers and details compromised in a previous data breach

Techniques Used By Them

  • Impersonate As Genuine Callers – There is high probability that these scammers already have your personal information and address you as genuine people over the phone.
  • Holding The line – Sometimes, cyber criminals hold your call. They then direct your call to another scammer when you call them back.
  • Sense Of Urgency – The most common approach is to incite fear in the mind of a person. The caller makes the victim believe that their money is in danger. He/she then acts hastily without thinking much and commits the mistake of sharing their confidential information with the fraudster.
  • Phone Spoofing – The number from which the call comes seems to be genuine and so you believe what the caller says, often ending up in sharing your login credentials or passwords.

How To Avoid Them

  • Never Share Your Personal Information Over The Phone – If you pick a call that seems to be from a legitimate caller, never share your personal information over the phone in the first place. No bank or government institution will ask you to provide your credentials over the phone. In case they do, then ask the caller’s name and tell them that you would call them back after some time. Search for the bank’s official number and inquire from them about the call.If you sense something suspicious then there are chances that the call was a vishing attack launched at you.
  • Use A Caller ID App – There are numerous apps such as Truecaller that allow you to know the callers identity. It has billions of spam numbers locked in their database and if you come across such a number then you can also add it to their spam database.

For more information on IT Security, call Centex Technologies at (254) 213-4740.

, ,

No Comments

Watch Out While Giving Permissions To Apps On Your Mobile Devices

You might have encountered pop-ups asking for permission to access certain details whenever you install an app on your mobile phone. We generally accept to grant access and that’s where we expose ourselves to cyber vulnerabilities & threats.

Permissions That Can Have Serious Repercussions –

  • Location – All apps generally ask for permission to track your location. If you install an app that contains malware and if you give app permission to track your location, then cyber criminals can keep a check over your movement.
  • Contacts – Some apps require you to allow them to gain access to your contact list. With this, you allow the app to see who all are in your “contact list” and what are their contact details. Apps can further use this information to market themselves. If hackers access this information, they can misuse the phone numbers, email ids of contacts known to you.
  • Gallery – If you download an app that asks for permission to peek through your gallery, then ensure that it is from a trusted source. One needs to be wary of giving permissions to such apps as cyber-criminals can use your photographs or even ask for ransom to exploit you.

Here we have listed certain ways to stay safe while giving permissions to apps on your mobile phones –

  • Read the app description thoroughly and make sure that you comprehend on each and everything before actually installing the app on your mobile phone.
  • Make sure that you download the app from a trusted source. If you are not sure, send an email to the developer and ask them about reasons why they require permissions. Download the app only if you are satisfied with their answers.
  • Check out whether the permissions asked by an app are required or not. For e.g. if you download an app that monitors your eating habits and it asks for permissions to access your gallery, then it is better to give it a miss because gallery has nothing to do with your eating regime.
  • The best way to ensure about authenticity of an app is to read the reviews of other people who have downloaded it. Read them thoroughly to gain an insight of complains or positive feedback about the app.
  • Manage your account permissions using permission manager apps. They help you manage the permissions and disallow them to gain access to other apps that contain your personal information like gallery, contacts etc.
  • Keep your phone updated and install a good anti-virus.
  • Do not download the app that asks for too many permissions than what are generally required.

It is extremely important to audit the app permissions every now and then to ensure that your personal and confidential information stays safe and private. For more information on IT Security, call Centex Technologies at (254) 213-4740.

, ,

No Comments

Top 10 Network Security Threats

November 24, 2014

There are a number of security systems available that can help you protect your computer network from unauthorized access. However, there are a number of internal vulnerabilities, which are not commonly considered to be a threat, but have the potential to seriously infect your system.

Some of the common network security threats are:

  1. USB Drives: These are one of the most common means of infecting a network. USB drives are small, inexpensive devices that can be used to share data between computers. Once a system is connected with a USB drive, most operating systems allow automatic running of programs, even the malicious ones.
  2. Laptops and Netbooks: Laptops and Netbooks of people outside the company, if connected to company’s computer network can also transmit codes that can hamper the security of a network. These portable devices may also have many system codes running at the back end to search for and infect internal networks. These malicious programs can also provide an easy access to a company’s important information like salaries, phone numbers, addresses, medical records, employee passwords etc.
  3. Wireless Access Points: These provide immediate access to the network to any user within the network range. With security vulnerability in wireless access points, hackers can penetrate a computer system to get hold of confidential information. Most of the wireless AP protocols such as WPA and WPA2 are susceptible to attacks if strong passwords are not used.
  4. Miscellaneous USB Devices: Apart from USB drives, many other devices such as digital cameras, MP3 players, scanners, printers, fax machines etc. also pose a threat to the security of a network by transferring infected files from one system to another.
  5. Employees Borrowing Others’ Machines or Devices: Borrowing or sharing devices within the office can also cause an employee to inadvertently access restricted areas of the network. Thus, it is important that the passwords are strong and frequently changed.
  6. The Trojan Human: These are attackers who enter the websites in the camouflage of an employee or a contractor. These types of swindlers are capable of gaining access to the secure area of the network, including the server room.
  7. Optical Media: Just like the USB devices, optical media such as CDs or DVDs can also be used as a source of network infection. Once installed and run on a system, these portable storage devices can steal and disclose confidential data to other public networks.
  8. Lack of Employee Alertness: Besides the intimidations from digital technology, the capacity of human mind to store information also poses a major threat to a network’s security. Employees should be alert to note who is around them when they log on to their system or while reading confidential documents in public places.
  9. Smartphones: Today, phones are no less than mini-computers having the capacity to perform complex tasks. Hence, smartphones also pose the same security threat as a laptop, netbook or US devices.
  10. E-mail: Emails are commonly used to communicate, send and receive files within the business networks. However, this facility can often be misused for malicious purposes. Confidential messages can certainly be sent to any outside target and many viruses can be transferred through emails.

