How hackers exploit social media

The phenomenon of "social engineering" is behind the vast majority of successful hacking.

This isn't the high tech wizardry of Hollywood but is a good, old-fashioned confidence trick.
It's been updated for the modern age, and although modern terms such as "phishing" and "smishing" are used to describe the specific tricks used, they all rely upon a set of human characteristics which, with due respect to Hieronymus Bosch, you might picture as the "seven deadly sins" of social engineering.

Apathy:

To fall for a confidence trick, or worse, we assume others "must" have taken the necessary steps to keep us secure.

Sadly this leads to a lack of awareness, and in the world of the hacker that is fatal. When we stay in a hotel and we programme our random number into the room safe to keep our belongings secure, how many of us check to see if the manufacturers override code has been left in the safe?
It's nearly always 0000 or 1234 so try it next time.

Curiosity:

Humans are curious by nature. However, naive and uninformed curiosity has caused many casualties. Criminals know we're curious and they will try to lure us in. If we see an unfamiliar door appear in a building we frequent, we all wonder where it leads. 

We might be tempted to open it and find out, but in the online world that might just be a trap waiting for an innocent user to spring it. A colleague built a website that contained a button that said Do Not Press, and was astonished to find that the majority of people actually pressed it.
Be curious, but exercise a healthy degree of suspicion.

Gullibility: It is often thought of as a derogatory term, but we all suffer from this sin. We make assumptions.
We take others at face value, especially outside of our areas of expertise. Put a uniform on someone and we assume they have authority.

Give an email an official appearance by using the correct logo and apparently coming from the correct email address, and we might just assume it's real, regardless of how silly its instructions might be.

All of this can be easily forged online, so make no assumptions.

Courtesy: We quite rightly all teach our children to be polite. However, politeness does not mean you should not discriminate.

If you do not know something, or you feel something doesn't feel quite right, ask. This principle is truer than ever in the online world, where we are asked to interact with people and systems in ways with which we are quite unfamiliar.

If someone phones you out of the blue and says they are from your bank do you believe them?

No. Phone them back. 

And by the way, use a mobile phone as landlines can remain connected to the person who made the call in the first place and so whilst you might think you're phoning the bank on a valid number you're just talking to the person who called you.

Greed: Despite what we'd like to think we are all susceptible to greed even though it might not feel like greed.

Since its inception, the very culture of the web has been to share items for free.
Initially this was academic research, but as the internet was commercialised in the mid-1990s, we were left with the impression that we could still find something for nothing.

Nothing is ever truly free online. You have to remember that if you're not the paying customer, you're very likely to be the product. In the worst case, you might find that you have taken something onto your machine that is far from what you bargained for.

Many pieces of malware are actively downloaded by owners unaware that the "free" product contains a nasty payload, even if it also appears to do what you expected of it.
 
Diffidence:
People are reluctant to ask strangers for ID, and in the online world it is more important than ever to establish the credentials of those whom you entrust with your sensitive information.

Do not let circumstances lead you to make assumptions about ID.
For example, if someone from "IT support" calls you and asks for your password so they can help fix your problem, how do you know they haven't called everyone else in the building first until they found you who has really got a problem?

This is a well-known attack. If someone has a problem with proving who they are, you should immediately be suspicious.

Thoughtlessness:
 Thinking before you act is possibly the most effective means of protecting yourself online. It is all too easy to click that link.
Stop.

How many of us when reading an apparently valid link in an email would bother to check whether the link is actually valid or whether instead it takes you to a malicious site.
It's horribly easy to make links look valid so try hovering your cursor over the link for a few seconds before clicking to see what the real link is: the true link pops up if you give it a moment.
As cynical as it may sound, the only answer is to practise your A-B-C:

• Assume nothing
• Believe no one
• Check everything

With more Christmas shopping expected to be done online this year than ever before, you should watch out for those that would exploit the deadly sins.
Don't give criminals the chance to ruin your holiday season, and remember that a little bit of paranoia goes a long way online.

View the whole story here: http://www.bbc.co.uk/news/technology-20717773

For more information about staying safe online contact the IT support experts at Click Networks today on 0141 530 9116 or email us at info@clicknetworks.co.uk today!