Make sure you keep a note of all these potential threats and take the necessary steps to prevent your internal network from getting infected.

,

No Comments

How to make your Computer Network Secure?

February 28, 2011

Networking allows you to share Internet data and access files and folders across systems easily. But one does not want to share his information and data with just anyone. With the help of a wireless network, your information is moving through the air medium, not physical wires, so anyone within the range can intrude your network. There are five substantive security measures you should take to procure your wireless network.

Change the default connection password:
All the Access points and routers have a default password set by the company. You will be asked for a password whenever you want to make alterations to the network settings. Hackers are aware of these default passwords and will seek them to have illegal access to your wireless device and alter your network settings. To avoid any unauthorized alterations, change the password and make it hard to guess.

Modify the default SSID:
Your wireless network devices have a default SSID (Service Set Identifier) which is set by the company. The SSID is the name of your wireless network, and it can be up to the length of 23 characters. Modify your network’s SSID to something unique, and ensure it does not refer to any networking products you own. As an extra precaution, make it a point to modify the SSID regularly.

Enable WPA Encryption:
Encryption allows security for the data that is being communicated over a wireless network. Wired Equivalency Privacy (WEP) and WiFi Protected Access (WPA) extend unlike degrees of security for wireless communication. WPA is addressed to be safer than WEP, because it makes use of the dynamic key encryption.

Disable SSID broadcast:
Automatically, most of the wireless networking devices are typeset to broadcast the SSID, so any person can effortlessly join the wireless network with just this info. This is advantageous for the hackers, so unless you own a public hotspot, the best idea is to disable the SSID broadcast. You certainly will believe that it is handier to broadcast your SSID so that you are able to click on it to join the network, but in addition you can configure the devices on your network to automatically connect to a specific SSID without transmitting the SSID from the router.

Enable MAC address filtering.
Some routers provide you the power to enable MAC address filtering. The MAC address is a distinct series of figures and letters allotted to every networking device. With MAC address filtering, you can determine which computers can obtain access to your network. It would be quite difficult for a hacker to find your network using a random MAC address.

To know more about Networking and computer security, please visit Centex Technologies. We can be contacted on (254) 213-4740 and (800) 236-1497 (Toll Free).

Austin Search Engine MarketingInternet Marketing Guy

, ,

No Comments

Tips On Keeping Your Computer System Secure

October 04, 2010

Today, we cannot think of life without computers. Be it home or office or any public/ private organization, we need computers for performing our day to day operations. We not only keep our personal data on computers but also use them for business communication and fund transactions. This makes the security of computer systems extremely important. It is required to keep the computers secure for optimum utilization and to safeguard yourself against threats, especially when you are using a network. There are few steps which you require to perform for securing the system.

The first thing which you should do is to have a properly configured firewall and install  a good anti-virus software. It is also a good practice to create back up of files into any external drives like CDs or USB devices. Regular backups make sure that the files will not get lost if there are any external attacks or if the system crashes. Also make sure that you purchase a genuine copy of the anti virus and have the anti virus updated from time to time. Do not download any software, games, MP3 or videos if you do not trust the source. There is a possibility that you may download a virus in your system. Always have a spam guard to protect yourself from unsolicited mails. Do make sure that you are aware of the phishing mails and do not open any attachments from mails that look like spam.

It is extremely important that you never share your personal information online and be aware of hackers. Give a remote desktop access only if you trust the other party. Make sure that you are constantly communicating with the other person and in case of any suspicious activity, discontinue the same.

Above all, it is very much important that you use an updated operating system and never share your passwords with anyone and do not use common words as passwords.

We at Centex Technologies provide wide range of solutions for computer system maintenance and security. For more information on how you can set up a secure computer system or work network, feel free to call us at 254-213-4740

Security Consultant Texas IT Support

, , , ,

No Comments