What tablet to buy this Christmas?

We start with Microsofts Surface’s 1366 x 768, 10.6in IPS LCD screen which may only boast a pixel density of 148dpi but its 16:9 aspect ratio is shared with most laptops and TVs so you feel right at home from the off. This is a tablet that unashamedly delivers a PC experience, which I take to be A Good Thing. With an Nvidia Tegra 3 under the bonnet, a choice of clever attachable keyboards-cum-covers, a built-in kickstand, a proper USB port and an SD slot good for cards up to 64GB, it’s a device both powerful and versatile.

And don’t forget, the Surface comes with Microsoft Office pre-loaded. That’s the sort of productivity offering you just don’t get with Android or iOS.

On the downside, at £400 it’s not cheap; the OS takes up a huge chunk of the advertised storage space; both the Touch and Type keyboards are optional extras; there’s no GPS; and the Windows RT app store is close to empty at the moment.

Even the most devout fan of Android would have to concede that it has failed to repeat its smartphone success in the tablet arena but in the second half of the year Google came out swinging to try and fix that.

In the summer, it launched a Tegra 3-based 7in, 1280 x 800 tablet at a staggeringly low price. The Google Nexus 7 immediately won friends thanks to it’s powerful quad-core processor, excellent IPS LCD screen and Android 4.1 Jelly Bean OS, which debuted on the new tablet.

Just last month, the 16GB version dropped to £159 replacing the 8GB model yours truly bought, while a 32GB 3G device was also introduced at a very reasonable £239. The price changes have made something that was already very attractive even more so.

Being a Nexus 7 owner I’ll admit to a bit of bias here, but for gaming, e-book reading, web browsing, watching HD video - the stuff most of us do on our tablets most of the time - the Nexus 7 is hard if not impossible to beat.

How to trump that? Easy. Launch a 10in version with a screamingly fast dual-core Cortex A15 chip, a higher than hi-def screen and charge £319 for the 16GB version. That would be the Samsung-made Google Nexus 10 then.

The standout feature of the Nexus 10 is the 2560 x 1600, 300dpi screen, which clobbers even the “retina” 264dpi Apple iPad 4 in the pixel density stakes. I defy anyone to gaze at the Nexus 10’s screen, or listen to the sound from its front-facing stereo speakers, and not be thoroughly impressed.

It’s lighter and thinner than the iPad 4 too and more pleasant to hold thanks to it’s rounded shape. Probably harder to sue, too, for that same reason. If you want a 10in tablet for media consumption, this is the one you should buy.

Both Nexus tablets offer one sign-in syncing for your Picasa photographs, Google-bought books and movies, Google Docs and Drive content. This is cloud integration second to none. And don’t forget that Google Music has now arrived in the UK so you can upload 20,000 songs into the cloud too. And all for free.

For more information on any of the tablets mentioned in the article please contact our IT experts either call us on 0141 530 9116 or email at info@clicknetworks.co.uk for more IT support in or around Glasgow.

Read the full article here: http://www.theregister.co.uk/

Don't struggle to remember passwords!

Should you be secure and use lots of different passwords? Or is it more convenient and easy to remember just one or two?

Almost everything online needs a password these days: shop accounts social networking sites, university and email logins, banks, credit cards, insurance, savings and more. I don’t know about you – but I suspect I’ve over 50 different accounts and all the passwords for these need remembering somehow – and unless you’re a memory maestro that’s impossible.
Yet not doing it is a nightmare too – we’re constantly nagged to use different passwords. Those who chose convenience and used the same password for their PlayStation Network account as for their bank or other secure code, now know why it’s so important to use different passwords. They need to immediately change the password on their other accounts otherwise the criminal hackers may well have enough of their ID to utilise it (see PlayStation hack news for more on self-protection).

How to marry security and convenience.
Over the years I’ve developed my own personal system for keeping an easy but secure track of my passwords. I’m not saying it’s perfect I just thought it worth jotting down. I’m sure many others do similar things in parallel and I’d love to know your systems. 
I’ve described similar principles to what I do below, though with some details and techniques changed slightly for my own security. It may seem a little complex but actually as it’s developed organically over the years, it’s become an easy natural progression, though I accept it’d be more difficult to do it all in one go.

• Step 1: Establish a number of key words. 
  
  Pick words that mean something to you but aren’t obvious or guessable like relative’s names. The easy way to do this is to start with one or two, then once those are firmly embedded add more. But for the moment let’s say they’re established.  They should all start with different letters, for the sake of the example we’ll say they are:
  Random
  Spank
  Widget
  Acne

• Step 2: Establish a few key numbers.
  
  Try not to have obvious dates such as your date of birth – though something like 1874 (Churchill’s birth year) is fine. So here you have: 1874
  5012
  0191

• Step 3: Create passwords using a combination of both. 
  
  Use the words or numbers forwards or backwards, capitalised or not capitalised. This gives you a very large number of available different passwords even though you only need to remember a few words and numbers. For example: – Spank0191
  – 1874Widget
  – 2105acne
  – modnar5012
  – Random18

• Step 4: Note the password down IN CODE somewhere safe and convenient.
  
  Now just store the password safely in code somewhere in case it’s ever needed – never write the full words or numbers down anywhere, you need to remember those yourself. For example, the above passwords could be stored as… -S0  (ie, the word beginning with S then the numbers beginning with 0)
  -1W
  -Rev5 a  (ie, the numbers beginning with 5 in reverse, then the word beginning with a – but not capitalised)
  -Revr 5
  -R half 1 (ie, word beginning with R then half the numbers beginning with 1)

That’s my way. An alternative is to simply create yourself a grid for each password such as:
A  B  C  D  E  F  G  H  I  J  K  L  M  N  O…..ETC
3  D  A  F  U 2   1  P  R A  V 9  C   I   F
Here you remember just one key word, for example FAKE and you use that to look up the numbers in the password grid – here you’ll see its 23VU. 
To set this up initially you just need to write the alphabet out then put the code in under your key word and fill in the others with random letters.
This is a bit chunky to do, but it does mean you only need to remember one password to get encoded access to all the others. It’s probably most useful as a way of writing down pin numbers rather than passwords though.
OK those are some techniques, what are your tips? Ensure you don’t compromise your security in your response.

For more information on passwords or how to password protect your business and information contact the experts at Click Networks IT Support Team Glasgow on 0141 530 9116 or visit the website here: http://www.clicknetworks.co.uk/ 

To read the full article please visit: http://blog.moneysavingexpert.com

UK Businesses: 1 in 5 pounds from online sales!

Almost one in five pounds pulled in by UK business came through an online sale, the Office of National Statistics has found. Despite the fact 1 in 5 firms still don't have a website!

Nineteen per cent of UK sales revenues came through ecommerce, states the ONS's report on E-commerce and ICT activity in 2011. That means that e-sales pulled in £483 billion to the British economy in 2011. Ecommerce as a percentage of total UK sales revenue has crept up from 18 per cent in 2010.

Website sales to consumers were 5 per cent of total turnover in 2011, with the rest attributable to sales to business. The sector making most use of e-sales was Wholesale, which netted 31 per cent of online sales pounds from consumers, and 40 per cent of the UK's online sales revenue from business.
The manufacturing sector was making strong use of e-commerce too - taking 40 per cent of e-sales to business.

When it came to online consumer pounds, Britain's information and communication industry performed well, pulling in 16 per cent of the total pie. Retail took 14 per cent, Transport and storage took 10 per cent.

The construction, food and accommodation sectors saw the lowest percentage of their sales come through the internet.

The UK keeps its position as one of the most ecommerce-centric countries in Europe. In 2010 data the UK is joint fifth with Norway for penetration of ecommerce. Behind Finland, Sweden, Hungary and the Czech Republic at the top of the list, where 25 per cent of sales are conducted through the internet.

The ONS also found that 93 per cent of businesses had broadband internet and 81 per cent had a website.

 For more information on the benifits of a website to your business call and speak to our experts now on: 0141 530 9116 or email us at info@clicknetworks.co.uk  You can also visit our webiste to read more about our IT services and what we can do for your business, visit: http://www.clicknetworks.co.uk/ 

For the full story please continue reading here: http://www.theregister.co.uk/